Veritas NetBackup Kubernetes protection Architecture
A Kubernetes cluster is a set of nodes that run containerized applications. Containerizing applications package an app with its dependencies and some necessary services. Kubernetes clusters allow containers to run across multiple machines and environments: virtual, physical, cloud-based, and on-premises.
There are three main components in NetBackup for Kubernetes solution: Kubernetes namespace, the controller node, and NetBackup dedicated namespace.
Kubernetes namespaces include all the custom resources and configuration that makes up that namespace. Persistent Volume (PV) and Persistent Volume Claim (PVC) are the two important concepts in the Kubernetes storage.
PV can be provisioned by an administrator or dynamically provisioned using Storage Classes. Just like a node, PV is a resource in the cluster. Often PVs are presented to the names to hold any persistent data for an application. PVs have a lifecycle independent of any individual Pod that uses the PV. This API object captures the details of the implementation of the storage, be that NFS, iSCSI, or a cloud-provider-specific storage system.
When a pod needs to store data, the storage resource is requested from Kubernetes, which is called PVC. The PVC also has capabilities such as capacity and read/write access modes. As Pods consume node resources, PVCs consume PV resources. Pods can request specific levels of resources (CPU and Memory). Claims can request specific size and access modes (e.g., they can be mounted ReadWriteOnce, ReadOnlyMany, or ReadWriteMany, see AccessModes). Kubernetes matches the appropriate resource per the request, assigns it to the pod, and mounts the volume to the node where the pod is running, for the use of the pod.
The master node of Kubernetes listens for the new requests of PVC generation, looks for and matches the PV, and binds both together. Once the PV is bound to the PVC, the relationship between them is exclusive and unique, meaning the binding of PVC and PV is a one-to-one mapping. If there is no PV satisfying the requirements of the PVC request, the PVC will be in an unbound state indefinitely. Once there is a matching PV, the PVC will bind to the PV immediately.
The pod uses the PVC as a volume, and the Kubernetes cluster looks up the bound PV through the PVC and mounts it to the pod. For the volume that supports multiple access modes, the user can specify its desired access mode when using the PVC as the volume, and the PV is exclusively owned by the user.
The controller node contains all the cluster information and access. Communication to and within the cluster is done via an API server. Any communication to Veritas NetBackup Custom Operator or calling of snapshots all goes through the API server to make the request.
NetBackup dedicated namespace to deploy NetBackup operator. This operator is a custom resource that Veritas developed to go into the Kubernetes environment and facilitate all the calls by Velero through the API server. It communicates information and metadata back to the NetBackup Primary Server, defines the schedules, and facilitates all communication between NetBackup and Kubernetes. The NetBackup Kubernetes Operator will communicate with Velero and the CSI plugins through the API server to take any snapshots and storage of those snapshots to any cloud compliant storage and communicate that status back to the Primary Server. NetBackup has integrated with Kubernetes and provides protection policies, asset service, and discovery, RBAC, API, client library, credentials, and UI.
- Interface between NBU and K8s
- Incremental Discovery
- Event Listener
- Create Velero CR
- Kubectl/K8s CR based Backup & Restore
- Manage NB DM
Kubernetes is a portable, extensible, open-source platform for managing containerized workloads and services, that facilitates both configuration and automation. NetBackup for Kubernetes is designed to optimize the Kubernetes environment for the Backup admin. Application-Centric design provides the best enterprise-grade resiliency and unified for all Kubernetes platforms to give our customers the choice and flexibility they have come to expect from Veritas.