Why You Need to Implement a Cloud Native Data Protection Solution
Containers enable applications to run virtually anywhere and create predictable dev/test environments, significantly increasing productivity and agility. However, one major challenge in container adoption is protecting these modern, cloud native workloads. While your developers create their modern applications and data sets, orchestrated by their choice of data service for Kubernetes containers, they need to protect your container applications end to end as well.
Consider the following hypothetical scenario:
Imagine you are the Chief Digital Officer for a major Fortune 500 company. Your business case has been approved and you have budget sanctioned for a new SaaS-based offering that augments your company’s core products and services. You hire a team of developers to lead this software project and build it using the most recent key advances in cloud native technologies (i.e. Kubernetes and containers), microservices, DevOps and Agile.
The project is a huge success with your customers, and the platform stores all the key customer data and transaction data in containerized deployments. You follow CI/CD best practices, and developers constantly check-in and check out code and deploy it directly into the production environment. Due to the popularity of the platform, you have huge volumes of data stored in the cluster. One day, a software team member accidentally uploads the wrong version of software that passes the tests and it is deployed in production. Unfortunately, the database doesn’t support that version of code and as a result, the data gets corrupted.
You want to roll back the previous version of code that was deployed a couple of hours ago. Yet, the database can’t roll back because you haven’t backed up the data. To add salt to the wound, you haven’t thought to back up the environment because you assumed cloud native deployments are disaster-proof, thanks to a guarantee of five-9’s availability from your cloud provider. However, this guarantee doesn’t include safeguarding your data from corruption.
Ask anyone at Dell Technologies and we will tell you that data corruption happens more often than you think. Corruption can occur due to any number of reasons — such as highly available applications writing concurrently to the data because each assumed the other instance was down (since the two instances couldn’t get the health check response), lack of partitioning, and more. Yet, corruption isn’t the only threat that your data faces. In fact, there are a myriad of potential threats — such as malware, hardware failures, power failures, and others. These all make data protection necessary for any organization.
However, protecting cloud native applications is significantly different from protecting traditional applications. For one, the traditional 3-tier enterprise applications have DBAs, SAs and Backup admins all working together to ensure data hygiene, making periodic backups and testing restores, and ensuring key recoverability SLAs are met — including RPO and RTO.
In a modern application development methodology, each microservice independently manages their own database instance — which can either be Relational (such as MySQL, Postgres) or Object (such as MongoDB, Cassandra, etc.). There are hundreds, if not thousands, of such microservices that make up your application, and the challenge with traditional backup applications is that they haven’t been designed with this kind of usage in mind.
At Dell, our approach has been to create a cloud native solution from the ground up that interacts with the Kubernetes plane directly and is deployed in the cluster. In addition, we perform a full discovery through our enterprise-grade UI allowing IT Ops and SREs to manage the protection of these environments centrally; and automatically discover applications and assign protection policies that include creating a schedule, a retention period and replication. Additionally, the individual microservices or DevOps teams can tag these applications in terms of their criticality. Then the applications automatically get assigned to the appropriate backup policy. For example, an application that performs hundreds of transactions every hour needs an hourly backup policy with more stringent RPO/RTO, compared to a different application that doesn’t have such stringent requirements and can have a more relaxed policy.
Implementing a cloud native data protection solution assures your digital business team that their applications are safe and they can continue their agile development model with CI/CD, knowing that Dell EMC PowerProtect Data Manager will be there to restore in case anything fails. Additionally, this also ensures against security threats such as Malware and Ransomware, which will be covered in a subsequent post.