Kubernetes Backup and Restore of application in Amazon S3 with Veeam Kasten

In enterprise and disaster recovery ecosystem, Veeam Kasten is considered a powerful data management and protection platform designed specifically for Kubernetes environments. Built with cloud-native principles, Veeam Kasten integrates seamlessly with Kubernetes and supports various storage systems, databases, and cloud platforms. It features an intuitive, policy-driven interface that simplifies complex data management tasks, making it accessible to both DevOps teams and IT administrators.

Key features of Veeam Kasten include:

• Backup and Recovery: Automated and policy-driven backups with consistent recovery for Kubernetes applications.
• Application Mobility: Easy migration and cloning of applications across different Kubernetes clusters or cloud environments.
• Disaster Recovery: Tools to implement failover and failback strategies, ensuring business continuity during outages.
• Multi-Cloud Support: Compatibility with major public clouds like AWS, Azure, and Google Cloud, as well as on-premises environments.
• Ease of Use: A user-friendly dashboard and API for managing backup policies, scheduling, and recovery operations.
• Scalability: Designed to handle the dynamic and distributed nature of containerized applications at scale.

One of the most used features of Kasten Veeam is dynamic backup and restore of the applications deployed in a Kubernetes cluster. In this series, we will go through a simple concept of recovery of a Deployment with two replicas, having the Kubernetes objects exported in a AWS S3 Bucket.

Our journey starts with Kasten Veeam installation in a Linode Kubernetes Engine cluster with 4 Nodes. Needs to mention that from license perspective, Veeam Kasten came in two versions:
- Community Edition
- Enterprise Edition
With our demonstration, we’ll work with the community edition where we have a limitation of using a maximum 5 Nodes in Kubernetes cluster.

Prerequisites:

Kubernetes cluster with CSI Drivers installed and optional csi-snapshotter for backup of the PV/PVC

• AWS S3 Bucket that will be configured in Kasten Veeam Location Profiles and will be used for exporting the backup objects.
• AWS IAM user configured with programmatic access

Application running in Kubernetes cluster consist of a Deployment with two Replicas based on nginx public image. For creating this resource, following command will be used:

kubectl create deployment webapp --image=nginx --replicas=2 --port=80

Installation of Veeam Kasten is a straightforward process that is very well described in the official documentation. In the following section you’ll find an automation script that will download the CLI tool, runs a prerequisites assessment on existing cluster, adding Helm repository and installing the components of the Veeam Kasten platform.

#!/bin/bash

echo "Veeam Kasten - Installation script"

wget https://github.com/kastenhq/external-tools/releases/download/7.5.2/k10tools_7.5.2_linux_amd64.tar.gz
tar zxvf ./k10tools_7.5.2_linux_amd64.tar.gz

sudo mv ./k10tools /usr/local/bin

echo "Running the initial checks on Kubernetes"
k10tools primer

helm repo add kasten https://charts.kasten.io/

kubectl create ns kasten-io
helm install k10 kasten/k10 --namespace=kasten-io

kubectl --namespace kasten-io port-forward service/gateway 8080:80

echo "Use:  http://127.0.0.1:8080/k10/#/ for accessing Veeam Dashboard"

Once the Veeam Kasten is deployed successfully, we can access the Dashboard trough the preferred browser.

The way of creating backup jobs in Veeam Kasten is through Policies, we can find in this tab in the left side menu

Before initiating a new policy for exporting snapshots in AWS S3, we need to configure the Storage Provider in the Location Profile, along with the name that will be used for this Location, in our case is awss3

Name of the Location Profile

Amazon S3 Provider

For interaction with the AWS S3 API, we need to have a preconfigured user account in AWS S3 with necessary permissions to S3 objects and the S3 Bucket created in a selected AWS region. Using the Access Key and Secret Key along with the Bucket name that needs to be created beforehand and Region configuration.

AWS S3 Configuration

As long as the Location Profile is correctly configured, the status Success shows that Veeam Kasten can use the AWS S3 Storage provider for exporting snapshots.

To initiate the application backup, in Policies tab (New), we’ll choose the necessary configuration items like Display name, Backup Frequency, Snapshot Retention, Select Application etc. In order to export created snapshots in AWS S3, is necessary to enable the “Enable Backup via Snapshot Exports” option and choose our already created “Export Location Profile” as awss3.
Following the schedule of the defined policy, we can execute a manual test by choosing the “run once” button in the Policy window:

Checking in AWS S3 Bucket, we already found the k10 folder that contains the metadata and objects exported from our Kubernetes cluster.

Veeam Kasten manage the Kubernetes applications at the namespace level, we can choose an entire namespace or filter based on the labels define on workloads. In our test Policy, we choose as the default namespace which includes our application (webapp).

If anything happens with our deployment or is it deleted by mistake, the restore procedure is straightforward, choosing the three vertical dots in the right side of the application and chose the restore option.

Veeam Kasten will restore all objects part of a restore point.

Having the peace of mind that your data is in good hands, a very good user experience and simplicity in operation, makes Veeam Kasten the only backup and disaster recovery for your Kubernetes infrastructure.