VMblog Expert Interview: Sathya Sankaran Talks CloudCasa and Data Protection for Kubernetes
During this week’s KubeCon + CloudNativeCon Europe 2022 event, Catalogic Software, a leading provider of smart data protection solutions, made a couple of announcements, so VMblog reached out to Sathya Sankaran, General Manager of CloudCasa by Catalogic.
VMblog: We see that Catalogic is attending and sponsoring KubeCon + CloudNativeCon Europe 2022. Can provide a recap of the news you released?
Sathya Sankaran: Yes, our team at CloudCasa by Catalogic is happy to be back to an in-person KubeCon + CloudNativeCon. We also spoke at the co-located event, Data on Kubernetes Day about “The Many Uses of Kubernetes Cross-Cluster Migration of Persistent Data” that took a look at the different use cases and their challenges for cross-cluster migration, including disaster recovery, test/dev, and performance testing.
During the conference, we announced the latest CloudCasa feature set updates that provides a cyber-resilient, scalable backup and disaster recovery service for Kubernetes environments, whether on premises or in a managed cloud service. What we announced at KubeCon is that CloudCasa now provides native integration with Azure Kubernetes Service (AKS) in addition to Amazon Elastic Kubernetes Service (EKS). The API integration allows AKS users to register their Azure accounts and automatically discover all their AKS clusters across all regions and accounts, centralize backup policy management, and dramatically reduce the time taken to recover AKS clusters and their data.
This latest round of updates also enables role-based access control (RBAC) for enterprises and self-service backup and recoveries for developers, support for multi-tenant clusters with native Clastix Capsule integration, and support for Longhorn volumes.
VMblog: What does it mean for CloudCasa to be cloud-aware and service-aware for Amazon EKS and Microsoft AKS, and what benefits does that native integration provide for corporations and users?
Sankaran: CloudCasa is a SaaS application that was built with Kubernetes for Kubernetes environments. CloudCasa is focused on protecting container and cloud native workloads. We are educating users every day about how containers generate persistent data, Kubernetes environments have configuration information, and that data needs to be backed up with restore points and retention polices for compliance. We are also helping users understand that the public cloud provider, or your IT team if self-hosting Kubernetes, cannot restore your Kubernetes environment and service in case of data loss if you don’t backup your Kubernetes resources and your application data.
CloudCasa is service-aware, as it is an application built with Kubernetes to support all distributions and clouds and runs in multiple cloud environments. We understand Kubernetes and the differences between the managed cloud services such as Amazon EKS and Azure AKS, so we can hide all that complexity.
VMblog: What is multi-tenancy for Kubernetes and why is it important? What benefits does it provide to users and corporations?
Sankaran: Multi-tenancy is sharing a resource among multiple customers with varying degrees of separation. With the growing usage of Kubernetes across enterprises, it is now a common requirement to support multiple tenants in a single Kubernetes cluster. Kubernetes wasn’t built to be multi-tenant and there is a ton of work going on to address the cluster sprawl that this limitation causes. In all such situations, having a backup agent that must be cluster scoped (such as Velero) forces an admin to play intermediary (the traditional IT admin model).
As a result, IT teams need to ensure that there is a scalable and secure way to support not only various business units, departments but also enable self-service portals and automation with granular access control to operate at DevOps speed. These self-service models must allow you to see and act on a set of applications and resources based on your authorization and enable audit control. We are partnering with Capsule, an open-source, multi-tenancy solution to deliver a tenant-aware and more importantly a tenant limited backup and recovery capability.
VMblog: Tell us more about the new RBAC feature of CloudCasa and the integration with Clastix Capsule for multi-tenancy?
Sankaran: With full role-based access control (RBAC), CloudCasa provides granular control over who can perform backup and advanced recovery and data migration functions, including cross-cluster, cross-account, and cross-cloud. This allows developers to be able to self-service their clusters while allowing traditional IT Ops to monitor backup and recovery workflows. Application developers can see and act on the applications and resources based on their authorization.
With the growing usage of Kubernetes across enterprises, it is now a common requirement to support multiple development teams in a Kubernetes environment. There are solutions out there that create a soft “tenant” abstraction by grouping a number of namespaces together. CloudCasa has partnered with Clastix to add support for their Capsule, an open-source multi-tenancy solution that allows multiple teams to securely share a Kubernetes cluster. Capsule maps each tenant to a CloudCasa user group with appropriate access privileges, providing a scalable and secure, self-service solution for backup and recovery.
VMblog: Can you discuss the state of adoption of data protection for Kubernetes as an add-on solution?
Catalogic has been in the data protection industry for over 20 years. We have a heritage in protecting mainframe open systems when that was a big thing. We saw enterprise storage becoming a bigger player and began integrating with their snapshots to deliver copy data management. When it came to CloudCasa, it was very much the same concept. We saw the shift in the ecosystem where customer data was on the move to the cloud at a very rapid pace.
And today, ransomware, phishing, and hacking, these are all a daily occurrence across the enterprise. Data protection is just one of the intrinsic needs in establishing cyber-resilience of any Kubernetes environment. Early on we were able to spot the gaps and stretch left to also deliver proactive protection and posture review for Kubernetes and cloud environments. The need for our solution has never been greater.