Kaspersky Container Security

Creating a runtime autoprofile

We recommend that you restart the pods after autoprofiling begins so that the solution records the start of the pods in its rules. This will prevent pods from being incorrectly blocked when they restart.

Kaspersky Container Security allows creating autoprofiles at three levels:

• At the cluster level
• At the namespace level
• At the pod level

At the cluster and namespace level, you can create an autoprofile using a table with a list of clusters or namespaces, or from a graph of objects within a cluster. At the pod level, an autoprofile can only be created using the table.

To create a container runtime autoprofile using the table with a list of objects:

1. Go to Resources → Clusters.
2. Follow these steps depending on the level at which you are creating an autoprofile:
   • If you want to create an autoprofile at the cluster level, in the cluster table, select check boxes for one or more clusters.
   • If you want to create an autoprofile at the namespace level, follow these steps:
     1. Click the name of the cluster in the cluster table.
     2. On the Table tab, in the table that lists the namespaces in the cluster, use the check box to select one or more namespaces.
   • If you want to create an autoprofile at the pod level, follow these steps:
     1. Click the name of the cluster in the cluster table.
     2. Click the name of the namespace in the table of namespaces in the cluster.
     3. In the displayed sidebar, select the Pods and containers tab, and in the table of pods within the namespace, select check boxes for one or more pods.

   Make sure that the autoprofiling process is not running in the selected objects. If the process is running, the solution will not allow another autoprofiling task to start.

3. Click the Build autoprofile button above the table.

   In a cluster, you can run only one autoprofile creation task at a time. The solution will allow a new autoprofiling task only after the previous task has finished or has been stopped.

4. This opens a window; in that window, specify the duration of autoprofiling. This duration can be 1 to 1440 minutes.

   The default setting is 60 minutes.

5. Click Start.

   In the Autoprofiles column of the table of objects (clusters, namespaces, or pods), the solution displays the time remaining until the end of autoprofiling for that object or the number of autoprofiles created for the object.

To create a container runtime autoprofile from a graph:

1. Go to Resources → Clusters.
2. Follow these steps on the Graph view tab, according to the level at which you are creating an autoprofile:
   • If you want to create an autoprofile at the cluster level, left-click on the cluster icon () on a namespace graph.
   • If you want to create an autoprofile at the namespace level, follow these steps:
     1. Double-click to expand the group of namespaces within the cluster on the graph.
     2. In the namespace graph, left-click on the icon of the namespace you are interested in ().
3. In the menu that opens, select Build autoprofile.

   If the autoprofiling process is already running in the cluster, you will not be able to select Build autoprofile. If you have the appropriate rights, you can stop the creation of an autoprofile in the selected cluster by selecting Stop autoprofiling in the menu. Alternatively, wait for previously started autoprofiling task to complete. The solution allows running only one autoprofiling task at a time in a cluster.

4. This opens a window; in that window, specify the duration of autoprofiling. This duration can be 1 to 1440 minutes.

   The default setting is 60 minutes.

5. Click Start.

The created runtime autoprofiles are displayed in the Policies → Runtime policies → Autoprofiles section.