Skip to main content
Version: 2.10

Introduction to Portworx Backup

This section provides an overview of Portworx Backup, explains how it works, architecture, and describes the supported cluster deployments for backup and restore operations. It also outlines the supported configuration methods—REST APIs, CLI, and UI.

Product Overview

Portworx Backup (PX-Backup) is a Kubernetes backup solution that enables you to back up and restore applications, KubeVirt virtual machines (VMs), and their data across multiple clusters and environments, whether on-premises or in the cloud.

Portworx Backup provides the following benefits:

  • Centralized management of backup and restore operations
    Portworx Backup works with Portworx Central (a web console that centralizes various features or products including Portworx Backup into a single user interface), allowing administrators or other users to manage backups and restores of multiple Kubernetes clusters through a web console, CLI or Rest API.

  • Role-Based Access Control and Encryption of data for enhanced security and ransomware protection
    Portworx Backup supports multi-tenancy which facilitates the authorized users to connect through authorization providers to create and manage backups for clusters and applications for which they have permissions (without reaching out to the administrators).

  • Dedicated repository of backups and restores summary
    Portworx Backup maintains a repository of available application backups and enables the user to restore them to a destination cluster. Portworx backup also maintains the restore summary that provides the detailed information about each restore operation. Portworx Backup synchronizes its framework with backup locations on a regular-basis to check for the availability of new backups.

  • Easy migration of applications across environments
    Portworx Backup enables you to migrate the applications across clusters, clouds, and regions.

  • Common platform for containers and VMs backup
    Portworx Backup enables you to manage backups of containerized applications and VMs running on Kubernetes from a single workspace.

Portworx Backup Architecture

The following figure provides the Portworx Backup architecture:




Portworks Backup architecture involves the following components:

  • Portworx Backup Server Portworx Backup server is built on the Google Remote Procedure Call (gRPC) framework and offers performance benefits by reducing latency. With protocol buffers and binary serialization, gRPC divides the payload and enables faster communication, increasing the performance of Create, Read, Update, Delete (CRUD) operations of Portworx Backup. The server implements the basic CRUD operations on the Portworx Backup objects to handle the operations of data protection. Besides, CRUD abstracts the complexity of data storage and allows the user to focus on the web console tasks. Portworx Backup Server communicates with Stork to create application-level backups by creating the backup location and application backups CRDs and Stork monitors these CRDs on each user’s cluster. Portworx Backup Server also monitors the status of application backups and application restores on these clusters.

  • Portworx Central Portworx Central portal provides a web interface to deploy Portworx Backup on a cluster. It allows you to choose the required version of the backup, namespace, storageclass, external OIDC details, and so on to facilitate a quick installation with spec generator.

    Portworx Central on-premises is a graphical web console that allows you to monitor and manage your Portworx clusters.

  • Keycloak Portworx Backup Server communicates with an external OIDC service (Okta, Keycloak, Active Directory, Auth0, and so on) to validate and authorize tokens that are used for the API calls. Keycloak component is installed as part of the Portworx Central deployment. Portworx does not support use of an external Keycloak component, but the internally managed Keycloak component can be configured to add compatible external OIDC providers either during installation or post-installation.

  • NFS server NFS enables you to share your files and directories with the intended audience over a network and thereby consuming less storage space with a shared directory. Portworx Backup's Stork component communicates directly with NFS server through PVCs. You can add a file share that resides on your on-premises or on-cloud NFS server as backup location and backup all your data onto the NFS file share.

  • MongoDB
    An open-source nosql databse that stores data in a flexible JSON format. For more information, see MongoDB documentation.

  • On-Prem-Storage
    An on-premise or enterprise storage that is integrated through Container Storage Interface (CSI) to provide persistent volumes for stateful container workloads.

Portworx Backup Functioning

Portworx Backup enables you to create granular backups of the application using namespace and label selectors. You can back up an entire namespace or use label selectors to select certain resources to back up. This selection method also helps preserve associated configuration and pod data, ensuring that you can leverage your backup data after restore. For example, Portworx Backup can back up a MySQL deployment containing pods, PVCs, and volumes tagged with a app = mysql label. You can apply the labels for your namespaces, resources and their backups with a key-value pair using the CLI and with Portworx Backup web console you can filter them when needed to create a backup. With this mechanism, Portworx Backup can back up stateful applications as easily as stateless ones. For more information on how labels work, see Labels in Portworx Backup.

You can create a schedule for your backups by creating an independent schedule policy that defines when backups must be created and how many rolling copies they should retain. After creating schedule policies, you can associate them with multiple backups. For more information, see Add Schedule Policies.

Portworx Backup rules help you to eliminate manual preparation tasks and lets you minimize the interruptions to your cluster during backup operations. You can create pre-exec (freeze) or post-exec (unfreeze/thaw) rules that run before and after backups are taken. As with schedule policies, you can associate rules with multiple backups. For more information, see Add Backup Rules.

Supported Deployments for Backup and Restore Operations

Portworx Backup is compatible with any Kubernetes cluster, including managed and cloud deployments and integrates with the following major categories of storage providers:

  • Amazon Web Services (AWS) S3
  • S3 compatible object store
  • Microsoft Azure
  • Google Cloud Platform
  • Network File System
    • Amazon Elastic File System (EFS)
    • Google Cloud Filestore
    • Microsoft Azure file share

Portworx Backup supports taking backup on the following backup targets:

Block storage (Data being backed up from)File storage (Data being backed up from)
  • Amazon Elastic Block Store (EBS)
  • Google Persistent Disk
  • Azure Managed Disks
  • Portworx PX-Store
  • Container Storage Interface (CSI)
  • Amazon EFS
  • Google Cloud Filestore
  • Microsoft Azure file share
  • Pure Storage FlashArray
  • Pure Storage FlashBlade

The following are some examples of Kubernetes native resources that Portworx Backup can back up:

  • ClusterRole
  • ClusterRoleBinding
  • ConfigMap
  • Custom Resource Definition (CRD)
  • Custom resources
  • DaemonSet
  • Deployment
  • Ingress
  • Persistent Volume (PV)
  • Persistent Volume Claim (PVC)
  • Role
  • RoleBinding
  • Service
  • Secret
  • ServiceAccount
  • Stateful applications
note

The Portworx Backup web console displays a platform-dependent list of resources it can back up for each type of cluster. Additionally, even for the same platform, the resource list depends on the applications of the namespace.

For information on supported backup types, see Backup Types.

Supported Configuration Methods for Backup and Restore Operations

You can use the following methods for configuration and administration-related operations in Portworx Backup:

  • Use Rest APIs
    Portworx Backup offers two APIs, backup API and backend API. Both of these APIs are organized around REST and returns responses in JSON format. You can leverage the Portworx Backup API to create, delete, schedule, and restore backups. You can use Portworx Backup backend API to create, manage and assign roles to the user. For more information, see REST APIs.

  • Use Portworx Backup Web Console
    Portworx Backup provides a central user interface to perform the configuration and admininistration-related activities for backup and restore operations. You can monitor and manage most of the key operations of Portworx Backup. For more information, see Portworx Backup Web Console Specifications.

  • Use Portworx Backup CLI
    Portowrx backup provides CLI to perform the configuration and admininistration-related activities for backup and restore operations. For more information, see Portworx CLI Documentation

Essential Concepts and Terminologies

Backup Cluster Any Kubernetes cluster where you deploy Portworx Backup.

Application Cluster Any Kubernetes cluster on which you perform backup and restore operations using Portworx Backup. You can back up all applications and resources available on an application cluster. Portworx Backup supports the addition of any Kubernetes cluster that is network accessible. With Portworx Backup, you can back up, restore, and monitor all Kubernetes clusters. When a cluster is created, by default, the owner or the creator of the cluster can access it. Portworx Backup supports auto-discovery of clusters for AWS cloud accounts.
For more information, see Discover EKS Clusters.
Application clusters also create and manage Stork resources on the cluster.

Cloud Storage Cloud Storage acts as backup target to provide storage for the backups you create through Portworx Backup and helps you retrieve when you require. You can add a cloud-based S3 compliant object store or cloud-based NFS backup location in Portworx Backup to back up your data on it. For more information, see Object store backup location and NFS backup location.

Portworx Backup supports object lock for cloud-based S3 compliant object store backup locations to secure your critical data. You can retrieve data from these backup targets when needed with low latency.

Cloud Storage provides storage for your unstructured data and helps you store any amount of data and retrieve when you require. You can add cloud-based object store or block store backup location in Portworx Backup and backup your data on those cloud-based targets. You can retrieve data from these backup targets with low latency. For more information, see Cloud Storage.

Datastore Database where the Portworx Backup stores objects related to the cluster such as backup location, schedule policies, backup, restore, and backup schedules. Portworx Backup uses MongoDB as the datastore from the 2.0.0 version. Portworx Backup pod writes the metadata of backup object data to the MongoDB datastore. MongoDB runs with 3 replicas for high availability. This datastore is installed as part of the Portworx Backup deployment. Portworx Backup does not support use of an externally managed database as the datastore.

The following topics provides more information about Portworx Backup operations and working mechanism: