System Requirements
For more information about Tenable Enclave Security system requirements, see System Requirements in the Tenable Enclave Security user guide.
This page describes the following system requirements:
Requirements for Container Security Services
| Service Name |
# of Assets Managed by Container Security |
CPU per pod | Memory per pod |
|---|---|---|---|
| tes-consec-ui |
1 to 25,000 images |
2 cores |
2 GiB |
| tes-consec-api | 1 to 25,000 images |
2 cores |
3 GiB |
| tes-consec-tvdl | 1 to 25,000 images |
2 cores |
10 GiB |
| tes-consec-policy | 1 to 25,000 images |
2 cores |
2 GiB |
| tes-consec-scan | 1 to 25,000 images |
2 cores |
5 GiB |
| tes-exposure-response | 1 to 25,000 images |
2 cores |
2 GiB |
| tes-platform-ui | 1 to 25,000 images |
2 cores |
4 GiB |
Database Changes in Container Security 1.6
Beginning in version 1.6, Container Security uses the database only and does not provision Persistent Volume Claims (PVC). When you upgrade to version 1.6, your existing data will be migrated from the PVC to the database.
The following are considerations for upgrading to Container Security 1.6:
-
If the migration succeeds, the existing PVC will be deleted after 30 days.
-
If the migration fails, the PVC will be deleted after 60 days. The data on the PVC will be recreated in the database when you run your first full scan after upgrading.
-
There is no impact to Container Security features if the migration fails. The first full scan may run slower.
-
Container Security 1.6 does not support database restore from database backups of previous Container Security versions.
Note: Tenable does not recommend doing a helm rollback to a previous Container Security release after upgrading to version 1.6. This can cause data drift, as previous versions use PVCs for scan data storage.
Self-Hosted Database Requirements
A self-hosted database is a database that you install and manage on your physical server or virtual machine. For example, PostgreSQL on a local server.
Requirements for Container Security self-hosted database
|
# of Assets Managed by Container Security |
CPU | Memory |
Disk Space |
|---|---|---|---|
|
1 to 1,000 images |
2000 m | 16 GiB | 10 GB |
|
1,001 to 5,000 images |
4000 m | 32 GiB | 15 GB |
|
5,001 to 25,000 images |
8000 m | 64 GiB | 20 GB |
A cloud database is a database service that is hosted and managed on a cloud platform. For example, AWS, Azure, or GCloud.
Requirements for Container Security database in AWS
|
# of Assets Managed by Container Security |
Managed DB Instance Type | Compute Instance Type (Self-Managed) | CPU Cores | Memory |
Storage |
|---|---|---|---|---|---|
|
1 to 1,000 images |
db.m6g.xlarge |
db.m6g.xlarge |
4 |
16 GiB |
10 GB |
|
1,001 to 5,000 images |
db.m6g.2xlarge |
m6g.2xlarge |
8 |
32 GiB |
15 GB |
|
5,001 to 25,000 images |
db.m6g.4xlarge |
m6g.4xlarge |
16 |
64 GiB |
20 GB |
Requirements for Container Security database in Azure for PostgreSQL flexible servers
|
# of Assets Managed by Container Security |
Managed DB Instance Type | Compute Instance Type (Self-Managed) |
CPU Cores |
Memory | Storage |
|---|---|---|---|---|---|
|
1 to 1,000 images |
E2s_v3/E2ds_v4 |
D4s_v3 |
4 |
16 GiB |
10 GB |
|
1,001 to 5,000 images |
E4s_v3/E4ds_v4 |
D16s_v3 |
8 |
32 GiB |
15 GB |
|
5,001 to 25,000 images |
E8s_v3/E8ds_v4 |
D32s_v3 |
16 |
64 GiB |
20 GB |
Requirements for Container Security database in GCloud
|
# of Assets Managed by Container Security |
Managed DB Instance Type | Compute Instance Type (Self-Managed) |
CPU Cores |
Memory | Storage |
|---|---|---|---|---|---|
|
1 to 1,000 images |
4 vCPU, 16GB |
t2a-standard-4 |
4 |
16 GiB |
10 GB |
|
1,001 to 5,000 images |
8 vCPU, 32GB |
t2a-standard-8 |
8 |
32 GiB |
15 GB |
|
5,001 to 25,000 images |
16 vCPU, 64GB |
t2a-standard-16 |
16 |
64 GiB |
20 GB |