Uploaded image for project: 'Red Hat Advanced Cluster Security'
  1. Red Hat Advanced Cluster Security
  2. ROX-30840

Support Bring-Your-Own-Database (BYODB) for Scanner

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • None
    • None
    • Quality / Stability / Reliability
    • M
    • False
    • Hide

      None

      Show
      None
    • False
    • ROX-30042RHACS Enhanced Reliability and Scalability with HA/DR considerations
    • Not Selected
    • 100% To Do, 0% In Progress, 0% Done
    • Yes

      Goal Summary:

      Customers would like to have the ability to Bring their own Database instead of using the default ScannerDB we provide. This helps them leverage their existing investment and have standardized procedures for backup and restore. 

      ACS already supports this functionality for Central. We would like to extend it for Scanner. 

      Goals and expected user outcomes:

      • Customers can configure Scanner to use an external PostgreSQL DB.
      • Customers can apply their own enterprise backup and restore processes.
      • ACS ensures Scanner surfaces DB availability issues clearly and resumes operation when DB connectivity is restored.
      • Support policy and experience remain consistent across Central and Scanner.

       

      Acceptance Criteria:

      1. Database Configuration
        • Scanner supports configuration via Helm values or Operator CR to connect to an external PostgreSQL database.
        • Host, port, database name, and credentials (via Kubernetes secrets) are configurable.
        • Scanner validates DB connectivity on startup.
      1. Database Schema Management
        • Scanner automatically initializes schema on a fresh external DB.
        • Schema migrations are applied during upgrades.
        • Version checks ensure Scanner and DB schema remain compatible.
      1. Availability & Error Handling
        • Scanner surfaces DB connectivity issues through logs and service health indicators.
        • Scanner resumes normal operation once DB connectivity is restored.
        • No continuous or direct DB health monitoring beyond Scanner’s own error handling.
      1. Backup/Recovery Considerations
        • Backup and recovery of the external DB remain the responsibility of the customer.
        • Scanner services continue to function normally once the external DB is restored and available.
        • Red Hat will provide guidance on expected Scanner behavior during DB restore operations, but not DB tooling.

      Success Criteria or KPIs measured:

      • Percentage of Scanner deployments configured with BYODB.
      • Customer adoption of BYODB across Central and Scanner.
      • Positive support outcomes (fewer cases on DB availability/backup issues).

      Use Cases (Optional):

      Customer configures their own PostGresDB for Scanner on fresh install

      Customer does back of the DB and Central funtions without issues. 

      Customer has instructions on how to manage Central during and post restore operation 

       

      Support policy for Central and Scanner BYODB will be same:

      Red Hat supports Scanner’s integration with the external DB.

      Customer is responsible for DB availability, performance, HA, and backup/restore.

      Supported PostgreSQL versions and compatibility will be documented.

       

      Out of Scope (Optional):

      High-level list of items that are out of scope. Initial completion during Refinement status.

       

              atelang@redhat.com Anjali Telang
              atelang@redhat.com Anjali Telang
              Kyle Lape, Van Wilson
              Shubha Badve Shubha Badve
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

                Created:
                Updated: