đź“– Part 1. Peform a backup

Before we can begin protecting our apps, we need to define a location for Kasten to export backup off of the cluster and primary storage.

  1. Under Policies, click run once on the policy you created in lab 2, entitled pacman-backup

    Run Once

  2. When prompted, leave the “Snapshot Expiration (Optional)” field blank and select, Yes, Continue

    Run Once Continue

  3. Click < Dashboard in the upper-left corner to monitor the action on the main dashboard

    Running Action

  4. Click on the running action to monitor its detailed status

    Action Details

  5. After a few minutes, all steps of the action should run successfully

    Action Completed

Part 2. Simulated Attack

  1. Return to the Pacman tab in your browser and click “View Highscore List” or if the game is playing, hit the space bar and click High Score

    Leaderboard

  2. From the bastion host, drop the pacman database from MongoDB that holds your highscore:

     export MONGODB_ROOT_PASSWORD=$(oc get secret -n pacman pacman-mongodb -o jsonpath="{.data.mongodb-root-password}" | base64 --decode)
 oc exec -it deploy/pacman-mongodb -n pacman -- mongosh pacman --authenticationDatabase admin -u root -p $MONGODB_ROOT_PASSWORD --eval 'db.dropDatabase();'

    This command is simulating a data compromise event, which could be something as innocent as an administrator accidentally dropping a table or database, or as nefarious as a ransomware attack

  3. Return to the Pacman tab in your browser and refresh the page. Click High Score. !!OH NO YOUR HIGH SCORE IS GONE!!

    no high scores

Part 3. Recover Our Score

  1. No fear, let’s restore our backup. Click on the Kasten tab in your browser and return to the main dashboard by clicking on < Dashboard

  2. Click Compliant in the Applications modal.

    Compliant

  3. Click Restore on the Pacman application to restore from backup

    Restore

  4. Click the most recent backup.

    There are two options from which to restore. The blue box is the local cluster backup, whereas the green box with the title “Exported” is the exported backup which is stored on our S3 object storage.

    In the event of an accidental deletion, restoring from local cluster backup is sufficient, but if we were facing the result of a ransomware attack we would likely want to restore from the S3 bucket. For the purposes of this lab, we’ll just the local cluster backup since restore time will be slightly faster

    Click Today, #:## in the blue box to restore from the local cluster snapshot

    Restore Today

  5. Scroll down and click Deselect All Artifacts then click the tick box next to the pacman-mongodb item under the Snapshot (1) section

    Restore Volume

  6. Click Restore.

  7. Click Restore when prompted.

  8. Return to the Dashboard by clicking on the < Dashboard link in the upper left corner

  9. Click on the running Restore Action to monitor the action

  10. After a minute or two all phases should complete successfully

    Restore Completed

  11. Return to the pacman tab and refresh the tab. Click High Score. Our high score is back! REJOICE!

    Leaderboard

Part 4. Takeaways

  • Kasten automatically interrogates and detects namespaces on the cluster
  • Backup jobs are configured on a per-namespace basis and can be configured quickly
  • We can easily monitor actions via the Kasten UI
  • We have granular control on how we restore from backup, including whether from on-cluster or exported storage
  • We have granular control over which components we wish to recover and/or overwrite
Continue to LAB 4