Backing up and restoring Vulnerability Advisor
By default, the Kafka and Zookeeper services, which are used by the Vulnerability Advisor (VA), are backed up to the storage class that is set during IBM Cloud Pak® for Multicloud Management installation.
Before you begin
If you want to back up to an alternative storage class, you must edit the
ibm-management-vulnerability-advisor.datapipeline.zookeeper.persistence.storageClassName parameters during IBM Cloud Pak for Multicloud Management installation.
Important: You cannot change this parameter after installation is complete.
Backing up VA
You do not need to back up the VA. VA serves as a pipeline for data from Kafka and Zookeeper. Data that is lost from the Kafka and Zookeeper services is restored automatically when the services are restarted.
If the administrator finds that the data in the security reports is not correct, or did not get updated, the administrator can restart the pods. Restarting the pods forces the pods to refresh the data.
For example, the administrator can list the VA pods, then restart them:
List the VA pods by entering the following command:
# oc get po -n management-security-services
The command results in the following output:
NAME READY STATUS RESTARTS AGE ibm-vulnerability-advisor-operator-58f8ff5757-j5nrz 1/1 Running 0 2d23h vulnerability-advisor-compliance-annotator-6859bf499b-jqj44 1/1 Running 2 6d vulnerability-advisor-compliance-indexer-6cbc5d8bdf-f2mwc 1/1 Running 1 5d23h vulnerability-advisor-config-parser-84ffd4dc45-xfhgp 1/1 Running 1 6d vulnerability-advisor-kafka-0 1/1 Running 0 6d vulnerability-advisor-live-crawler-2zb8c 1/1 Running 0 2d9h vulnerability-advisor-live-crawler-h4z5t 1/1 Running 0 2d9h vulnerability-advisor-live-crawler-h5s6c 1/1 Running 0 2d9h vulnerability-advisor-live-crawler-kl7w7 1/1 Running 0 2d9h vulnerability-advisor-live-crawler-xhk9h 1/1 Running 0 2d9h vulnerability-advisor-password-annotator-6449bd7494-2rxdx 1/1 Running 1 6d vulnerability-advisor-registry-crawler-69bf56f6bc-5n7wr 1/1 Running 0 3h16m vulnerability-advisor-rootkit-annotator-c59bbbfc8-k9fdl 1/1 Running 0 6d vulnerability-advisor-rootkit-indexer-774d944d44-krsbt 1/1 Running 2 5d23h vulnerability-advisor-sas-apiserver-748477457-hhk7s 4/4 Running 1 6d vulnerability-advisor-secconfig-annotator-6fcc6d84df-86658 1/1 Running 1 6d vulnerability-advisor-secconfig-indexer-567d558fd5-x4ng2 1/1 Running 2 5d23h vulnerability-advisor-statsd-f8999d9bb-mhzr9 1/1 Running 0 6d vulnerability-advisor-usncrawler-risk-feed-96szf 0/1 Completed 1 5d23h vulnerability-advisor-va-policy-controller-7f95d5f488-7s228 1/1 Running 0 6d vulnerability-advisor-vulnerability-annotator-969759dd9-csllz 2/2 Running 1 5d23h vulnerability-advisor-vulnerability-indexer-8b68cc78b-vnf9h 1/1 Running 1 5d23h vulnerability-advisor-zookeeper-0 1/1 Running 0 6d
Restart the pods by entering the following command:
oc delete po vulnerability-advisor-zookeeper-0 vulnerability-advisor-kafka-0 -n management-security-services
After a couple of minutes, the pods will restart and the Kafka and Zookeeper data is restored.