Understanding and Managing Data Protection for Kubernetes in Enterprise Environments

The End-to-End Approach of Red Hat OpenShift

Table of Contents

  1. Summary
  2. The Challenge
  3. The Solution
  4. Red Hat OpenShift and Data Protection
  5. Conclusion

1. Summary

Over the last year we have moved past the initial enthusiasm and adoption phases of Kubernetes. Enterprises are moving their applications to production, and that means that every single application now has the same characteristics of any other enterprise application, including:

  • Service Level Agreement (SLA): The business doesn’t really know how or where the application is deployed, but that doesn’t change the fact that the IT team has to commit to respecting the SLA for that application, especially when it is critical for the business. This includes assuring the right recovery time objectives (RTO) and recovery point objectives (RPO) for business continuity.
  • User expectations to satisfy: Even when this is not part of the SLA, user experience is utterly important. Any service disruption or data loss not only damages the business but also degrades the user’s trust in the service. Long periods of downtime due to data retrievals, migrations, or day-to-day operations are likewise unacceptable.
  • Data protection and management: Above everything else, data is the most important asset for every organization and it must be properly protected. In a dynamic environment such as the one provided by Kubernetes and containers, the ability to make and manage copies of data and applications quickly is fundamental to supporting the speed of change required by modern software development methodologies.Compared to what was envisaged a few years ago, if we look at the reality of Kubernetes, there are very few stateless applications in enterprise environments today. Stateful applications are the standard, and there are several reasons for that.

Table 1: Data Protection and Management Scenarios for Kubernetes

Scenario Context Need
“Lift and shift” and application refactoring While not a best practice, it is common in enterprise environments to start adoption of new technologies with lift and shift migrations to standardize quickly on a new platform and then start the refactoring process later, depending on budget and business requirements. This approach and the implied evolving scenario bring several challenges to application and data protection that can’t be managed in a traditional way.

Some applications will become hybrid, mixing modern and legacy technology, meaning that data protection is even more challenging and needs to be orchestrated correctly.

Application and data mobility To provide application portability and mobility across on-premises and cloud infrastructures, developers can’t afford to build applications that rely on external data services that may not be available on other platforms (for example, Amazon AWS RDS is not available in other clouds). In this context, it is important to keep the application and its data together and manage them as a whole.

This includes the ability to understand all the individual components and take all the necessary actions to ensure data consistency through the entire process.

Data ownership and governance Most organizations are not ready to separate data from application ownership and manage them discreetly. Having data and applications together simplifies data governance processes and data protection, making it easier to identify application owners, manage tenants, and audit to enable quick action. Multi-tenant data protection and self-service become key factors in this scenario.

Security, of course, is a priority. While we always want to build for flexibility, we need all the necessary mechanisms to identify threats, limit risks of data theft, and create air gaps to mitigate attack.

At the end of the day, the adoption of Kubernetes in production environments creates new organizational and operational challenges around data that can’t be solved by traditional data protection methods. From this point of view, a new innovative approach is necessary. It has to bridge the gap between modern applications deployed on Kubernetes and traditional enterprise data storage practices and processes.

Red Hat, a leader in enterprise Kubernetes thanks to Red Hat OpenShift, has developed the right set of tools to face these challenges and respond to the most demanding business needs related to data protection for Kubernetes environments. Red Hat’s end-to-end approach to Kubernetes and data management enables users to protect data across multiple environments while providing a consistent set of enterprise-grade data services to accelerate data mobility, migrations, and disaster recovery.

Full content available to GigaOm Subscribers.

Sign Up For Free