Kasten By Veeam at Cloud Field Day 13
On February 16, 2022 , I had the unique opportunity to present at Cloud Field Day 13 along with my colleagues Tom Manville, VP of engineering at Kasten by Veeam and Michael Cade, Senior Global Technologist at Kasten by Veeam.
Michael started the day by summarizing the updates provided by Kasten in previous CFD presentations. This was followed by a summary of the latest features that were shipped in the latest major release — version 4.5 — of Kasten’s product K10.
Michael then proceeded to provide an overview of Kasten’s Multi-Cluster solution. This is one of the areas that I manage at Kasten. We’ve got some great things planned in the Multi-Cluster data management space this year and the team is working towards that.
Next, we had my presentation about Ecosystem integrations and Observability. This was my first time presenting at Cloud Field Day 13. It was a pleasure to meet the delegates and to show off Kasten’s integrations with HashiCorp Vault, Prometheus and Grafana.
My presentation about the integration with Vault covered the following :
- Generation of a master key that is used to derive keys per policy in K10. The derived keys are used for encryption/decryption of backups taken by K10.
- Three methods for encryption/decryption of the master key — Passphrase based method, HashiCorp Vault based method and the AWS Key management service based method.
- Storage of the master key in K10’s database called the catalog.
- The demo showed how to install Vault in a Kubernetes cluster, install K10 with the vault integration enabled, and configuration of the Vault key using K10’s PassKey API. This Vault key is used to encrypt/decrypt K10’s master key.
My presentation about the integration with Prometheus and Grafana covered the following:
- The default Grafana dashboard that is shipped with K10. The charts shown in this dashboard are based on metrics scraped by Prometheus from K10.
- A demonstration of how to create an Alert using Grafana’s dashboard and have the alert sent to a slack channel.
In the final presentation of the day Tom talked what it means to be Cloud-Native Native .
- K10s deep integration in Kubernetes by use of Custom Resource Definitions and AggregatedAPIs .
- K10's integration with various authentication providers — Okta, Google, Active Directory, OpenShift etc. The use of Kubernetes Authorization in the form of Role Based Access Control.
- K10’s deployment models — AirGapped mode, Edge deployments and Service Providers which is important for many of our customers.
- Integrations with various platforms such as OpenShift and Rancher.
- He talked about what interfaces and APIs are available today thanks to the open source efforts in the Kubernetes Data protection community. But there are lots of areas that are still not supported by the community. K10 uses whatever is currently available from the community — for example VolumeSnaphots, but fills lots of other gaps that are missing.
After the livestream ended, we had a private session with the delegates for about thirty minutes where the delegates got to ask us questions about various topics related to our product and strategy. It was great listening to their feedback about our presentations and their impressions of the product and Kubernetes in general.
Onkar Bhat is an Engineering Manager at Kasten by Veeam. His focus has been in the areas of Authentication, Role-based Access Control (RBAC), APIs, Monitoring and Multi-cluster management for the purpose of cloud native data protection. He has previously worked in the areas of data protection, networking and security at Big Switch Networks, NetApp and Cisco Systems. Onkar received his MS in Information Networking from Carnegie Mellon University.