Install CDP for DB2 on IBM PureData System for Transaction

CDp for DB2 can be installed and configured in IBM PureData System for Transactions, a clustered environment. CDP must be installed on the each node of the cluster. One node requires the full installation; all other nodes in the cluster require the files only installation using the install_files option.

Prerequisites

• Download and extract the CDP for DB2 software

• Check version compatibility

• Enabling SSL on each node

• Set the PATH variable on each node

• Set the VWSPATH Variable on each node

• Check the page size requirements

• Check the Shell

• Create the “ingrian” user

• Change permissions for the lib/ext folder” on each node

Steps

1. Create the ingrian user on IBM DB2 pureData console.

   1. Log on to IBM PureData System for Transactions. All existing DB2 pureScale instances are listed under DB2 pureScale Instances in the left pane.

   2. Under DB2 pureScale Instances, click the instance where the database is installed. Details of the selected instance appear on the right pane.

      

   3. Click Database >Databases.

      

   4. In the left pane, click the database containing the tables to be encrypted.

      

   5. Click Manage in the top right corner. The Operations screen of the DB2 pureScale Instance Console appears in a separate window, as shown below.

      

   6. Click Operations > Users to open the Create a User dialog box and enter the following details:

      

      Field	Description
      User Name	Name for the metadata user. The user name must be ingrian.
      Account Type	Read-only (Local).
      Password	Password for the user.
      User group(s)	Group to which the user belongs. Assign the g_sysadm group to the ingrian user.
      Password-based SSH access	Whether allowed or denied.

   7. Click OK. The user is created.

      

      Make sure that the ingrian user has the following permissions on the database tables to be encrypted:

      Note

      • DBADM

      • CREATETABBINDADD

      • CONNECT

      • CREATE_NOT_FENCED_ROUTINE

      • IMPLICIT_SCHEMA, LOAD

      • CREATE_EXTERNAL_ROUTINE

      • QUIESCE_CONNECT

      • SECADM

2. Grant root access and change permissions for the "lib/ext" folder.

   1. Generate a public/private RSA key pair using any key generation tool.

   2. Copy the content of the public key.

   3. Click Operations on DB2 pureScale Instance Console.

   4. Expand (click the + sign) Add or update the SSH public key.

   5. Paste the copied public key content in the Public key field.

   6. Click Submit. Clicking the Submit button creates and registers the public key on all the nodes, as shown below.

      

   7. Perform the following steps for each node:

      1. As virtuser, run the ssh -i command from the directory containing RSA key pair file. For example: #ssh -i /home/ipas/xdmdb1 virtuser@node1.test.com

      2. Set the PATH variable. For example, execute: export PATH=$PATH:/usr/bin /usr/local/bin

      3. Execute the sudo bash command.

      4. Change permissions for the <VWSPATH>/java/jdk64/jre/lib/ext folder. Execute the following command: chmod 757 /home/db2inst1/sqllib/java/jdk64/jre/lib/ext

         Sample output:

         

3. Perform full installation on one node using the steps mentioned in Quick Start the section. This step installs CDP files, loads associated Java files, and creates metadata tables, stored procedures, and UDFs.

4. Perform files only installation on the other nodes. Run the following command to perform files only installation on all other nodes.

           sh install.sh install_files
   

   Respond to all installer prompts and wait for the installer to complete before performing installations on other nodes. This step installs shared libraries required for CDP on nodes other than the node where full CDP installation is done.

5. Configure the CDP_DB2.properties file on each node.

Upgrade CDP on IBM PureData System for Transactions

To upgrade CDP on IBM PureData, use any of the following options:

Upgrade full CDP installation on one node

This option allows you to perform full upgrade on one node using the following command. Refer to the Upgrade CDP section for detailed instructions.

        sh install.sh upgrade_db <destination_db>

Respond to all installer prompts and wait for the installer to complete before performing upgrading on other nodes.

Upgrade “files only” installation on all other nodes

Run the following command to perform “files only” upgrade on all other nodes in the cluster.

        sh install.sh upgrade_files

Respond to all installer prompts and wait for the installer to complete before performing installations on other nodes.

Uninstall CDP from IBM PureData System for Transactions

To completely uninstall CDP from IBM PureData:

Uninstall full CDP installation from one node

On the node where full CDP installation exists, execute:

        sh install.sh uninstall_db <destination_db>

Respond to all installer prompts and wait for the installer to complete before performing uninstallation on other nodes.

Uninstall “files only” installation from all other nodes

Run the following command to perform “files only” uninstallation on all other nodes in the cluster:

        sh install.sh uninstall_files

Ensure to complete the uninstallation on one node before proceeding to the other nodes.