Introduction
Unleash the Power of Kasten K10 for Ultimate Kubernetes Backup! The dynamic nature of Kubernetes environments requires a backup and disaster recovery strategy. While Kubernetes excels at deployment and scaling, unforeseen events can disrupt operations and lead to data loss. Kasten K10 is the leading enterprise solution, specifically designed to keep your critical Kubernetes data. By leveraging Kasten K10, you can ensure seamless backup creation and recovery within your cluster and minimizing downtime.
Prerequisites
- Kubernetes(1.21–1.27)/OpenShift Cluster(4.8–4.14). You can deploy using some of our guides
- Linux VM / RHEL 8 VM.
- Object storage (S3,Azure Storage, etc…)
- Infrastructure Platforms (Sphere, OpenStack, AWS, etc…)
What is Kasten?
Kasten K10, the leading Kubernetes data management platform purchased by Veeam, offers businesses and developers the opportunity to protect their native applications in the cloud. Unlike traditional backup solutions, Kasten stands out with its app-aware backups. This translates into a deeper understanding of your Kubernetes applications, capturing not only data but also their critical state and configuration. The result is efficient backups and detailed restores that occur quickly whenever needed. Kasten also strengthens your security with built-in disaster recovery features and application portability to seamlessly migrate workloads across different environments, whether in the cloud or on-premises.
You can read more about that on the website, https://docs.kasten.io/latest/.
Procedure
Installation of the Kasten K10 for Kubernetes Backup
Kasten offers an efficient installation process optimized for Kubernetes environments. You can choose between two main methods: steering wheel charts and operator layout. For a more automated and user-friendly experience, deploying operators leverages Kubernetes operators to guide you through installation and manage Kasten for you. Wheel charts, on the other hand, provide a command-line-driven approach, ideal for those who are comfortable with a more manual setup. While the specific steps may vary depending on your Kubernetes platform (e.g., AWS EKS, Red Hat OpenShift), Kasten’s comprehensive documentation provides detailed guides for each scenario, ensuring a smooth installation regardless of your chosen method.
For this example, we will be using Helm to install it in the OpenShift environment. In our scenario, it’s important to know which version of Kasten you need; it’s dependent on your Kubernetes version and OpenShift version if you work with it.
In the first step, you need to create a namespace and secret in the kasten-io namespace. The secret contains a value created by the htpasswd utility with the user “admin” and password “admin”.
Kasten-namespace.yaml
apiVersion: v1
kind: Namespace
metadata:
name: kasten-io$ oc create -f Kasten-namespace.yamlk10-admin-secret.yaml
apiVersion: v1
kind: Secret
metadata:
name: htpasswd-k10
namespace: kasten-io
data:
admin:YWRtaW46YWRtaW4=
Type: Opaque$ oc create -f k10-admin-secret.yamlAfter creating the namespace and secret, make sure the Kasten images are available in each of the repositories (i.e., Quay, etc.). The list of images must be downloaded from a repository like this: registry.connect.redhat.com/kasten because these images are verified to run in your environment; otherwise, some images may fail to be created because of an unsupported security context configuration.
Example of image list for K10 v6.5.14
registry.connect.redhat.com/kasten/aggregatedapis v6.5.14
registry.connect.redhat.com/kasten/auth v6.5.14
registry.connect.redhat.com/kasten/catalog v6.5.14
registry.connect.redhat.com/kasten/configmap-reload v6.5.14
registry.connect.redhat.com/kasten/controllermanager v6.5.14
registry.connect.redhat.com/kasten/crypto v6.5.14
registry.connect.redhat.com/kasten/dashboardbff v6.5.14
registry.connect.redhat.com/kasten/datamover v6.5.14
registry.connect.redhat.com/kasten/dex v6.5.14
registry.connect.redhat.com/kasten/emissary v6.5.14
registry.connect.redhat.com/kasten/events v6.5.14
registry.connect.redhat.com/kasten/executor v6.5.14
registry.connect.redhat.com/kasten/frontend v6.5.14
registry.connect.redhat.com/kasten/garbagecollector v6.5.14
registry.connect.redhat.com/kasten/gateway v6.5.14
registry.connect.redhat.com/kasten/grafana v6.5.14
registry.connect.redhat.com/kasten/init v6.5.14
registry.connect.redhat.com/kasten/jobs v6.5.14
registry.connect.redhat.com/kasten/k10-operator v6.5.14
registry.connect.redhat.com/kasten/kanister v6.5.14
registry.connect.redhat.com/kasten/kasten/kanister-tools v6.5.14 registry.connect.redhat.com/kasten/metering v6.5.14
registry.connect.redhat.com/kasten/kasten/metric-sidecar v6.5.14 registry.connect.redhat.com/kasten/logging v6.5.14
registry.connect.redhat.com/kasten/kasten/repositories v6.5.14 registry.connect.redhat.com/kasten/restorectl v6.5.14
registry.connect.redhat.com/kasten/kasten/state v6.5.14 Now, you need to fetch the specific version of the Kasten chart.
$ cd /kasten
$ helm repo add kasten https://charts.kasten.io/
$ helm pull k10 kasten/k10 --version 6.5.14In the final step, install the helm chart. For more options, please click on this K10-Helm-Installation.
$ helm install k10 ./k10 --namespace kasten-io \
--set global.airgapped.repository=registry.connect.redhat.com/kasten \
--set metering.mode=airgap \
--set secrets.dockerConfig=$(base64 -w 0 < ${XDG_RUNTIME_DIR}/containers/auth.json) \
--set global.imagePullSecret=k10-ecr \
--set scc.create=true \
--set route.enabled=true \
--set auth.basicAuth.enabled=true \
--set auth.basicAuth.htpasswd=admin:admin \
--set auth.basicAuth.secretName=htpasswd-k10 \
--set prometheus.server.enabled=false \
--set grafana.enabled=false \
--set injectKanisterSidecar.enabled=true \
--set-string injectKanisterSidecar.namespaceSelector.matchLabels.key=test \
--set siem.logging.cloud.awsS3.enabled=false \
--set siem.logging.cluster.enabled=false \
--set kanisterPodMetricSidecar.enabled=falseConfigure of the Kasten
When the pods of the Kasten are ready, please enter the route or ingress URL of the dashboard.
Once the dashboard is configured, you will be prompted to provide an email and company name that will be used when accessing the dashboard.
The first launch of the main page shows empty fields for Policies, Usage & Reports, Activity, and Actions.
Once defined, these fields start to show information that will be used in later stages, i.e., backup or restore actions.
After setup and some activity, the main page may look like the following:
Once you log in to the main page, you need to add a license (Profile and Infrastructure).
The profile definition links to the storage K10 uses to move data (workloads) between clusters. From the dashboard, choose Settings → Locations → New Profile. And fill in the empty options that you need.
Also, The infrastructure Profile defines how Kasten interacts with an external infrastructure provider for purposes like backup storage or disaster recovery.
When you finish adding the profiles, your Kasten is ready.
How to backup and restore in Kasten K10
The backup operation may be performed by either, by the Snapshot, Export or by creating (and execute after) the backup Policy.
When you’re using Snapshot This operation is local to the cluster, and it’s manual operation, so it cannot be scheduled in contrast to the backup by the policy.
How to create Snapshot
Use: Dashboard → Applications → [application-name]> [context menu (1)]> [snapshot (2)]
Snapshot configuration options
Then next screen opened is configuration options of the snapshot.
The most important steps are:
1. Snapshot all resources – Allow either, select all or customize resources for snapshot.
2. Location Profile – Select the storage for snapshots. 3. Snapshot Application – Starts the snapshot process.
When the is Successful backup operation it looks like this:
How to create Policy
This operation is local to the cluster. The policy action is a snapshot. It may be performed as either manual or scheduled operation, in contrast to the snapshot, which is manual.
Use: Dashboard> Policies> [Create New Policy (1)]> [Action (2)]
The creation process of snapshot policy may look like the following:
- Policy name
- Action – snapshot
- Backup frequency – the operation may be scheduled at desired date/time/rate, the “On Demand” option means manual execution.
- Enable Backups via Snapshot Exports. This option creates a restore point on the source cluster and may be used later for local restore on the same cluster or exposed using an export operation for remote restore on the target cluster.
- Select Application. May be selected by name label etc., while several applications may be added to policy.
- The application resources – may be included without restrictions or filtered by specific requirements, see example in screenshot.
- Filtered resources. When defined, the resources may be included in (or excluded from) a snapshot operation, see example in screenshot.
- Profile for external storage (S3/NFS) when snapshots from source cluster stored.
- Creates a configured policy.
Once created, the snapshot policy can be executed.
Use: Dashboard> Policies> [Policy name (1)]> [run (2)]
How to restore Kasten K10 backup and resources
The restore operation may fall into two main scenarios:
- Local – Restore on the source (the same) cluster.
- Remote – Restore on target cluster different from source.
For Local Restore:
An existing application, Use: Dashboard> Applications> [application-name]> [context menu (1)]> [Restore application (2)]
Next, select snapshot (restore point) to restore from:
Then, in case the snapshot was exported, choose between local (1) or exported (2) snapshot. Actually, they may be the same if taken at the same point of time:
And finally, the restore may be performed.
The namespace may be the same or other namespace (1). Additional options may be selected as well, including transformations of the resources included in snapshot (2).
For Remote restore:
To move workloads/data between clusters, and when the application yet not exist on the target cluster, the import policy is used. The import policy may be created as follows:
- Policy name
- Action – import
- Advanced options. For example, the “Restore After import” option creates a restore point on the target cluster and may be used later for local restore on this cluster.
- The application resources – may be restored without restrictions or filtered by specific requirements, see example in screenshot.
- Filtered resources. When defined, the resources will be excluded from restore operation, see example in screenshot.
- Import scheduler – may be scheduled or performed “by demand” – manual execution.
- The Unique ID of export operation on source cluster, identifier of snapshot on external storage.
- Profile for external storage (S3/NFS) when snapshots from source cluster stored.
- Creates a configured policy.
Once created, the import policy can be executed.
Use: Dashboard> Policies> [Policy name (1)]> [run (2)]
Summary
Unleash the Power of Kasten K10 for Ultimate Kubernetes Backup! This post unveiled the capabilities of Kasten K10, the industry-leading solution designed specifically for safeguarding your Kubernetes data. Kasten K10 empowers you to create comprehensive backups and streamline disaster recovery, minimizing downtime and ensuring business continuity. Embrace the power of Kasten K10 and unlock the ultimate solution for securing your Kubernetes deployments.
