Only Certificate Manager installations migrated from older versions support an internal database—that is, a database running on the same host as the application. See below for switching from an internal database to an external one.
Run the steps below in the same version of Certificate Manager that will use the database.
Exporting the database contents
On any Cryptographic Security Platform installation node, open an SSH session and set the following environment variables.
Variable | Value |
---|---|
KUBECTL |
|
NAMESPACE |
|
POSTGRES_DB |
|
POSTGRES_PWD | The value of the Database User Password configuration parameter described in Configuring and deploying Certificate Manager. |
POSTGRES_USER | The value of the Database User Name configuration parameter described in Configuring and deploying Certificate Manager. |
Run the following commands
now=$(date +
"%m_%d_%Y"
)
$KUBECTL exec deployment/postgres -n
"$NAMESPACE"
-- bash -c
"export PGPASSWORD=$POSTGRES_PWD; pg_dump -d $POSTGRES_DB -U $POSTGRES_USER"
>
"db-backup-$now.sql"
Restoring the database contents
Perform the following steps on an external host to restore the database contents.
To restore the database contents on an external host
- Install the PostgreSQL version described in Database requirements.
- Copy the
db-backup-<date>.sql
backup file generated when Exporting the database contents. - Set the following environment variables to the values described in Exporting the database contents.
- POSTGRES_DB
- POSTGRES_PWD
- POSTGRES_USER
- Run the following command.
export PGPASSWORD=$POSTGRES_PWD; psql -d $POSTGRES_DB -U $POSTGRES_USER -f db-backup-<date>.sql
Applying the database changes to Certificate Manager
Complete database migration by performing the following operations on Cryptographic Security Platform.
To apply the database changes to Certificate Manager
- Log in to the Management Console.
- Update the database configuration parameters described in Configuring and deploying Certificate Manager to match the new external database.
- Redeploy Certificate Manager to make the changes effective.
- Wait while the redeployment with the external database is complete.
- Open an SSH session as an administrator.
- Manually remove the PostgreSQL pod.