CloudCasa, Velero, NetApp Trident, and SolidFire

Table of Contents

Conclusion

If you’re a Velero user or would like to use Velero if it had a Web UI, give Cloud Casa for Velero a try.

Introduction

CloudCasa added Velero support in this (April 2023) release. Check the link if you’re curious about the details.

Does it work with Trident and SolidFire?

I’ve no reason to think it doesn’t.

How does it work?

Unlike Kasten K10, CloudCasa’s control plan is a shared managed cloud service. You register for service, and see an empty dashboard.

Then you add your clusters - one or more.

In my case I had a singleton cluster deployed two months ago, so I tried to reuse it.

Then you get a command that deploys a CloudCasa agent and hooks it into cloud service.

My cluster with NetApp Trident and Cloud Casa agent installed:

Within seconds results of that action start appearing in the Web UI.

Where does Velero come in?

I installed it on my own before I installed CloudCasa agent. During that time I also installed Velero S3 plugin and registered on-prem S3 storage. That’s why the same is visible in CloudCasa Web UI.

Create one or more backup policies to be able to run backup jobs.

CloudCasa also has detailed RBAC support with very granular details. Two roles are pre-created, but they can be cloned and literally tens of different roles could be created from a cloned User template.

I suspect this may be a bug, or an assumption that flew right above my head: “Velero Snapshot Location” doesn’t do much, but it seems it’s supposed to do something.

Similar to other Kubernetes backup solutions, CloudCasas can also backup an entire cluster. This screenshot shows a backup of an individual namespace confined to Deployments and PVCs.

(I did not select Snapshot because I did not install Velero with CSI plugin, and I would expect CloudCasa to dim the Snapshot option because it should be able to “see” that CSI snapshots are not available.)

As a reminder, with Trident CSI and SolidFire, snapshots could be cloned and then mounted for backup which would export (save) them to S3. But it’s hard to tell what this is supposed to do.

Here’s an example of Velero-Kopia-based backup of the entire cluster.

I wrote about Velero & Kopia here and as far as CloudCasa is concerned, I only expect it to surface Velero logs in the UI, so I didn’t spend much time on trying to find out where the two errors came from - I’m sure it wasn’t from CloudCasa.

There’s an interesting-sounding Security Scan feature, but sadly it’s supported only on AWS.

After some activity, dashboard looks a bit more interesting, with alerts, activity details, storage utilization, etc.

Notice how “Size of protected DBs” shows Google, Azure, AWS but not my local S3 storage configured for Velero. I assume this is another “Work-in-Progress” item.

Similar to that VSL setting, this below is another strange-looking setting. Presumably this should show whatever I registered in Velero (I registered my local Object Store), but it doesn’t.

I suppose most CloudCasa customers user CloudCasa-managed AWS S3 buckets, so CloudCasa haven’t spent much effort testing custom storage options.

CloudCasa-manged AWS and Azure options appear to work fine, so it’s only User-Provided Storage options that are problematic.

Summary

CloudCasa makes Velero usable by non-experts and makes it easier to manage multiple Velero clusters.

Among NetApp storage arrays, Trident CSI supports SolidFire and ONTAP, but E-Series works with vSphere CSI and all I tested E-Series with some Direct CSI community plugins as well. Velero should work with all these CSI providers, so all NetApp arrays ought to work as well.

This is CloudCasa’s first release with Velero support, so I guess the two problems I spotted are likely “v1.0” (in terms of Velero integration) issues.

The installation is easy, their UI is responsive, RBAC is good, and Velero is sufficiently exposed to not “lose” power users.

I didn’t do much experimenting with various Velero settings to see how they’re recognized (or not) in CloudCasa, but it appears there isn’t much distinction between CSI vs. non-CSI approaches although there should be, because when I installed Velero I didn’t even enable CSI (I could have, see my older Velero-related posts) and yet CloudCasa appeared to assume CSI was used and that maybe what caused the empty “Velero Snapshot Locations” drop down list.

I assume these details will be improved in subsequent versions. CloudCasa is already an interesting option for Velero + Kubernetes users on premises and in the cloud.