We have already spent some time talking about data services or data intensive applications such as databases on [Day 85](day85.md). For these data services we have to consider how we manage consistency, especially when it comes application consistency.
In this post we are going to dive into that requirement around protecting the application data in a consistent manner.
In order to do this our tool of choice will be [Kanister](https://kanister.io/)
![](Images/Day88_Data1.png)
### Introducing Kanister
Kanister is an open-source project by Kasten, that enables us to manage (backup and restore) application data on Kubernetes. You can deploy Kanister as a helm application into your Kubernetes cluster.
Kanister uses Kubernetes custom resources, the main custom resources that are installed when Kanister is deployed are
-`Profile` - is a target location to store your backups and recover from. Most commonly this will be object storage.
-`Blueprint` - steps that are to be taken to backup and restore the database should be maintained in the Blueprint
-`ActionSet` - is the motion to move our target backup to our profile as well as restore actions.
### Execution Walkthrough
Before we get hands on we should take a look at the workflow that Kanister takes in protecting application data. Firstly our controller is deployed using helm into our Kubernetes cluster, Kanister lives within its own namespace. We take our Blueprint of which there are many community supported blueprints available, we will cover this in more detail shortly. We then have our database workload.
![](Images/Day88_Data2.png)
We then create our ActionSet.
![](Images/Day88_Data3.png)
The ActionSet allows us to run the actions defined in the blueprint against the specific data service.
![](Images/Day88_Data4.png)
The ActionSet in turns uses the Kanister functions (KubeExec, KubeTask, Resource Lifecycle) and pushes our backup to our target repository (Profile).
![](Images/Day88_Data5.png)
If that action is completed/failed the respective status is updated in the Actionset.
![](Images/Day88_Data6.png)
### Deploying Kanister
Once again we will be using the minikube cluster to achieve this application backup. If you have it still running from the previous session then we can continue to use this.
At the time of writing we are up to image version `0.75.0` with the following helm command we will install kanister into our Kubernetes cluster.
We can use `kubectl get pods -n kanister` to ensure the pod is up and runnnig and then we can also check our custom resource definitions are now available (If you have only installed Kanister then you will see the highlighted 3)
echo "create table if not exists Accounts(name text, balance integer); insert into Accounts values('nick', 0);" | ${MYSQL_EXEC}
echo "insert into Accounts values('albert', 112);" | ${MYSQL_EXEC}
echo "insert into Accounts values('alfred', 358);" | ${MYSQL_EXEC}
echo "insert into Accounts values('beatrice', 1321);" | ${MYSQL_EXEC}
echo "insert into Accounts values('bartholomew', 34);" | ${MYSQL_EXEC}
echo "insert into Accounts values('edward', 5589);" | ${MYSQL_EXEC}
echo "insert into Accounts values('edwin', 144);" | ${MYSQL_EXEC}
echo "insert into Accounts values('edwina', 233);" | ${MYSQL_EXEC}
echo "insert into Accounts values('rastapopoulos', 377);" | ${MYSQL_EXEC}
echo "select * from Accounts;" | ${MYSQL_EXEC}
exit
```
You should be able to see some data as per below.
![](Images/Day88_Data10.png)
### Create Kanister Profile
Kanister provides a CLI, `kanctl` and another utility `kando` that is used to interact with your object storage provider from blueprint and both of these utilities.
I have gone and I have created an AWS S3 Bucket that we will use as our profile target and restore location. I am going to be using environment variables so that I am able to still show you the commands I am running with `kanctl` to create our kanister profile.
Don't worry you don't need to create your own one from scratch unless your data service is not listed here in the [Kanister Examples](https://github.com/kanisterio/kanister/tree/master/examples) but by all means community contributions are how this project gains awareness.
To add this we will use the `kubectl create -f mysql-blueprint.yml -n kanister` command
![](Images/Day88_Data12.png)
### Create our ActionSet and Protect our application
We will now take a backup of the MySQL data using an ActionSet defining backup for this application. Create an ActionSet in the same namespace as the controller.
`kubectl get profiles.cr.kanister.io -n my-production-app` This command will show us the profile we previously created, we can have multiple profiles configured here so we might want to use specific ones for different ActionSets
We are then going to create our ActionSet with the following command using `kanctl`
You can see from the command above we are defining the blueprint we added to the namespace, the statefulset in our `my-production-app` namespace and also the secrets to get into the MySQL application.
![](Images/Day88_Data13.png)
Check the status of the ActionSet by taking the ActionSet name and using this command `kubectl --namespace kanister describe actionset backup-qpnqv`
Finally we can go and confirm that we now have data in our AWS S3 bucket.
![](Images/Day88_Data14.png)
### Restore
We need to cause some damage before we can restore anything, we can do this by dropping our table, maybe it was an accident, maybe it wasn't.
You can see that our importantdata db is there with `echo "SHOW DATABASES;" | ${MYSQL_EXEC}`
Then to drop we ran `echo "DROP DATABASE myImportantData;" | ${MYSQL_EXEC}`
And confirmed that this was gone with a few attempts to show our database.
![](Images/Day88_Data15.png)
We can now use Kanister to get our important data back in business using the `kubectl get actionset -n kanister` to find out our ActionSet name that we took earlier. Then we will create a restore ActionSet to restore our data using `kanctl create actionset -n kanister --action restore --from "backup-qpnqv"`
![](Images/Day88_Data16.png)
We can confirm our data is back by using the below command to connect to our database.
Now we are inside the MySQL Client, we can issue the `echo "SHOW DATABASES;" | ${MYSQL_EXEC}` and we can see the database is back. We can also issue the `echo "select * from Accounts;" | ${MYSQL_EXEC}` to check the contents of the database and our important data is restored.
![](Images/Day88_Data17.png)
In the next post we take a look at Disaster Recovery within Kubernetes.
## Resources
- [Kanister Overview - An extensible open-source framework for app-lvl data management on Kubernetes](https://www.youtube.com/watch?v=wFD42Zpbfts)
- [Application Level Data Operations on Kubernetes](https://community.cncf.io/events/details/cncf-cncf-online-programs-presents-cncf-live-webinar-kanister-application-level-data-operations-on-kubernetes/)
- [Kubernetes Backup and Restore made easy!](https://www.youtube.com/watch?v=01qcYSck1c4&t=217s)
- [Kubernetes Backups, Upgrades, Migrations - with Velero](https://www.youtube.com/watch?v=zybLTQER0yY)