Back up and Restore Tenable Security Center in Kubernetes

These steps describe how to back up and restore an existing Tenable Security Center deployment in Kubernetes.

Note: If your backup file is larger than 1 TB, contact Tenable Professional Services for assistance.

Back up a Tenable Security Center in Kubernetes deployment

  1. Log in to the Kubernetes runtime container with the following command:

    Copy 
    kubectl exec -it tenable-security-center-0 -n tenable -- /bin/sh

  2. Stop Tenable Security Center and all running processes:

    1. Stop Tenable Security Center with the following command:

      Copy 
      /scbase/SC.sh stop

    2. In the CLI in Tenable Security Center, run the following command to view all running processes:

      Copy 
      ps -fu tns

    3. If any processes are listed, run the following commands to stop them:

      Copy 
      killall -u tns
      Copy 
      killall httpd

      Note: These commands stop all jobs (including scans) running on Tenable Security Center.

    4. If necessary, repeat step c to confirm all processes are stopped.

  3. Create a backup .tar file using the following command:

    Copy 
    cd /opt
    tar -Ppzcf /opt/sc_backup.tar.gz /opt/sc

    Note: The.tar file switches are case-sensitive.

    Tenable Security Center creates the sc_backup.tar.gz backup file in the /opt/sc directory.

  4. Copy the backup file with the following command, where /backup/directory is the local path for the backup file:

    Copy 
    kubectl exec -n tenable -c sc-runtime-container tenable-security-center-0 -- tar cf - /opt/sc_backup.tar.gz | tar xf - -C /backup/directory

    Note: Ensure your local directory has enough space for the backup file.

    Tenable Security Center is backed up to your local directory.

  5. Remove the backup file from the opt directory with the following command:

    Copy 
    rm /opt/sc_backup.tar.gz

  6. Restart Tenable Security Center with the following command:

    Copy 
    /scbase/SC.sh restart

    Tenable Security Center is ready to use again.

Restore Tenable Security Center in Kubernetes from a backup file

  1. Uninstall the Helm Charts for your Tenable Security Center in Kubernetes deployment using the following command:

    Copy 
    helm uninstall securitycenter

  2. Perform a fresh install of Tenable Security Center in Kubernetes using the steps in Install Tenable Security Center in Kubernetes.

    Note: Ensure you install the same version of Tenable Security Center as the version in your backup file.

  3. Log in to the Kubernetes runtime container with the following command:

    Copy 
    kubectl exec -it tenable-security-center-0 -n tenable -- /bin/sh

  4. Stop Tenable Security Center and all running processes:

    1. Stop Tenable Security Center with the following command:

      Copy 
      /scbase/SC.sh stop

    2. In the CLI in Tenable Security Center, run the following command to view all running processes:

      Copy 
      ps -fu tns

    3. If any processes are listed, run the following commands to stop them:

      Copy 
      killall -u tns
      Copy 
      killall httpd

      Note: These commands stop all jobs (including scans) running on Tenable Security Center.

    4. If necessary, repeat step c to confirm all processes are stopped.

  5. Copy the backup file to the container with the following command:

    Copy 
    tar cf - sc_backup.tar.gz | kubectl exec -i -n tenable -c sc-runtime-container tenable-security-center-0 -- tar xf - -C /opt

  6. Restore Tenable Security Center from the backup file with the following command:

    Copy 
    tar -Pxvf /opt/sc_backup.tar.gz

  7. Remove the backup file from the opt directory with the following command:

    Copy 
    rm /opt/sc_backup.tar.gz

  8. Start Tenable Security Center with the following command:

    Copy 
    /scbase/SC.sh start

    The Tenable Security Center in Kubernetes deployment is restored from the backup file.