Db2 On Kubernetes
Db2 On Kubernetes
Db2 On Kubernetes
THE INFORMATION CONTAINED IN THIS PRESENTATION IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY. WHILE EFFORTS WERE MADE TO
VERIFY THE COMPLETENESS AND ACCURACY OF THE INFORMATION CONTAINED IN THIS PRESENTATION, IT IS PROVIDED “AS IS” WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. IN ADDITION, THIS INFORMATION IS BASED ON CURRENT THINKING REGARDING TRENDS AND
DIRECTIONS, WHICH ARE SUBJECT TO CHANGE BY IBM WITHOUT NOTICE. FUNCTION DESCRIBED HEREIN MY NEVER BE DELIVERED BY IBM. IBM
SHALL NOT BE RESPONSIBLE FOR ANY DAMAGES ARISING OUT OF THE USE OF, OR OTHERWISE RELATED TO, THIS PRESENTATION OR ANY
OTHER DOCUMENTATION. NOTHING CONTAINED IN THIS PRESENTATION IS INTENDED TO, NOR SHALL HAVE THE EFFECT OF, CREATING ANY
WARRANTIES OR REPRESENTATIONS FROM IBM (OR ITS SUPPLIERS OR LICENSORS), OR ALTERING THE TERMS AND CONDITIONS OF ANY
AGREEMENT OR LICENSE GOVERNING THE USE OF IBM PRODUCTS AND/OR SOFTWARE.
IBM, the IBM logo, ibm.com and Db2 are trademarks or registered trademarks of International Business Machines Corporation in the United States, other
countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™),
these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also
be registered or common law trademarks in other countries. A current list of IBM trademarks is available on the Web at “Copyright and trademark
information” at www.ibm.com/legal/copytrade.shtml
2 IBM Cloud 2
Agenda
3 IBM Cloud
Micro Services &
Containers
4 IBM Cloud
Technology by itself is not the business disruptor.
Failing to be customer centric is the biggest business threat.
Netflix did not kill Blockbuster… ridiculous late fees and rewind fees did.
Uber did not kill the taxi business… limited access and fare control did.
Apple did not kill the music industry… being forced to buy full length albums did.
Airbnb isn’t killing the hotel industry… limited availability and pricing options are.
5 IBM Cloud
Multi-cloud is being driven by cloud native architectures
Microservices and containers are changing IT
Public
with Virtual
Private
Cloud
Microservice
Microservices benefits *
UI UI
• Improves fault isolation:
Data Larger applications can remain largely
Business
Logic
Access Microservice unaffected by the failure of a single
Layer
module
• Eliminates long-term commitment to
Microservice a single technology stack:
Try out a new technology stack on an
individual service and roll it back if
Microservice Microservice Microservice required
• Easier development:
DB
DB DB DB A new developer can more easily
understand the functionality of a service
Monolithic Microservices
Architecture Architecture • Easier deployment:
Auto provision, auto scale and provide
auto-redundancy
* This is not a claim that a microservice-based application approach is always better for every use case scenario
7 IBM Cloud
Containers – the second key to cloud native applications
Reducing operational and development costs
✓ Containers virtual software in the way that virtual machines have virtualized hardware
8 IBM Cloud
Container automation and orchestration is essential
Enter: Kubernetes
9 IBM Cloud
Private Clouds address the new IT reality
Created by digital transformation
Perception of cost
Waterfall Monolithic Bare metal On-Premises
Time to value
Hypervisor
Infrastructure
Container Engine
Operating System
Infrastructure
10 IBM Cloud
Public Cloud + Private Cloud = Hybrid Cloud *
Different cloud options
On-Premises Hosted Private
Public Cloud Hybrid Cloud
Private Cloud Cloud
Hardware Shared between
Deployment and Vendor Customer Vendor vendor and
Management customer
Partially shared
Hardware Sharing
Shared Dedicated Dedicated and partially
Model
dedicated
Customization
No Yes Depends on vendor Partial
Capabilities
Enhanced Security
No Yes Yes Yes
and Compliance
Instant
Yes Yes Yes Yes
Provisioning
* A “Hybrid Cloud” is a highly orchestrated environment, where all sources act as one
A “Multi-cloud” environment simply refers to the use of multiple cloud sources of any kind, without necessarily being orchestrated
11 IBM Cloud
Why care about Private Clouds?
Adoption brings agility and efficiency
Data Center
Cost Efficient & Scalable 50% Benefit
System Utilization & Server Reduction
Infrastructure
Manage Performance
Build, package & deploy applications in 75% Benefit
Elasticity, Bursting, High Availability
containers; run at scale with Kubernetes
DevOps
35% Benefit
Faster Deployments
Accelerate Time to Market
Deployment Efficiency
30% Benefit
Refactor applications into microservices Containers & Microservices
& modernize monolithic applications
Improved Security
50% Benefit
Management & Risk Reduction
Manage Data at Scale
3-Year $5.4 Million Cost Savings; 255% ROI
Access, govern, & analyze your data at Business Value Assessment Customer Output:
scale; accelerate your journey to AI Standard On-Premises vs IBM Cloud Private
12 IBM Cloud
Private Cloud Platform Market Leaders
OpenShift and IBM Cloud Private
13 IBM Cloud
Kubernetes Basics
14 IBM Cloud
Kubernetes Basics
▪ Kubernetes Overview ▪ Kubernetes Storage
− Open Source Project − Volume types
− Features − Persistent volumes
− Architecture − Persistent volume claims
▪ Kubernetes Workloads ▪ Kubernetes Security
− Pods and YAML − Secrets
− Controllers ▪ IBM Cloud Private Catalog
▪ Kubernetes Networking − Helm Charts
− Services − Helm CLI
15 IBM Cloud
Kubernetes – Open Source Project
▪ Greek work for “Helmsman”
▪ It’s Open Source - https://github.com/kubernetes/kubernetes
▪ It’s a graduated project of Cloud Native Computing Foundation https://cncf.io
▪ Popularly known as “Container Orchestrator”
▪ It is a modern “Cluster Manager” for automating deployment, scaling and management
of containerized applications.
16 IBM Cloud
Kubernetes – Features (1)
▪ Automatic binpacking
− Automatically places containers on nodes. Mix critical and best-effort workloads in order to
drive up utilization.
▪ Horizontal scaling
− Scale application up or down with a simple command, with a UI or automatically based on CPU
usage
▪ Automated rollouts and rollbacks
− Kubernetes progressively rolls out changes to the application or its configuration, while
monitoring application health to ensure that it doesn’t kill all instances at the same time.
▪ Storage orchestration
− Automatically mount the storage system of your choice whether from local, public or SAN such
as iSCSI, Gluster, Ceph, Cinder, Flocker, NFS or IBM Spectrum Scale.
17 IBM Cloud
Kubernetes – Features (2)
▪ Self-healing
− Restart containers that fail, replace and reschedules containers when nodes die, kill
containers that do not respond to user defined health checks
▪ Service discovery and load balancing
− No need to modify the application to use an unfamiliar service discovery mechanism.
Kubernetes gives containers their own IP addresses and a single DNS name for a set of
containers
▪ Secret and configuration management
− Deploy and update secrets and application configuration without rebuilding your image and
without exposing secrets in your stack configuration
▪ Batch Execution
− In addition to services, Kubernetes can manage your batch and CI workloads, replacing
containers that fail, if desired.
18 IBM Cloud
Kubernetes Architecture
Command
Web UI
Line
Kubernetes Cluster
Image Registry
Container - Master Node
1
Container - Distributed etcd
2
Container - Scheduler Controller key-value datastore
3
Container -
4
Container -
5
Container -
API Server
6
Container -
7 Kubelet Kubelet Kubelet
Container -
8
Container - Worker Node Worker Node Worker Node
n
19 IBM Cloud
Kubernetes Workloads
Pod – the basic building block for Kubernetes
▪ Smallest and simplest unit in Kubernetes object model
▪ Pod encapsulates an application container (or multiple containers), storage resources, a
unique network IP, and options that govern how the container should run
▪ Pod is a unit of deployment
▪ Pod runs one or more containers as a unit
▪ Docker is the container runtime used in IBM Cloud Private
▪ One-container-per-pod model is most common use case
▪ Kubernetes manages the pod rather than containers directly
▪ Pods can run multiple containers that need to work together and to
share resources
▪ Pods are designed as relatively ephemeral, disposable entities
▪ Pods do not self-heal by themselves – a higher level abstraction
does this
20 IBM Cloud
Kubernetes Configurations
Create YAML for creating resources on Kubernetes
▪ YAML – Yet Another Markup Language or YAML Ain’t Markup Language
▪ Types of structures required in Kubernetes
− Maps
− Lists
▪ YAML Maps - let you associate name value pair. For example:
---
apiVersion: v1
kind: pod
▪ YAML Maps – Create a key that maps to another map
---
apiVersion: v1
kind: pod
metadata:
name: db2
labels:
21
app: db2
IBM Cloud
Kubernetes Configurations – Create YAML (continued)
▪ YAML Lists are literally a sequence of objects. Members in the list can also be maps.
---
apiVersion: v1
A YAML manifest has four components
kind: pod
metadata:
to define a Kubernetes resource:
name: db2 • apiVersion
labels: • kind
app: db2 • metadata
spec: • spec
containers:
- name: front-end
image: nginx
ports:
- containerPort: 80
- name: db2-oltp
image: store/ibmcorp/db2_developer_c:11.1.4.4
ports:
- containerPort: 50000
22 IBM Cloud
Kubernetes Workloads – Create a Pod
▪ Create a nginx pod – icp01.yaml
---
# Simple yaml file to create an nginx pod
apiVersion: v1
kind: Pod ▪ Create the pod
metadata:
name: nginx $ kubectl apply -f icp01.yaml
labels: pod/nginx created
app: nginx
spec:
▪ Check pod status
containers:
- name: nginx $ kubectl get pods
image: nginx:1.7.9 NAME READY STATUS RESTARTS AGE
ports: nginx 1/1 Running 0 13s
- containerPort: 80
23 IBM Cloud
Kubernetes Workloads - Controllers
Controllers can create and manage pods for you.
▪ ReplicaSet ▪ DaemonSets
− A ReplicaSet ensures that a specified number − A DaemonSet ensures that nodes (all or some)
of pod replicas are running at any given time. run a copy of pod. As nodes are added, pods
are added to them.
▪ Deployments
− Example: Cluster storage daemon such as
− Deployment is a higher-level concept that
glusterd, ceph, logs collection on each node
manages ReplicaSets and provides
declarative updates to pods. ▪ Jobs, CronJobs
− Example: Create a deployment to rollout a − A job creates one or more pods and ensures
ReplicaSet that a specified number of them successfully
terminate
▪ StatefulSets
− StatefulSets represent a set of pods with
unique, persistent identities and stable
hostnames that are maintained regardless
where they are scheduled
− Examples: Db2, Redis, IBM MQ
24 IBM Cloud
Kubernetes Network - Services
▪ Without services, Pods are not visible outside the cluster
▪ To enable communication from outside world to the Pods, services are created.
▪ Internal Service Endpoints – Available inside the cluster only
▪ External Service Endpoints - DNS names, C-Names or A-records available to access
pods.
▪ With the help of labels and selectors, the services are tied to the pods
▪ Service Types
− ClusterIP – Service is reachable only from inside of the cluster
− NodePort – Service is reachable through NodeIP:NodePort
− LoadBalancer – Service is reachable through an external load balancer mapped to
NodeIP:NodePort address
25 IBM Cloud
Kubernetes Storage – Volume types
▪ Host-based ▪ Distributed File System
− EmptyDir − IBM Spectrum Scale
− HostPath − NFS
▪ Block Storage − Ceph
− IBM Block Storage − GlusterFS
− Amazon EBS − Amazon EFS
− GCE Persistent Disk − Azure File System
− vSphere Volumes ▪ Other
− Flocker
− iSCSI
− Git Repository
− Quobyte
26 IBM Cloud
Kubernetes Storage – Persistence in Pods
▪ Pods are ephemeral and stateless.
▪ Applications need persistent storage.
▪ Volumes is a way to get persistence to a Pod.
▪ Kubernetes volumes are similar to Docker volumes, but are managed differently.
▪ All containers in a Pod can access the volume.
▪ Volumes are associated with the lifecycle of a Pod.
▪ Directories in a host are exposed as volumes in Pod.
▪ Volumes may be based on a variety of back-end storage types.
27 IBM Cloud
Kubernetes Storage
Persistent volume and persistent volume claim
▪The Kubernetes Volume abstraction provides:
− Persistent Volume (PV) – Provisioned by an administrator
− Persistent Volume Claim (PVC) – Requested by an user and Heketi provisions
PVC – which creates a PV
− Storage Class (SC) – Storage profiles offered by admins
Block Storage / Distributed File System / IBM
Spectrum Scale
Pod 1 Pod 1
Persistent Persistent
Volume Volume
Claim
Worker Node
28 IBM Cloud
Kubernetes Secrets
Decouple container with sensitive information
▪ Secret holds sensitive information such as password, OAuth tokens and more.
▪ Secret is an abstraction to decouple sensitive data.
▪ To use a secret, Pod needs to reference the secret.
▪ Secret can be used in a Pod as files in a volume mounted on one or more
containers or used by kubelet when pulling images for the Pod.
$ kubectl -n stocktrader \
create secret generic db2 \
--from-literal=id=db2psc \
--from-literal=pwd=password \
--from-literal=host=dev-ibm-db2oltp-dev.default.svc.cluster.local \
--from-literal=port=50000 \
--from-literal=db=PSDB
29 IBM Cloud
IBM Cloud Private catalog – Helm Charts
Db2 chart
DSM chart
30 IBM Cloud
IBM Cloud Private catalog – What is a Helm Chart?
▪ Helm is the package manager in IBM Cloud Private.
▪ Tiller is the server that serves the Helm content.
▪ Helm charts help to define, install and upgrade software in an automated
fashion.
▪ Helm charts can be deployed using GUI or command line.
▪ Software packages are available from IBM Charts Repository.
▪ Available at : https://github.com/IBM/charts
▪ IBM Cloud Private catalog requires internet connectivity to show available
charts.
▪ In an air-gap environment, you can build your own Local Charts repository.
31 IBM Cloud
IBM Charts Repository
https://github.com/IBM/charts/tree/master/stable
Db2 chart
DSM chart
32 IBM Cloud
Helm command line – Helm and Tiller
▪ Helm is the client and Tiller is the server – runs on master node
$ helm version
Client: v2.7.2+icp
Error: cannot connect to Tiller
▪ Use of --tls is required to do Helm operations
$ helm version --tls
Client: v2.7.2+icp
Server: v2.7.2+icp
▪ Helm and Tiller version must be same – do not download Helm from Internet
33 IBM Cloud
Deploying Db2 on
Kubernetes
34 IBM Cloud
Db2-based Containers running on Kubernetes (Sep 2019)
Product Version #Worker #Pods #PVCs Comments
Nodes
Db2 OLTP 11.1.4.4 1 1 1
Db2 OLTP HADR 11.1.4.4 3 5 6 1x Db2 primary, 1x Db2 standby, 3x etcd for cluster
manager, addntl. PVC for HADR setup
Data Server 2.1.5 1 2 2 1x DSM, 1x Db2 repository database
Manager Includes Db2 11.1 engine
Db2 Warehouse 3.10.0 1 1 1 Includes Db2 11.1. engine
SMP
Db2 Warehouse 3.10.0 3+ 3+ 1 Includes Db2 11.1 engine
MPP Requires IBM Cloud Pak for Data
▪ Coming soon
− Red Hat OpenShift Kubernetes support
− Db2 v11.5 engine
35 IBM Cloud
IBM Cloud Private Kubernetes platform
36 IBM Cloud
Before deploying Db2 OLTP to Kubernetes a couple of steps
need to be performed
▪ Creating a new namespace (optional)
▪ Configuring a pod security policy
▪ Configuring an image pull secret
▪ Configuring the service account
37 IBM Cloud
Creating the Namespace for the Db2 OLTP containers
▪ We will create new namespace where all our Pods for Db2 OLTP, Db2 OLTP
HADR and Data Server Manager will run.
▪ Create the namespace, for example stock-trader-data
$ kubectl create namespace stock-trader-data
namespace/stock-trader-data created
▪ Switch the context to the newly created namespace
$ kubectl config set-context $(kubectl config current-context) \
--namespace=stock-trader-data
Context "mycluster-context" modified.
▪ Verify pods. There should be no pods running as we just created the namespace.
$ kubectl get pods
No resources found.
38 IBM Cloud
Configuring Pod Security Policy for Db2
$ cat pre01.yaml hostNetwork: false
apiVersion: extensions/v1beta1 hostPID: false
kind: PodSecurityPolicy hostPorts:
metadata: - max: 65535
name: db2-privileges min: 1
spec: runAsUser:
allowPrivilegeEscalation: true rule: RunAsAny
privileged: false seLinux:
allowedCapabilities: rule: RunAsAny
- SETPCAP supplementalGroups:
- MKNOD rule: RunAsAny
- AUDIT_WRITE volumes:
- CHOWN - '*'
- NET_RAW
- DAC_OVERRIDE
- FOWNER ▪ Configure the pod security policy:
- FSETID $ kubectl apply -f pre01.yaml
- KILL podsecuritypolicy.extensions/db2-privileges configured
- SETGID
- SETUID
- NET_BIND_SERVICE
▪ Verify the results
- SYS_CHROOT $ kubectl get psp
- SETFCAP db2-privileges false
- SYS_RESOURCE SETPCAP,MKNOD,AUDIT_WRITE,CHOWN,NET_RAW,DAC_OVERRIDE,FOWNER,FSETID,KILL
- IPC_OWNER ,SETGID,SETUID,NET_BIND_SERVICE,SYS_CHROOT,SETFCAP,SYS_RESOURCE,IPC_OWN
- SYS_NICE ER,SYS_NICE RunAsAny RunAsAny RunAsAny RunAsAny
fsGroup: false *
rule: RunAsAny
hostIPC: true
39 IBM Cloud
Configuring Image Pull Secret for Db2
▪ We need to create a image pull secret to give Kubernetes the credentials to pull the Db2
Developer-C and DSM images from Docker Hub
▪ The username, password and email are the credentials form Docker Hub.
▪ Note, that you need to subscribe the Db2 and DSM images in Docker Hub first.
▪ Configure the image pull secret:
$ kubectl create secret docker-registry dockerhub
--docker-username=<your dockerhub username>
--docker-password=<your dockerhub password>
--docker-email=<your dockerhub email>
--namespace=<your namespace>
secret/dockerhub created
▪ Verify the result:
$ kubectl get secrets
NAME TYPE DATA AGE
default-token-mwvpl kubernetes.io/service-account-token 3 17d
dockerhub kubernetes.io/dockerconfigjson 1 13m
40 IBM Cloud
Configuring Service Account for Db2
$ more pre04.yaml ▪ The YAML specification file that defines the cluster
--- role and the cluster role binding for the service
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
account.
metadata:
name: db2-privileges-cluster-role
rules: ▪ Configure the service account:
- apiGroups: ['extensions'] $ kubectl apply -f pre04.yaml
resources: ['podsecuritypolicies'] clusterrole.rbac.authorization.k8s.io/db2-
verbs: ['use']
privileges-cluster-role created
resourceNames:
- db2-privileges clusterrolebinding.rbac.authorization.k8s.io/db2-
--- privileges-cluster-role-binding created
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata: ▪ Verify the results
name: db2-privileges-cluster-role-binding $ kubectl get psp
roleRef: db2-privileges false
kind: ClusterRole SETPCAP,MKNOD,AUDIT_WRITE,CHOWN,NET_RAW,DAC_OVERRIDE,FOWNER,FSETID,
name: db2-privileges-cluster-role KILL,SETGID,SETUID,NET_BIND_SERVICE,SYS_CHROOT,SETFCAP,SYS_RESOURCE
apiGroup: rbac.authorization.k8s.io ,IPC_OWNER,SYS_NICE RunAsAny RunAsAny RunAsAny
subjects: RunAsAny false *
- kind: ServiceAccount
name: default
namespace: stock-trader-data
41 IBM Cloud
Helm Charts for Db2 and DSM
42 IBM Cloud
Helm install command to deploy Db2 OLTP on Kubernetes
Db2 OLTP
▪ Installing Db2 OLTP server with one database in 2 minutes. Helm chart
name
43 IBM Cloud
Let’s verify if we can connect to the MYDB database (1)
▪ Get list of running pods and verify that Db2 OLTP pod is running.
$ kubectl get pods
NAME READY STATUS RESTARTS AGE
db2-01-ibm-db2oltp-dev-0 1/1 Running 1 7h57m
44 IBM Cloud
Let’s verify if we can connect to the MYDB database (2)
▪ Login to the Db2 OLTP container and connect to MYDB Db2 database.
$ kubectl exec -it db2-01-ibm-db2oltp-dev-0 --/bin/bash
# su - db2inst1
Last login: Sun Sep 15 16:17:11 UTC 2019
$ db2 connect to MYDB
45 IBM Cloud
Cataloging the MYDB database We get the Db2 port
from the Db2 OLTP
▪ We need to catalog the MYDB database to access from Db2 client helm release service
#!/bin/bash definition.
db2 terminate
46 IBM Cloud
Kubernetes resources for Db2 OLTP
$ helm status db2-01 --tls
NAME: db2-01
LAST DEPLOYED: Sun Sep 15 08:11:14 2019 1 Secret:
NAMESPACE: stock-trader-data Db2 instance
STATUS: DEPLOYED owner / password
RESOURCES: 1 PVC (RWO) for db
==> v1/Secret
NAME TYPE DATA AGE
files, logs & config
db2-01-ibm-db2oltp-dev Opaque 1 1s
==> v1/PersistentVolumeClaim 2 Services for
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
Db2: 1x external,
db2-01-data-stor Bound vol12 20Gi RWO 1s
1x internal
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
db2-01-ibm-db2oltp-dev-db2 NodePort 10.0.0.50 <none> 50000:30463/TCP,55000:32236/TCP 1s
db2-01-ibm-db2oltp-dev ClusterIP None <none> 50000/TCP,55000/TCP,60006/TCP,60007/TCP 1s
==> v1/StatefulSet
NAME DESIRED CURRENT AGE
1 StatefulSet
db2-01-ibm-db2oltp-dev 1 1 1s
==> v1/Pod(related) DESIRED = 1
NAME READY STATUS RESTARTS AGE
db2-01-ibm-db2oltp-dev-0 0/1 Init:0/1 0 1s 1 Pod: runs
the Db2
container
47 IBM Cloud
Helm install command for deploying Db2 OLTP HADR
▪ Setting up a Db2 OLTP v11.1 HADR cluster pair in 5 minutes with 1 command
Additional parameter
hadr.enabled set to true to
indicate that we want a
HADR setup
48 IBM Cloud
Verify that Db2 HADR is working
49 IBM Cloud
Kubernetes resources for Db2 OTLP HADR
NAME: db2-02
LAST DEPLOYED: Tue Sep 17 08:24:33 2019 1 Secret: (1) 5 addntl. PVCs are being created
NAMESPACE: stock-trader-data
STATUS: DEPLOYED Db2 instance implicitly for: 2x Db2 and 3x etcd
RESOURCES: owner / password
==> v1/Secret
NAME TYPE DATA AGE 1 PVC (RWX):
db2-02-ibm-db2oltp-dev Opaque 1 1s for HADR setup (1)
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE 3 Services:
db2-02-hadr-stor Bound vol09 20Gi RWX 1s 2x Db2, 1x etcd
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
db2-02-ibm-db2oltp-dev-db2 NodePort 10.0.0.61 <none> 50000:32422/TCP,55000:32181/TCP 1s
db2-02-ibm-db2oltp-dev ClusterIP None <none> 50000/TCP,55000/TCP,60006/TCP,60007/TCP 1s
db2-02-ibm-db2oltp-dev-etcd ClusterIP None <none> 2380/TCP,2379/TCP 1s
==> v1/StatefulSet
NAME DESIRED CURRENT AGE
db2-02-ibm-db2oltp-dev 2 2 1s
2 StatefulSets:
==> v1beta2/StatefulSet Db2: DESIRED=2
db2-02-ibm-db2oltp-dev-etcd 3 0 1s etcd: DESIRED=3
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE
db2-02-ibm-db2oltp-dev-0 0/1 Pending 0 1s 5 Pods:
db2-02-ibm-db2oltp-dev-1 0/1 Pending 0 1s
db2-02-ibm-db2oltp-dev-etcd-0 0/1 ContainerCreating 0 1s 2x Db2, 3x etcd
db2-02-ibm-db2oltp-dev-etcd-1 0/1 Pending 0 1s
db2-02-ibm-db2oltp-dev-etcd-2 0/1 Pending 0 1s
50 IBM Cloud
Kubernetes Job to deploy SQL
$ cat single04.yaml restartPolicy: Never
apiVersion: batch/v1 volumes:
kind: Job - name: db2-createschema
metadata: configMap:
name: db2-01-create-database-schema name: db2-createschema
spec: defaultMode: 0744
template: backoffLimit: 1
spec: ---
containers: apiVersion: v1
- name: db2-01-create-database-schema data:
image: store/ibmcorp/db2_developer_c:11.1.4.4-x86_64 db2-setup.sh: |
command: [ "/bin/sh","-c","/scripts/db2-setup.sh" ] #!/bin/sh
volumeMounts: export SETUPDIR=/var/db2_setup
- name: db2-createschema source ${SETUPDIR?}/include/db2_constants
mountPath: /scripts source ${SETUPDIR?}/include/db2_common_functions
securityContext: if ! getent passwd ${DB2INSTANCE?} > /dev/null 2>&1; then
capabilities: echo "(*) Previous setup has not been detected. Creating... "
add: ["SYS_RESOURCE", "IPC_OWNER", "SYS_NICE"] create_users
env: fi
- name: LICENSE if ! create_instance; then
value: "accept" exit 1
- name: DB2INSTANCE fi
value: db2inst1 start_db2
- name: DB2INST1_PASSWORD cp /scripts/db2-createschema.sh /database/db2-createschema.sh
valueFrom: chmod +x /database/db2-createschema.sh
secretKeyRef: su - $DB2INSTANCE -c "/database/db2-createschema.sh
name: db2-01-ibm-db2oltp-dev \"$DB2_SERVICE_NAME\" \"$DB2INSTANCE\“
key: password \"$DB2INST1_PASSWORD\" \"$DBNAME\""
- name: DB2_SERVICE_NAME
value: db2-01-ibm-db2oltp-dev
- name: DBNAME
51 value: mydb
IBM Cloud
Kubernetes Job to deploy SQL (cont’d)
db2-createschema.sh: |
#!/bin/sh
DB2_SERVICE_NAME=$1
DB2INSTANCE=$2
DB2INST1_PASSWORD=$3
DBNAME=$4
echo "Configure schema for database \"$DBNAME\" on host \"$DB2_SERVICE_NAME\"."
db2 "catalog tcpip node DB2NODE remote $DB2_SERVICE_NAME server 50000"
db2 "catalog db $DBNAME as $DBNAME at node DB2NODE"
db2 terminate
db2 "activate database $DBNAME user $DB2INSTANCE using $DB2INST1_PASSWORD"
db2 "connect to $DBNAME user $DB2INSTANCE using $DB2INST1_PASSWORD"
sleep 2
db2 -tvmf /scripts/ps-bp-tbsp.sql
sleep 10
db2 -tvmf /scripts/ps-tables.sql
echo "Database $DBNAME has been configured."
ps-bp-tbsp.sql: |
CREATE BUFFERPOOL BP32K PAGESIZE 32K;
CREATE TABLESPACE TS32 PAGESIZE 32K BUFFERPOOL BP32K;
ps-tables.sql: |
CREATE TABLE PS_TABLE(PS_TABLE_ID INTEGER NOT NULL GENERATED ALWAYS AS IDENTITY (START WITH 100000, INCREMENT BY 5), […] IN TS32;
INSERT INTO PS_TABLE (SSN,FIRST_NAME,LAST_NAME,JOB_CODE,DEPT,SALARY,DOB) WITH TEMP1 […] ;
CREATE TABLE PS_HISTORY ( FIRSTNAME VARCHAR(20) NOT NULL, LASTNAME VARCHAR(20) NOT NULL, JOBCODE CHAR(4) NOT NULL ) IN TS32 ;
GRANT ALL ON ps_table TO PUBLIC;
GRANT ALL ON ps_history TO PUBLIC;
kind: ConfigMap
metadata:
name: db2-createschema
52 IBM Cloud
Deploying the Job to run the SQL
▪ We deploy the Kubernetes job that runs the SQL on the MYDB database
$ kubectl apply –f single04.yaml
job.batch/db2-01-create-database-schema created
configmap/db2-createschema configured
55 IBM Cloud
Deploying Data Server Manager (DSM) with the GUI (2)
56 IBM Cloud
Getting the URL of Data Server Manager
▪ We need to query Kubernetes for the URL of the DSM GUI
#!/bin/bash
export NODE_PORT=$(kubectl get --namespace stock-trader-data -o
jsonpath="{.spec
.ports[1].nodePort}" services dsm-01-ibm-dsm-dev)
export NODE_IP=$(kubectl get nodes --namespace stock-trader-data -o
jsonpath="{.
items[0].status.addresses[0].address}")
echo https://$NODE_IP:$NODE_PORT
57 IBM Cloud
Accessing Data Server Manager
58 IBM Cloud
All Db2 OLTP instances running in the
Data Server Manager Homepage same namespace as DSM will be auto-
discovered and monitored by DSM
59 IBM Cloud
DSM Kubernetes resources (1/2)
$ helm status dsm-01 --tls
LAST DEPLOYED: Mon Sep 16 12:01:02 2019
NAMESPACE: stock-trader-data
STATUS: DEPLOYED
2 RoleBindings
RESOURCES:
==> v1/RoleBinding
NAME AGE
dsm-repodb-dsm-01-repository 8m 2 Services:
dsm-stock-trader-data-dsm-01-ibm-dsm-dev 8m
dsm-dsm-01-ibm-dsm-dev 8m
1x Db2 (repodb),
1x DSM
==> v1/Service
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
dsm-01-repository NodePort 10.0.0.233 <none> 50000:32695/TCP,55000:32203/TCP 8m
dsm-01-ibm-dsm-dev NodePort 10.0.0.85 <none> 11080:32444/TCP,11081:30462/TCP 8m
==> v1beta1/Deployment
NAME DESIRED CURRENT UP-TO-DATE AVAILABLE AGE
dsm-01-repository 1 1 1 1 8m 2 Deployments
dsm-01-ibm-dsm-dev 1 1 1 1 8m
==> v1/Pod(related)
NAME READY STATUS RESTARTS AGE 2 Pods:
dsm-01-repository-76f87d47d4-dlqh4 1/1 Running 0 8m 1 Db2, 1 DSM
dsm-01-ibm-dsm-dev-b976d89bd-dflqn 2/2 Running 0 8m
60 IBM Cloud
DSM Kubernetes resources (2/2)
[…]
==> v1/Secret 2 Secrets: 1 DSM
NAME TYPE DATA AGE asmin, 1 Db2
dsm-01-repository-db2-passwd Opaque 1 8m
instance owner
dsm-01-ibm-dsm-dev-dsm-passwd Opaque 1 8m
==> v1/PersistentVolumeClaim
NAME STATUS VOLUME CAPACITY ACCESS MODES STORAGECLASS AGE
dsm-01-repository-data-stor Bound vol14 20Gi RWO 8m
dsm-01-ibm-dsm-dev-datavolume Bound vol12 20Gi RWO 8m
==> v1/ServiceAccount
NAME SECRETS AGE
dsm-repodb-dsm-01-repository 1 8m 2 PVCs: 1 DSM,
dsm-dsm-01-ibm-dsm-dev 1 8m Db2
==> v1/Role
NAME AGE
dsm-repodb-dsm-01-repository 8m 3 Roles
dsm-stock-trader-data-dsm-01-ibm-dsm-dev 8m
dsm-dsm-01-ibm-dsm-dev 8m
61 IBM Cloud
Additional Resources
62 IBM Cloud
Additional Resources – Kubernetes, Docker, Helm
▪ Kubernetes
− https://kubernetes.io/docs/tutorials/kubernetes-basics/
▪ Kubernetes in the Enterprise eBook
− ibm.biz/BdYA4i
▪ Docker
− https://docs.docker.com/get-started/
▪ Docker Hub
− https://hub.docker.com
▪ Helm
− https://helm.sh/docs/
63 IBM Cloud
Additional Resources – IBM Cloud Private, OpenShift
▪ IBM Cloud Private Documentation
− https://www.ibm.com/support/knowledgecenter/en/SSBS6K_3.2.0/kc_welcome_containers.
html
▪ Deploy IBM Cloud Private Community Edition using Vagrant
− https://github.com/IBM/deploy-ibm-cloud-private/blob/master/docs/deploy-vagrant.md
▪ Red Hat OpenShift Container Platform Documentation
− https://docs.openshift.com/container-platform/4.1/welcome/index.html
64 IBM Cloud
Additional Resources – Db2, Db2Wh, DSM
▪ Db2 Integration into IBM Cloud Private
− https://developer.ibm.com/recipes/tutorials/db2-integration-into-ibm-cloud-private
▪ Db2 on IBM Cloud Private with Red Hat OpenShift
− https://developer.ibm.com/recipes/tutorials/ibm-db2-on-ibm-cloud-private-with-redhat-
openshift
▪ IBM Db2 Developer-C Edition Helm Chart
− https://github.com/IBM/charts/tree/master/stable/ibm-db2oltp-dev
▪ IBM Data Server Manager Developer-C Edition Helm Chart
− https://github.com/IBM/charts/tree/master/stable/ibm-dsm-dev
▪ Deploying Db2 Warehouse SMP using Kubernetes
− https://www.ibm.com/support/knowledgecenter/en/SSCJDQ/com.ibm.swg.im.dashdb.doc/admin/deploy_ku
bernetes_smp.html
▪ Deploying Db2 Warehouse SMP and MPP on IBM Cloud Pak for Data
− https://www.ibm.com/support/knowledgecenter/en/SSQNUZ_2.1.0/com.ibm.icpdata.doc/zen/admin/db-
reqs.html#db-reqs__db2warehouse
65 IBM Cloud
Presentation on Db2 and Docker from Db2 Aktuell 2018
66 IBM Cloud
Summary
67 IBM Cloud
Summary
68 IBM Cloud
Thank You
69 IBM Cloud
70 IBM Cloud