Running OpenShift on AWS or Azure? You Might Be Missing This Critical Element

More organizations than ever are building and deploying containerized applications—an estimated 70% by 2024, according to IDC. Despite the benefits of a cloud-native approach, there are still challenges, like gaps in skills. In fact, 75% of businesses identified a knowledge gap as a key challenge in container adoption, according to Flexera’s State of the Cloud Report.

To help bridge the gap, you might use a managed service like Red Hat OpenShift on AWS (ROSA) or Microsoft Azure Red Hat OpenShift (ARO). Relying on these services can lighten your workload and save you time and money. And fully managed means your apps are covered when something goes wrong, right? Not exactly.

When it comes to data protection in the cloud, the responsibility is on you. Read on to find out what this means for your OpenShift apps in the cloud and how you can protect your data, no matter how or where you manage it.

Red Hat Kubernetes Managed Service Offerings: What is OpenShift on AWS and Azure?

Before we dig into why you need data protection when using OpenShift managed services in the cloud, let’s break down what they are.

There are currently two OpenShift managed services in the cloud—one for AWS and one for Microsoft Azure. Here’s a quick summary of each.

• Red Hat OpenShift Service on AWS (ROSA): ROSA provides an integrated, simplified way to use OpenShift on AWS. So, you get the ease of the cloud, plus other great benefits like joint support, pay-as-you-go billing, and ongoing application management.
• Azure Red Hat OpenShift (ARO): ARO offers similar benefits on the Azure cloud. Together, Microsoft and Red Hat provide full management and monitoring of your OpenShift clusters, along with simplified billing and easy scalability.

Does Using a Managed Service Like OpenShift on AWS Protect Your Applications?

However, just because you rely on a managed service for maintaining your containerized environments doesn’t mean that your application data and metadata is protected, recoverable, and mobile. And the built-in protection via your cloud provider isn’t enough, especially when disaster strikes.

So who is responsible for protecting your managed applications in the cloud?

In short, you are.

In fact, public clouds like AWS and Azure use “Shared Responsibility Models” that outline roles and responsibilities—both yours and theirs—when it comes to security and compliance.

Microsoft Azure Shared Responsibility Model
AWS Shared Responsibility Model

But what about your Kubernetes managed service provider, like Red Hat? They, too, use a model to break down the responsibilities of each party—yours, theirs, and the cloud providers for both ROSA and ARO.

• Red Hat’s Responsibility Assignment Matrix for ROSA
• Red Hat’s Responsibility Assignment Matrix for ARO

Your Data, Your Applications = Your Responsibility

No matter how you slice it, your data and applications are your responsibility. This includes everything from disaster recovery and compliance to identity management and operations.

So, how do you take charge of your data and applications to ensure that they’re available, protected from threats, and easily recoverable when downtime strikes? It starts with your tool.

Because your apps are your responsibility and because you want to move forward with as little disruption as possible when an outage occurs, you need a data protection tool that:

• Maximizes resiliency.
• Is built for the cloud. Though legacy data protection and built-in tools from storage vendors offer some protection, they’re not ideal for protecting cloud-native applications.
• Scales with you and your infrastructure now and into the future.
• Is able to run on any cloud, making it easier to back up your environment, no matter how or where you’re managing it.

Data Protection Doesn’t Have to Be Complicated

If you rely on a managed service like ROSA or ARO to reduce complexity, save time, and free up bandwidth for innovation and productivity in other areas, you might think that being responsible for data protection is complicated. Or maybe it’s simply one more thing to think about.

Either way, your cloud-native data protection platform shouldn’t be complex. In fact, it should help you in other areas. Ideally, your cloud-native data protection should:

• Work across all clouds, storage, and K8s distributions, giving you flexibility as your environment evolves and avoiding vendor lock-in.
• Be application-centric, allowing you to backup and restore all components of your applications (data, metadata, and all Kubernetes objects), no matter how you manage them (by namespaces, labels, Helm, and Operators).
• Scale with you so that you can add more clusters, new applications, or an additional cloud whenever you need to.
• Be easy to manage! Your data protection should be multi-tenant or multi-cluster, allowing you to easily manage your data across clouds and clusters without a separate CLI, and integrated into your Kubernetes API. Also, platforms with automation features like disaster recovery policies make management a breeze.

If you’re using OpenShift on AWS or Azure and need to protect your applications, take a look at TrilioVault for Kubernetes (TVK). It provides application-level backup and recovery for OpenShift in any environment, anywhere you choose to deploy. And it’s fully integrated, optimized, and certified for Red Hat environments.

Full Data Protection and Resiliency for Your Fully Managed Service Offerings

Fully managed services like ROSA and ARO ease the time-consuming, confusing challenges of operating in containerized environments. But they still rely on you to protect your applications.

That’s why you need a data protection platform that’s made for this moment—cloud-native, application-centric, and native to OpenShift. So you can back up your applications and maximize their performance, availability, and resiliency.

Check out more best practices for protecting your applications managed by ROSA or ARO. And learn how TVK has your OpenShift environment covered.