Organizations are moving away from large applications to small service-based models, such as Azure Kubernetes Service (AKS), so that you can upgrade, scale, and manage each component independently (with backward compatibility). As AKS is becoming our new norm for deploying applications, it is important to have a safety net for applications running on Kubernetes. The AKS best practices guidance clearly calls out the need for backup, stating that you should “Back up your data using an appropriate tool for your storage type” and “Verify the integrity and security of those backups”.
Here are some of the common scenarios that can lead to data loss or recovery challenges.
The application data (persistent volumes) needs to be protected along with additional cluster resources and configurations. When applications store and consume data persisted on files, you should do regular backups or make snapshot copies.
Astra Control Service gives you the capability to protect your applications that run on AKS and leverage Azure NetApp Files for storage. It also gives your organization the capability to run high-performance and throughput workloads with the highest level of data protection.
It is simple to get started and takes just a few minutes to achieve data protection. In this blog, we use a document management portal as a demonstration application, which allows you to upload documents of any size and stores the associated metadata on a MySQL database. The setup requires the following pre-requisites:
You can create an AKS cluster either by using the az aks create command or from the portal. By using the kubectl command, you can manage an AKS cluster and after creation, you can connect to the cluster by using the following commands from the shell:
az account set --subscription a03cfa5e-a235-4b83-9945-6aafa420e1e4
az aks get-credentials --resource-group neemo.rg --name nimo-demo-astra
kubectl get nodes -o wide
After you log in to the Azure Portal and access Azure NetApp Files, you verify that you have access to the Azure NetApp Files service and register the Azure NetApp Files Resource Provider by using the az provider register --namespace Microsoft.NetApp –wait command. After registration, you create a NetApp account and a capacity pool with the required size and verify that you have configured a delegated subnet with the appropriate routes in place.
You can run the application by using two manifests that include the following Kubernetes deployments:
This creates the following two Kubernetes services:
Now you can perform the following steps to complete the deployment:
Your system displays output similar to the following:
When the application is running, AKS exposes the application front end to the internet which can take a few minutes to complete. You can see the document management portal in action by opening a web browser to the service external IP address.
When the application is running, it is important to protect the data with appropriate recovery points by using the following procedure in the intuitive UI provided by Astra.
Note: Astra requires an Azure Service Principal account with Contributor role access to the subscription hosting the Kubernetes clusters.
Note: Astra Control Service automatically creates a blob container for application backups, creates an admin account on the cluster, and sets the default storage class that was specified. This process takes approximately five minutes.
After the compute is discovered and the applications are installed, you can set up the protection policy. With Astra Control, you can manage applications at the namespace level or by the Kubernetes label. To quickly manage an application, simply select Apps and from the dashboard select Discovered > Manage.
You can also protect the applications by using an automated protection policy to take snapshot copies and backups, or on an ad hoc basis. Astra recognises the MySQL application, and it is quiesced before a snapshot copy or backup operation so that an application-consistent snapshot copy or backup is taken.
The snapshot copy process leverages the snapshot copy technology which provides a point-in-time copy of the application. It is stored on the same provisioned volume as the application and can be used as quick recovery points. The snapshot copy process takes minutes and, regardless of size, has zero impact on the volume performance or network bandwidth. On the other hand, backups are stored on a blob container in Azure. The backup operation can be slower to complete compared to the local snapshot copies because there is data movement to the associated blob. However, you can access them across regions in the cloud to support application migrations.
We recommend that you create a protection policy to meet your service level agreement, the associated recovery point objective, and the recovery time objective time. You can easily do this from the portal by selecting Apps > Data Protection > Configure Protection Policy. This provides a safety net and gives you the capability to recover your data from your snapshot copies or backups, depending on the disaster scenario.
Now let us simulate a disaster scenario where a namespace is accidentally deleted.
In this scenario, you can use Astra Control Service to restore the application configuration and persistent storage from a snapshot copy or backup with two steps, by first selecting the appropriate snapshot copy and then confirming the operation. After you complete these steps, you should see that the document manager namespace is back and the docmgr and mysql pods are running again.
To verify that the data was not lost, start up the docmgr UI and verify that the documents were uploaded before the namespace was deleted.
In this blog, we discuss the importance of backing up data and having a good disaster recovery strategy to help you recover from time consuming and wrenching data-loss occurrences. We also describe a demonstration application. In conclusion, based on your deployment model and the state of the application, you can protect any service-oriented application by using Astra Control.
Astra Control Service provides rich features that give you the capability to better manage your data. To access this fantastic service and learn how easy it is to manage, protect, clone and restore your data, get started today with our free plan.