Want a hard job? Try securing Kubernetes, everyone’s favorite container orchestration program. Even its parent group, the Cloud Native Computing Foundation (CNCF), in its recent Kubernetes security audit, recently reported that many Kubernetes security problems exist because its “configuration and deployment [is] non-trivial, with certain components having confusing default settings, missing operational controls, and implicitly designed security controls.” Druva, a cloud data protection and management company thinks it can help.
Druva’s new beta data protection service, offered through its Druva Cloud Platform, delivers application protection which can quickly recover, migrate, or clone Kubernetes workloads from a unified interface.
It’s designed to protect Kubernetes workloads against such data threats as user error, site outages, and ransomware attacks, the company states. Instead of adopting yet another point backup tool specifically for Kubernetes, businesses can protect Kubernetes applications and their underlying infrastructure within Druva alongside their existing workloads.
This is delivered as a Software-as-a-Service (SaaS). Its features include:
- Application consistent data protection
- Comprehensive application protection, including resources inside and outside Kubernetes clusters
- Secure SaaS management, with a platform built on Amazon Web Services (AWS) for global control
- Centralized protection, management, and compliance with self-service recovery for DevOps and application owners
- Unified protection for Kubernetes, data center, cloud, and device workloads
That’s important, said Stephen Manley, Druva’s chief technologist, because we still don’t have an easy-to-manage enterprise data protection solution to secure the entire application, including dependencies on external storage and databases. Sure, there are many Kubernetes data protection programs out there, such as the open-source Project Velero, but Manley claims, “existing protection tools are siloed and do not meet enterprise protection requirements.” In addition, Druva’s service administrators “can securely and seamlessly incorporate Kubernetes protection into their existing policies, while enabling application owners to recover, migrate, and clone applications when necessary.”
It does this by automatically taking, storing, and securing snapshots of the Kubernetes environment. You can use these to quickly and easily recover your applications. You can also use them to restore clusters to new locations for migration, cloning, or production workload troubleshooting. These backup snapshots can also be stored offsite to meet compliance requirements.
Manley added in an e-mail interview that “the Druva SaaS platform protects Kubernetes clusters running in our customers’ AWS accounts.” This includes AWS Elastic Kubernetes Service (EKS) clusters as well as clusters deployed manually in AWS. Druva, which contributes to the Kubernetes Data Protection Workgroup, protects the data and metadata of the applications in the customers’ clusters across accounts and regions, Manley wrote.
Phil Goodwin, an IDC research director who covers data management. likes Druva’s plan. “In the race to adopt containers, unfortunately, protection often gets left behind. Druva aims to offer a singular solution that can fold Kubernetes protection to an existing data management system, offering a compelling option for businesses expanding their use of container workloads.”
Druva customers can try this new data protection program by choosing the “Kubernetes” option in CloudRanger, Druva’s AWS backup and disaster recovery program suite. Early access will be available by the end of the year. If all goes well with the beta it will be widely available in the first half of 2021.
Amazon Web Services and the Cloud Native Computing Foundation are sponsors of The New Stack.