- Kaspersky Container Security 1.1 Help
- About the Kaspersky Container Security platform
- Solution architecture
- Preparing to install the solution
- Solution installation
- Removing the solution
- Updating the solution
- Solution interface
- Licensing the solution
- Data provisioning
- Working with clusters
- Working with images from registers
- Setting up integration with external image registries
- Integration with CI/CD
- Image scanning in CI/CD processes
- Configuring image and configuration file scan settings
- Defining the path to container images
- Scanning images from CI/CD
- Monitoring the integrity and origin of images
- Running the scanner in SBOM mode
- Getting scan results in JSON or HTML format
- Running the scanner in lite SBOM mode
- Risk handling
- Compliance check
- Configuring and generating reports
- Security policies configuration
- Managing container runtime profiles
- Configuring integration with image signature validators
- Setting up integration with notification outputs
- Configuring LDAP server integration
- Users, roles, and scopes
- Managing users
- About user roles
- Working with system roles
- Displaying list of roles
- About scopes
- Scopes and enforcement of security policies
- Switching between scopes
- Adding users, roles, and scopes
- Resetting password for user accounts
- Changing settings for users, roles, and scopes
- Removing users, roles, and scopes
- Security event log
- Exporting events to SIEM systems
- Backing up and restoring data
- Contacting Technical Support
- Sources of information about the application
- Limitations and warnings
- Glossary
- Third party code information
- Trademark notices
Scaling
Scaling
Kaspersky Container Security supports scaling for the number of scanning pods to ensure that the incoming image volume can be scanned. You can scale the number of scanning pods up or down at any time while the solution is operating.
When a scanning pod is added, the system resources increase as follows:
- The number of node processors—by 2.
- The amount of RAM on the nodes—by 4 GB.
- The amount of free disk space on a node hard drive—by 15 GB.
To scan images larger than 10 GB, the kcs-ih service resources must be increased as follows per scanning pod and for each additional GB.
- The amount of RAM on the nodes—by 300 MB.
- The amount of free disk space on a node hard drive—by 1 GB.
If the images are not scanned for configuration file errors during standard operation mode, it is not necessary to increase the RAM of the scanning pods.
Article ID: 256168, Last review: Dec 4, 2024