The rise of stateful containers requires further responsibility for data protection—the need to protect the data within persistent containers. To protect against disaster, we suggest backing up your Dockerfiles used to create your container images as well as all versions of those files, as well as configuration files and any desired-state information used for running Kubernetes. It is recommended, however, that any stateful information be stored in a database, and not on the filesystem. Please consider this issue when designing your Kubernetes infrastructure.
Here are the typical files that need data protection:
- Dockerfile images
- Kubernetes cluster state information
- YAML deployments files
- Persistent volumes
The typical method of putting a backup agent in the container is not a valid option. Consequently, we recommend taking a snapshot followed by replicating the snapshot to another system. Once copied, the volume can be backed up using normal backup processes.
All IT organizations must now come to terms with compliance. One area in particular that IT now needs to be mindful of is with the backup data. We believe that the need for CCPA and GDPR compliance is going to feed another trend in the data protection space. That is the reuse of secondary data for non-backup purposes. Working with our clients, we discovered that many IT teams need to replace their backup solution with a system geared toward reusing backup data for other kinds of business needs.
We also feel that most companies are not ready for CCPA and are holding vast stores of unstructured data with no means to identify, and specifically delete, any of it. That is why we are currently helping our customers with classifying their business data ¾ so they have the ability to classify, search, manage, and remove data in the world of backup.
Compliance is an area where the public cloud is a hindrance. Classifying data ¾ which is necessary for both compliance and any data reuse ¾ is much more complicated when the data is spread across multiple silos. We predict there will be a push to make data classification more pervasive, as it addresses compliance, risk management, and data governance.
Finally, good backups should be the last line of defense against a cybersecurity or ransomware attack. We recommend making backup copies and snapshots immutable, so they cannot be deleted or modified. It is especially important to be able to detect any malware in backup datasets. We stress that IT organizations learn how to streamline standard operational activities, such as snapshot, recovery testing, disaster recovery testing, and searching for compliance-sensitive workloads across your various data sets.
We have learned that a data center architecture will not be agile unless it includes IT automation, intelligent data management, comprehensive data protection, and turn-key DR across the complete hybrid cloud environment. As enterprises adopt hybrid cloud-native strategies, intelligent data management across those public and private clouds is a top priority.