September 1, 2022
Topics: Astra Advanced3 minute readKubernetes Protection
Modern applications often require a revisiting of what makes them modern. Could it be the components? Or is it more closely related to the architecture? What if it is a brand-new way of doing something? All of these are factors that play a part in how the application development cycle evolves. Think about the number of technologies that have caught on in the past few months. GitOps is revolutionizing the way we deploy and manage apps. While not every application or workflow lends itself to the principle, the design is sensible: everything is code. Resources are code. Applications are, as a result, code.
The adoption of the “everything is code” ideology introduces some interesting challenges, too. This is because modern apps are also typically complex -- why? As apps become more configurable, they also become harder to deploy and maintain. One such challenge introduced by Kubernetes is application protection. Business-critical apps tend to have a reputation of growing large and growing quick. What happens when your banking application has a specific way of locking down client access? I think it’s fair to say each application has its own unique way of preparing itself to be protected. This could mean quiescing writes, preventing reads, thawing a database, flushing in-memory data/tables to disk, putting an app in a specific mode, and so on.
Astra Control is NetApp’s answer to Kubernetes application data management. The latest release of Astra Control introduces a new app management workflow that provides improved flexibility when it comes to defining an application. It also includes changes to the execution-hook framework, which allows you to inject custom actions during app protection scenarios; these can be snapshotting, backing up, or app restores. This makes it possible for snapshots, backups, and restores to be handled seamlessly. Here is how:
- Astra Control allows you to define applications. Identify a Kubernetes app by the namespace it is deployed in or a label selector.
- You can also add an execution hook per app. Hooks are scripts that are injected into the desired application container, allowing for custom actions to be performed before and after a storage operation (snapshot, backup, restore) is kicked off.
We are also excited to announce that we are building a repository for providing recipes for protection popular cloud native applications called Verda. Verda has been released under the Apache 2.0 license with a goal to provide recipes to protect popular containerized applications in conjunction with Astra Control. Such recipes include custom actions that are application specific including but not limited to hooks/scripts for quiescing/unquiescing databases before and after taking a snapshot. This project will be expanded and maintained with new content for protecting popular cloud native applications with contributions from NetApp and the wider community at large.
Verda has a collection of reference execution hooks for popular cloud native data-intensive application building blocks such as MongoDB and PostgreSQL. Additionally, it also specifies other best practices for protecting these applications. We will curate, test, and maintain Verda with protection recipes for popular cloud-native applications based on user demand. We also encourage the wider user community to contribute protection recipes to Verda to make it quicker and easier for you to protect a wider set of cloud native applications using Astra Control.