Kasten and AWS: Kubernetes Backup and Mobility for Bottlerocket Launch
Kasten K10 Data Management Platform Provides Increased Security and Operational Ease for Kubernetes Application Backup and Mobility on New Open-Source OS for Containers built by Amazon Web Services
Announcing the Kasten K10 data management platform support for Bottlerocket, a new open-source operating system purpose-built for hosting containers, created by Amazon Web Services (AWS). This reflects the latest collaboration between Kasten and AWS, and builds on our existing relationship to provide customers with a scalable foundation, adding an additional layer of protection. Kasten’s K10 data management platform runs on AWS and is integrated with several AWS services including Amazon EBS, Amazon RDS, and IAM. Enterprises use K10 to perform critical functions like application-centric backup and granular recoveries of their Kubernetes applications running on AWS with Amazon EKS, as well as other Kubernetes distributions like Red Hat OpenShift.
Read on to learn more about this latest development and understand the benefits of Kasten K10 on AWS, so as to provide operations teams Kubernetes application backup and mobility capabilities.
The Kasten K10 data management software platform has been purpose-built for Kubernetes and can also be seamlessly deployed with Amazon EKS. K10’s application-centric approach and deep integrations with relational and NoSQL databases, storage systems, and Kubernetes distributions provide for backup/restore and mobility of your entire Kubernetes application. K10, with operational simplicity as a core tenet, makes Kubernetes application mobility and backup as easy as 1-2-3.
Kasten K10 Integrations with AWS
Cloud-native technologies like Kubernetes and operational practices including GitOps have brought immense benefits of feature velocity and productivity. However, backup remains a critical need, not only for regulatory and compliance reasons but also as the last line of defense in organizations facing an increasingly hostile cyber environment. To provide a Kubernetes-native experience for application backup and mobility, Kasten K10 is integrated across several AWS products including:
- Storage Integrations: including direct integrations with Elastic Block Store (Amazon EBS) for optimized snapshots, Elastic File System (Amazon EFS) including cross-region/zone support, Simple Storage Service (Amazon S3) for durable storage, and IAM for seamless security.
- Database Integrations: pre-created and extensible database-aware blueprints (e.g., Amazon RDS) for enhanced application backup and restore consistency when storage level snapshots are not appropriate.
- BYO Kubernetes Distribution: integrations and support for Kubernetes distribution that run on AWS infrastructure – for e.g., Red Hat OpenShift, upstream Kubernetes.
- Amazon Elastic Kubernetes Service (Amazon EKS): Kasten K10 integrations with EKS span across IAM role mapping, cross-region/cluster/account support for application mobility and disaster recovery.
- AWS Marketplace: K10 is available on AWS Marketplace and allows for a simple install and flexible billing options including free tiers, pay-as-you-go.
Kasten K10 on AWS: Backup and Mobility Benefits
The result of these rich integrations enables:
- Easy backup/restore for your entire application stack to make it easy to “reset” your application to a good known state
- Disaster recovery of your applications in another cluster, region, or cloud
- Application portability across unfederated clusters in a secure and scalable manner
A sample deployment example that shows Kasten K10 running in EKS clusters in its own namespace is shown below. In this example, Kasten K10 provides application backup and mobility capabilities with the following tenets:
- Treat the application as the operational unit. This balances the needs of operations and development teams in cloud-native environments. Kasten’s data management solution works with an entire application and not just the infrastructure or storage layers. This allows your operations team to scale by ensuring business policy compliance at the application level instead of having to think about the hundreds of components that make up a modern app. At the same time, working with the application gives your developers power and control when needed without slowing them down.
- Create scalable and resilient backups. Kasten K10 integrates with the Amazon S3 (and other target stores) so that your applications can be stored as a true backup in a fault-domain that is separated from primary storage and has the cost efficiencies to afford long term retention. The data efficiently transferred by K10 using techniques like dedup and change-block-tracking.
- Seamless Migration: The ability to move an application across clusters is an extremely powerful feature that enables a variety of use cases including Disaster Recovery (DR), Test/Dev with realistic data sets, and performance testing in isolated environments. In particular, the K10 platform is built to support application migration and mobility in a variety of different and overlapping contexts:
- Cross-Account: (e.g., AWS accounts, Google Cloud projects)
- Cross-Region: (e.g., US-East to US-West)
- Cross-Cloud: (e.g., Azure to AWS)
Kasten K10 with Bottlerocket
Built by AWS, Bottlerocket is a free and open-source Linux-based OS focused on security and maintainability, providing a reliable, consistent, and safe platform for container-based workloads that can also be used with Amazon Elastic Kubernetes Service (Amazon EKS).
K10’s integration with Bottlerocket now enables enterprise operations teams to:
- Reduce attack surface: Further protection is added by a reduction in the amount of software included in the operating system (Bottlerocket). This eliminates components that can be used in executing or escalating an attack like a shell, interpreters like Python, and even SSH. K10’s deep integration with AWS services like Amazon Elastic Block Store (Amazon EBS), Amazon Relational Database Service (Amazon RDS), AWS Identity and Access Management (IAM), RBAC for secure operations, and end-to-end encryption further enhances the security posture.
- Increased operational ease: Bottlerocket uses an image-based update system instead of package-by-package updates, to make the operating system more consistent and predictable. K10 provides policy driven automation that includes forward looking backup and DR policies. This allows automatic protection of applications as they are introduced into the Kubernetes cluster.
- No development overhead: Bottlerocket uses containers as its container runtime, which is conformant with the Kubernetes CRI; developers can take existing containers and run them on Bottlerocket without modification. K10 automatically discovers all the application components running on your cluster and treating the application as the unit of atomicity without requiring development changes. The application, including the state that spans across storage volumes, databases (NoSQL/Relational), and configuration data included in Kubernetes objects such as config maps and secrets, can be seamlessly protected with K10.
“Security and scale are some of the top priorities for customers running container-based workloads,” said Peder Ulander, Director, Open Source, AWS Marketing, Amazon Web Services, Inc. “Our latest collaboration with Kasten builds on our existing relationship to address these priorities for mutual customers. Kasten K10 for Kubernetes application backup and mobility features work on Bottlerocket’s OS to provide customers with a scalable foundation, and adding an additional layer of protection.”
GET STARTED TODAY!
- Try the fully-featured and free Edition of Kasten K10 with this super-quick install in <10 minutes.
- Watch and read customer webinars and case studies.
- Dive into a step-by-step example of PostgreSQL backup and restore on AWS as outlined in this post.
Gaurav Rishi is Head of Product at Kasten. He previously led Strategy and Product Management for Cisco's Cloud Media Processing business. In addition to launching multiple products and growing them to >$100M in revenues, he was also instrumental in several M&A transactions. An engineer at heart, Gaurav is a computer science graduate and has an MBA from the Wharton School.