Chapter 2. Restoring Central database by using the roxctl CLI
You can use the roxctl
CLI to restore Red Hat Advanced Cluster Security for Kubernetes (RHACS) by using the restore
command. This command requires an API token or your administrator password.
2.1. Restoring by using an API token
You can restore the entire database of RHACS by using an API token.
Prerequisites
- You have a RHACS backup file.
- You have an API token with the administrator role.
-
You have installed the
roxctl
CLI.
Procedure
Set the
ROX_API_TOKEN
and theROX_ENDPOINT
environment variables by running the following commands:$ export ROX_API_TOKEN=<api_token>
$ export ROX_ENDPOINT=<address>:<port_number>
Restore the Central database by running the following command:
$ roxctl central db restore <backup_file> 1
- 1
- For
<backup_file>
, specify the name of the backup file that you want to restore.
2.2. Restoring by using the administrator password
You can restore the entire database of RHACS by using your administrator password.
Prerequisites
- You have a RHACS backup file.
- You have the administrator password.
-
You have installed the
roxctl
CLI.
Procedure
Set the
ROX_ENDPOINT
environment variable by running the following command:$ export ROX_ENDPOINT=<address>:<port_number>
Restore the Central database by running the following command:
$ roxctl -p <admin_password> \1 central db restore <backup_file> 2
2.3. Resuming the restore operation
If your connection is interrupted during a restore operation or you need to go offline, you can resume the restore operation.
-
If you do not have access to the machine running the resume operation, you can use the
roxctl central db restore status
command to check the status of an ongoing restore operation. -
If the connection is interrupted, the
roxctl
CLI automatically attempts to restore a task as soon as the connection is available again. The automatic connection retries depend on the duration specified by thetimeout
option. -
Use the
--timeout
option to specify the time in seconds, minutes or hours after which theroxctl
CLI stops trying to resume a restore operation. If the option is not specified, the default timeout is 10 minutes. -
If a restore operation gets stuck or you want to cancel it, use the
roxctl central db restore cancel
command to cancel a running restore operation. - If a restore operation is stuck, you have canceled it, or the time has expired, you can resume the previous restore by running the original command again.
- During interruptions, RHACS caches an ongoing restore operation for 24 hours. You can resume this operation by executing the original restore command again.
-
The
--timeout
option only controls the client-side connection retries and has no effect on the server-side restore cache of 24 hours. - You cannot resume restores across Central pod restarts.
- If a restore operation is interrupted, you must restart it within 24 hours and before restarting Central, otherwise RHACS cancels the restore operation.