1. Documentation
    2. history bug_report picture_as_pdf
×

Managing Central database

Central stores information about:

  • Activity observed in your clusters

  • Information retrieved from integrated image registries or Scanners, and

  • Red Hat Advanced Cluster Security for Kubernetes (RHACS) configuration

You can back up and restore Central database by using the roxctl CLI.

Backing up Central database by using the roxctl CLI

Backing up the Central database is critical to ensure data integrity and system reliability. Regular backups of the database, containing necessary configurations, resources, events, and certificates, protect against database failures, corruption, and accidental data loss.

You can use the roxctl CLI to take the backups by using the backup command. You require an API token or your administrator password to run this command.

On-demand backups by using an API token

You can back up the entire database of Red Hat Advanced Cluster Security for Kubernetes by using an API token.

Prerequisites

  • You must have an API token with the Admin role.

  • You must have installed the roxctl CLI.

Procedure

  1. Set the ROX_API_TOKEN and the ROX_ENDPOINT environment variables:

    $ export ROX_API_TOKEN=<api_token>
    $ export ROX_ENDPOINT=<address>:<port_number>

  2. Run the backup command:

    $ roxctl central backup (1)
    1 You can use the --output option to specify the backup file location.

    By default, the roxctl CLI saves the backup file in the directory where you run the command.

Additional resources

On-demand backups by using the administrator password

You can back up the entire database of Red Hat Advanced Cluster Security for Kubernetes by using your administrator password.

Prerequisites

  • You must have the administrator password.

  • You must have installed the roxctl CLI.

Procedure

  1. Set the ROX_ENDPOINT environment variable:

    $ export ROX_ENDPOINT=<address>:<port_number>

  2. Run the backup command:

    $ roxctl -p <admin_password> central backup

By default, the roxctl CLI saves the backup file in the directory in which you run the command. You can use the --output option to specify the backup file location.

Restoring Central database by using the roxctl CLI

You can use the roxctl CLI to restore Red Hat Advanced Cluster Security for Kubernetes by using the restore command. You require an API token or your administrator password to run this command.

Restoring by using an API token

You can restore the entire database of Red Hat Advanced Cluster Security for Kubernetes by using an API token.

Prerequisites

  • You must have a Red Hat Advanced Cluster Security for Kubernetes backup file.

  • You must have an API token with the administrator role.

  • You must have installed the roxctl CLI.

Procedure

  1. Set the ROX_API_TOKEN and the ROX_ENDPOINT environment variables:

    $ export ROX_API_TOKEN=<api_token>
    $ export ROX_ENDPOINT=<address>:<port_number>

  2. Run the restore command:

    $ roxctl central db restore <backup_file>

Restoring by using the administrator password

You can restore the entire database of Red Hat Advanced Cluster Security for Kubernetes by using your administrator password.

Prerequisites

  • You must have a Red Hat Advanced Cluster Security for Kubernetes backup file.

  • You must have the administrator password.

  • You must have installed the roxctl CLI.

Procedure

  1. Set the ROX_ENDPOINT environment variable:

    $ export ROX_ENDPOINT=<address>:<port_number>

  2. Run the restore command:

    $ roxctl -p <admin_password> central db restore <backup_file>

Resuming the restore operation

During a restore operation, if your connection is interrupted or you need to go offline, you can resume the restore operation.

  • If you do not have access to the machine running the resume operation, use the roxctl central db restore status command to check the status of an ongoing restore operation.

  • In case of connection interruptions, the roxctl CLI automatically tries to restore a task when the connection becomes available. The automatic connection retries depend on the duration specified by the timeout option.

  • Use the --timeout option to specify the time in seconds, minutes, or hours, after which the roxctl CLI stops trying to resume a restore operation. If not specified, the default timeout is 10 minutes (10m).

  • If a restore operation is stuck or if you want to cancel it, use the roxctl central db restore cancel command to cancel an ongoing restore operation.

  • If a restore operation is stuck, or you have canceled it, or it timed out, you can resume the previous restore by re-running the original command.

  • During interruptions, Red Hat Advanced Cluster Security for Kubernetes caches an ongoing restore operation for 24 hours. You can resume this operation by re-running the original restore command.

  • The --timeout option only governs client-side connection retries and does not affect the 24 hours server-side restore cache.

  • You cannot resume restore operations across restarts of the Central pod.

  • If a restore operation is interrupted, you must restart it within 24 hours and before Central restarts, otherwise Red Hat Advanced Cluster Security for Kubernetes cancels the restore operation.