Kubernetes is fundamentally changing IT and Modern Data Protection

By Chris Norton, Veeam Software’s Regional Director: Africa

As cloud storage and backup become ubiquitous, new technologies that run cloud-based applications and enable operability when systems go down or are hacked are set to change the IT industry.

Cloud storage and backup have also significantly changed data protection, with backup and recovery and data management just a starting point for companies seeking to implement a comprehensive Modern Data Protection strategy.

Most companies today utilise hybrid models of data storage and backup. These include cloud and cloud-native options, virtualisation and data storage in businesses on-premises private networks. Choosing the right hybrid option for your business and ensuring that data is secure, wherever it is stored, demands careful consideration.

In the early 2000s, companies primarily stored data on private networks, with backups placed inside firewalls on those networks. By then, virtualisation technology had also become popular. It enabled companies to virtualise physical machines, giving them the means to instantly failover to restore data to a machine of their choice in the event of hardware or server failure. These technologies allowed businesses to have complete control of data and network management.

With the advent of cloud and multi-cloud environments, decisions about where to store your data, critical applications and backups have become more complex. Many businesses now utilise the business services and the data storage facilities of local cloud providers and hyperscalers such as Google Cloud, Amazon Web Services and Azure rather than having their own technology infrastructure or data centres. There are sound Capex vs Opex and resourcing arguments for doing so. However, though these businesses no longer control their own networks, they remain responsible for the security and availability of their business data, making data protection as critical, if not even more so, than ever.

Today, more than mere data backup and recovery is needed to ensure business resilience. Organisations need to make certain their businesses can remain operational when things go wrong. For example, their cloud service has gone down, they’re experiencing a technical issue, or the company has been hacked by cybercriminals who have deleted their backup, encrypted their data and are demanding a ransom to unlock it. Such cybersecurity threats are on the rise and could destroy a business. Thankfully, new technologies and backup services exist to help ensure companies can overcome these obstacles almost immediately and get the business back up and running quickly.

One such technology is Kubernetes, the next iteration of virtualisation and a platform for creating cloud-enabled applications via containers (a lightweight, unchangeable infrastructure for application packaging and deployment). Veeam believes this technology is a game-changer for the IT industry. It enables a very agile environment for workloads when it comes to operability, data recovery, mobility and portability.

When computers first emerged, the technological capability allowed one physical machine, with one operating system (OS) and one application on it, resulting in data centres with many physical machines. The virtualisation technology that came along next allowed one physical machine to run many operating systems (OSs) and multiple applications on top of that.

Kubernetes ups the power and productivity of physical machines further still. You have one physical machine, one operating system and lots of ‘containers’ that sit on top of that operating system. A container abstracts at the operating system level. These containers hold an image of an application complete with its full runtime components from the operating system that it uses to work.

From a data recovery standpoint, this means an application can start on its own almost immediately without needing to start the entire operating system. And because the container is only a few megabytes in size, businesses have the ability to collapse and rebuild their environments very quickly and easily. The small container size also means it can easily be moved from one platform to another – from a physical environment to a virtual environment, to the cloud, to multi-cloud environments and back again. This agility and mobility mean organisations can create as many containers as needed without having to build a vast, customerfacing front end.

A container can, for example, contain a business service you offer. The Kubernetes platform enables businesses to operate on an on-demand basis, upscaling containers-based services in times of high demand and downscaling again when demand flattens or normalises.

Microservices offered in the application can also be easily updated without having to take the application offline. You just clip out a microservice from a container, update the code and then clip it back in. That service may be unavailable for a few minutes, but the application continues to run.

To build a resilient cyber environment, organisations must pay attention to the resilience of their backups. While Kubernetes provides flexibility, agility, portability and mobility, it is critical that Kubernetes environments are protected and that businesses can backup their containers sufficiently. Many CTOs and CIOs won’t move mission-critical apps to the cloud if these can’t be secured.

By creating a secure backup of the Kubernetes container comprising the application and all its necessary components, you can restore the backup to the platform of your choice. There is also an option to instantly restore from this secure backup without the need for human intervention and thereby minimise downtime.

A secure backup must be an air-gapped solution, with no connection between the backup and the core infrastructure. The backup must also be immutable, so it can’t be written over or altered. We always advise our customers to timelock their backups so that these may be seen, read, used and restored, but not altered for the period it is locked.

Modern Data Protection needs a good backup strategy. We recommend using the 3-2-1-1-0 strategy – three copies of your data, two on different media in different media types, and one offsite copy. The offsite copy is immutable (1) and has been scanned for zero errors (0) so that on restore, you don’t recover any vulnerabilities.

Whatever hybrid-cloud strategy organisations adopt, they must guard against single points of failure, vendor lock-in and have a clear view of the recovery timeframes essential for business survival. The first protects them from being vulnerable to avoidable disruption, the second enables them to build and take advantage of the right technology solutions for their business needs and the third means their backup and recovery strategy should maintain data protection and business productivity. That way, whatever cloud service they deploy, any outage or attack shouldn’t spell disaster for the business and the organisation should be able to operate.

Finally, when deciding which technologies to employ in your business, you should always remember that the technology is there to support the business and create flexibility, opportunity and advantage rather than hinder it.