- Kaspersky Container Security 1.1 Help
- About the Kaspersky Container Security platform
- Solution architecture
- Preparing to install the solution
- Solution installation
- Removing the solution
- Updating the solution
- Solution interface
- Licensing the solution
- Data provisioning
- Working with clusters
- Working with images from registers
- Setting up integration with external image registries
- Integration with CI/CD
- Image scanning in CI/CD processes
- Configuring image and configuration file scan settings
- Defining the path to container images
- Scanning images from CI/CD
- Monitoring the integrity and origin of images
- Running the scanner in SBOM mode
- Getting scan results in JSON or HTML format
- Running the scanner in lite SBOM mode
- Risk handling
- Compliance check
- Configuring and generating reports
- Security policies configuration
- Managing container runtime profiles
- Configuring integration with image signature validators
- Setting up integration with notification outputs
- Configuring LDAP server integration
- Users, roles, and scopes
- Managing users
- About user roles
- Working with system roles
- Displaying list of roles
- About scopes
- Scopes and enforcement of security policies
- Switching between scopes
- Adding users, roles, and scopes
- Resetting password for user accounts
- Changing settings for users, roles, and scopes
- Removing users, roles, and scopes
- Security event log
- Exporting events to SIEM systems
- Backing up and restoring data
- Contacting Technical Support
- Sources of information about the application
- Limitations and warnings
- Glossary
- Third party code information
- Trademark notices
Backing up and restoring data
PostgreSQL mechanisms can be used for PostgreSQL database backup and data recovery. You can use these for the PostgreSQL database in Kaspersky Container Security or an existing PostgreSQL database you may have.
Database backup copies are created using the pg_dump utility. The backup copy includes all main settings and PostgreSQL database objects, even if the database is used in parallel. If you have a backup copy, you can quickly restore the database.
Without a backup copy, a malfunction may lead to an irrecoverable loss of the information stored in the PostgreSQL database.
The pg_dump utility lets you export a PostgreSQL database as a script or in an archive format such as .TAR.
Example of using the pg_dump utility
#!/bin/bash
# Set variables
postgres_podname="kcs-postgres-0"
namespace="kcs"
POSTGRES_USER="pguser"
POSTGRES_DATABASE="api"
date=$(date +"%Y-%m-%dT%H:%M:%S"-"backup")
dir_main="$namespace-$date"
dir_db=$dir_main/db
# Start script
mkdir -p $dir_main $dir_db
# Get postgres dump
kubectl exec -it $postgres_podname -n $namespace -- bash -c "pg_dump -U ${POSTGRES_USER} -F c ${POSTGRES_DATABASE} > /tmp/pg_dump_backup.sqlc"
kubectl cp "$namespace/$postgres_podname:/tmp/pg_dump_backup.sqlc" pg_dump_backup.sqlc
mv pg_dump_backup.sqlc $dir_db/
kubectl exec -it $postgres_podname -n $namespace -- bash -c 'rm -rf /tmp/pg_dump_backup.sqlc'
To restore a PostgreSQL database from a backup copy, you can use the pg_restore utility. This allows you to restore a PostgreSQL database from an archive file created by the pg_dump utility. The pg_restore utility executes commands that restore the database to the state that existed when the database was saved.
Example of using the pg_restore utility
#!/bin/bash
# Set variables
postgres_podname="kcs-postgres-0"
namespace="kcs"
POSTGRES_USER="pguser"
POSTGRES_DATABASE="api"
dir_db_backup="~/pg_dump_backup.sqlc"
# Postgres restore
kubectl cp $dir_db_backup "$namespace/$postgres_podname:/tmp/pg_dump_backup.sqlc"
kubectl exec -it $postgres_podname -n $namespace -- bash -c "pg_restore -U ${POSTGRES_USER} -d ${POSTGRES_DATABASE} -c /tmp/pg_dump_backup.sqlc"
kubectl exec -it $postgres_podname -n $namespace -- bash -c 'rm -rf /tmp/pg_dump_backup.sqlc'