AWS re:Invent 2023
Secure Kubernetes Data Management and Scaling with Kasten K10 Con204

Title

AWS re:Invent 2023 - Secure Kubernetes data management and scaling with Kasten K10 (CON204)

Summary

  • Michael Cade, a technologist/field CTO at Veeam, and Mark Severson, a member of technical staff at Kasten, presented on secure and scalable Kubernetes data management using Kasten K10.
  • Kasten K10 is a data management platform for Kubernetes, focusing on backup, security, and scalability.
  • The session covered the state of Kubernetes, including the increase in stateful workloads and cloud-native deployment patterns.
  • Kasten K10 integrates with the Kubernetes API and provides autonomous data protection, supporting various environments like EKS, ROSA, and on-premises clusters.
  • The platform emphasizes data security, freedom, and recovery, with features like ransomware detection, immutability, and integration with AWS services like GuardDuty and RDS.
  • Kasten K10's unique capabilities include application consistency, policy as code, and the ability to transform application configurations during restoration.
  • The session included demonstrations of Kasten K10's capabilities, such as sending audit logs to S3 and Datadog, migrating a stateful set to RDS, and managing multi-cluster deployments with Argo CD.
  • Kasten K10's multi-cluster management has been improved to allow secondary clusters to connect to a primary cluster, simplifying network operations and scaling.
  • The session concluded with resources for further learning and an invitation to try Kasten K10 Community Edition.

Insights

  • Kasten K10's integration with Kubernetes API and its autonomous operation mode suggest a deep understanding of Kubernetes' operational model and the need for native data management solutions.
  • The focus on data security, freedom, and recovery aligns with the growing concerns around ransomware attacks and the need for robust disaster recovery strategies in cloud-native environments.
  • The ability to transform application configurations during restoration could significantly simplify the process of migrating applications between different environments or upgrading clusters.
  • The demonstration of multi-cluster management with Argo CD indicates a trend towards GitOps and the importance of automation in managing complex Kubernetes deployments.
  • The shift in multi-cluster architecture from primary clusters reaching out to secondary clusters to secondary clusters connecting to a primary cluster reflects a design choice aimed at reducing complexity and potential points of failure.
  • The session's emphasis on not storing secrets in source control and using AWS Secrets Manager and External Secrets Operator for secret management demonstrates a commitment to security best practices.
  • The offer of a Community Edition of Kasten K10 suggests an effort to build a community around the product and encourage adoption by providing a fully functional, free version for smaller deployments.
Secure Access to Aws with Ztna 20 Hyb204Secure Private Llms in Your Cloud with Anyscale Endpoints Aim251