Your organization needs regional disaster recovery: Here’s how to build it on Kubernetes

System failures are inevitable, but you can minimize disruptions. For this reason, regional disaster recovery based on Kubernetes container orchestration is critical to effective business continuity.

Businessman's finger pushing domino to fall down / Concepts of risk and business failure.
Image: Chingching/Adobe Stock

Fires, hurricanes, floods: Disasters have always threatened IT operations. Today, cybersecurity breaches are of equal or greater importance. Even partial disasters can bring your business to a standstill. If crew cut a cable outside your building, no matter how resilient your data center is, you could lose external connections.

Every organization should have a business continuity plan in place, and a key component of your business continuity policy should be regional disaster recovery, which places a secondary IT environment far enough away from your primary site that it is not affected by the same disaster .

SEE: Mobile Device Security Policy (TechRepublic Premium)

Kubernetes container orchestration can help lay the foundation for modern DR strategies and help organizations take advantage of cloud-native technologies for business continuity. Along with supporting software, Kubernetes-based regional DR provides the ability to replicate workloads to a secondary site faster, enable failover and failback, and automatically recover to your primary environment once the disaster is resolved.

Why you should meet regional recovery needs with Kubernetes

Regional DR uses asynchronous replication while building a secondary production environment with a minimum recovery point goal—the amount of data you can afford to lose—and a recovery time goal—the time you can afford to be down. The latter is usually around 10 to 30 minutes for many organizations.

This is in contrast to Metro DR, which relies on high-speed and expensive fiber connections to support sub-second RPO and RTO. Such synchronous replication writes data to two sites simultaneously, enabling the near-instantaneous failover required for demanding, sensitive workloads such as banking transactions.

Why is Kubernetes ideal for DR? Kubernetes is a portable and extensible open source platform for managing containerized workloads. Resiliency is built in because Kubernetes isn’t tied to a specific location or hardware. If an application process fails, the platform immediately creates a new instance to keep workloads running.

A good DR solution provides peace of mind that all relevant metadata will go with it when your Kubernetes applications are moved to your secondary site. This includes namespace information, objects, and custom configurations to allow the workload to function properly in the secondary environment. Without an effective DR methodology for Kubernetes, your IT team would have to pull it all together by hand—a tedious, error-prone, and time-consuming task.

Why you should use API integration for cybersecurity resiliency

With the rise of cybersecurity attacks, the ability to recover faster from these events has become more important. Again, Kubernetes can help.

One possibility is to address targeted cyber attacks. Some cyber exploits aim to hit as many victims as possible, such as the various software supply chain attacks we’ve seen in recent years. However, cybercriminals increasingly have specific targets in mind: a regional hospital, a municipal water company, or a geographic region in political turmoil. In these cases, a Kubernetes-based regional disaster recovery can help your business recover faster.

Kubernetes can also contribute to broader IT responses to ransomware. However, if your primary environment is shut down by ransomware, you cannot simply replicate to your secondary site as the ransomware will likely replicate along with it.

A solution to this problem is an implementation of Kubernetes that includes a data protection API. With a data protection API, you can integrate Kubernetes into your existing data protection solution. If your site is affected by ransomware, you can restore data to an earlier date in a more secure production environment at your secondary site, where it can run until you remediate your primary site.

An effective Kubernetes implementation also enables DR in edge environments. By combining Kubernetes and a data protection API on a single node, you can benefit from essentially the same replication and DR capabilities in a smaller form factor, supporting both containers and virtual machines running at the edge.

This is how you get back on track

Once you’ve cleaned up your primary location, you can return production there. Using cluster management functions in your secondary environment simplifies the task. When your IT team initiates the process, the cluster manager automatically replicates applications back to your primary site with their namespace information and configurations. Without such a feature, your IT team would have to manually rebuild your production environment piece by piece.

As business, IT and global environments become more complex every day, it is highly likely that every organization will at some point face a business disruptive event. But with an effective implementation of Kubernetes and supporting technologies as part of a comprehensive DR strategy, your business can recover more predictably, quickly, and cost-effectively. This helps minimize the impact on data and finances while maximizing the speed at which you get back to work.

Marcel Hergarden

Marcel Hergaarden is the senior manager of product marketing for the Data Foundation business team at Red Hat. He lives near Amsterdam and has been with Red Hat since 2012. He has a technical background and extensive experience in infrastructure-related technical sales.

Leave a Reply

Your email address will not be published. Required fields are marked *