Securing containers properly – Kubernetes backups require a new backup approach

Storage-as-a-Service: Weniger Stress für IT-Teams

Container Backup

Core business applications are increasingly dependent on containers

The events of the last 18 months have forced IT teams to reevaluate much of their existing infrastructure and the way they work. An important technology area that has experienced real growth is Kubernetes. A study by Portworx by Pure Storage found that 68 percent of IT professionals have increased their use of Kubernetes as a result of the pandemic. The main goal was to speed up the deployment of new applications and strengthen automation. Both are crucial to reach companies and employees where they are today.

Pure Storage explores the question: why is this so? Due to their elegant concept, the use of containers and Kubernetes allows more ambitious use of computing resources. Another advantage of containers is that they are always executed in the same way, regardless of the place of use, be it on a laptop, a local server, a public cloud, on Linux or Windows. In fact, 95 percent of new applications are now being developed in containers.

However, this latest increase is taking place against the background of an increasing threat situation: in the first six months of 2021, ransomware attacks have increased by 151 percent worldwide. When it comes to business-critical data stored in containers and Kubernetes, steps must be taken to prepare for a quick recovery to avoid downtime, a bad customer experience or SLA penalties. However, it is important to remember that data backup is different for containers and Kubernetes, Pure Storage says.

Traditional data backup solutions cannot cope with Kubernetes

Traditional server-based data backup methods are not scalable to the extent that Kubernetes requires. According to a survey by ESG, 75 percent of respondents mistakenly believe that containers can be secured in the same way as traditional applications, even if some existing backup solutions promise Kubernetes support.

Backups are traditionally focused on a server or a VM. This does not work for containers, as they run distributed, often over several servers with different storage targets. Many conventional backup software solutions are also older than Kubernetes and therefore do not support key concepts such as “namespaces” and configuration.

When choosing a modern Kubernetes backup solution, it is important to ensure that it supports hybrid and multi-cloud environments and builds a bridge between on-premises and various cloud operators. It should also cover various backend storage systems, such as local disks, enterprise arrays, flash arrays and cloud storage, but also have the ability to recover in various Kubernetes environments. Unfortunately, the capabilities of traditional backup solutions are quickly put to the test if they are to meet all these requirements at once.

Containers require a completely different backup approach

Securing business-critical Kubernetes applications in highly dynamic environments requires a completely different approach that has container granularity, comprehensive Kubernetes support, and multi-cloud capability. A modern platform for Kubernetes data services is designed from the outset for these complex environments in order to meet the special requirements of Kubernetes. Such a solution works on a container-granular basis, is namespace-capable and application-consistent. In addition, it must enable the backup of data and application configurations and be optimized for a multi-cloud world.

This backup platform provides granular, role-based access controls that can be integrated with internal authentication systems such as LDAP and Active Directory to provide a secure self-service experience. Users and user groups can be assigned to specific roles, while administrators can control the permissions and level of user access in the backup environment. Administrators also need informative dashboards for backups in the container environment. These should not only show the backup status of the applications, but also make things such as namespaces and labels visible to simplify backup management.

Integration and cross-compatibility with the most important hyperscalers, such as Microsoft Azure, Google Cloud Platform, Amazon Web Services and VMware Tanzu, are also crucial. The native CSI integration can then be used to secure applications running on these and other platforms supported by CSI.

Comprehensive backup technology for Kubernetes

Containerized applications are becoming increasingly important for the provision of modern data and applications. At the same time, Kubernetes, with its simple scalability, portability and fast iteration cycle, is particularly effective for enabling rapid developments and innovations. To ensure that these important building blocks of a modern infrastructure do not remain unprotected, IT managers must pursue an appropriate backup strategy. According to Pure Storage, this must be able to move configuration information and ensure that Kubernetes can launch the applications seamlessly in the new environment.

Once set up, companies can confidently and securely use the advantages of containers to shorten the time to market for software projects, reduce infrastructure costs and increase software quality.

Ready to see us in action:

More To Explore
Enable registration in settings - general
Have any project in mind?

Contact us: