如何从远程 Db2 实例连接到 IBM Db2 Event Store 实例？

Question

I have a Db2 instance and I am trying to connect it to a remote IBM Db2 Event Store cluster. I have been able to connect the Db2 CLP client, is it possible to have the Db2 instance see the tables in the Db2 Event Store cluster as well like if they were local tables ?

I am using a container that already contains the latest Db2 11.5 instance, and that can be downloaded directly from docker hub . With this container, I was able to configure the Db2 client to remotely access the IBM Db2 Event Store instance following these steps, so I know I have connectivity.

First I started the container with the db2 instance

$ docker run -itd --name db2 -e DBNAME=testdb -v ~/:/database -e DB2INST1_PASSWORD=GD1OJfLGG64HV2dtwK -e LICENSE=accept -p 50000:50000 --privileged=true ibmcom/db2

Entered the container

$ docker exec -it  db2 bash -c "su - db2inst1"

Followed the documentation for Configuring Secure Sockets Layer (SSL) support in non-Java Db2 clients

For this, I downloaded the GsKit package within the container and installed it and used the GSKCapiCmd tool to create a key database

[db2inst1@a33d5b29ffa2 ~]$ mkdir /database/config/db2inst1/sqllib/security/keystore
[db2inst1@a33d5b29ffa2 ~]$ cd /database/config/db2inst1/sqllib/security/keystore
[db2inst1@a33d5b29ffa2 ~]$ gsk8capicmd_64 -keydb -create -db "mydbclient.kdb" -pw "myClientPassw0rdpw0" -stash

And then copied the default self-signed certificate from the server

# kubectl get pods -n dsx | grep eventstore-tenant-engine | head -1
eventstore-tenant-engine-565d74cfd8-64jv4         1/1       Running     0          21h

# kubectl exec -n dsx eventstore-tenant-engine-565d74cfd8-64jv4 -- cat /eventstorefs/eventstore/db2inst1/sqllib_shared/gskit/certs/eventstore_ascii.cert

(if you do not have access to the server, you can also use the REST API )

With this, I created a server-certificate.cert file with it on the client, and then added the certificate to the client key database I created before:

[db2inst1@a33d5b29ffa2 ~]$ gsk8capicmd_64 -cert -add -db "mydbclient.kdb" -pw "myClientPassw0rdpw0"  -label "server" -file "server-certificate.cert" -format ascii -fips

And finally updated the configuration on the client to use that client key database I just set up:

[db2inst1@a33d5b29ffa2 ~]$ db2 update dbm cfg using 
      SSL_CLNT_KEYDB /database/config/db2inst1/sqllib/security/keystore/clientkey.kdb 
      SSL_CLNT_STASH /database/config/db2inst1/sqllib/security/keystore/clientstore.sth

Then I followed the documentation to catalog a remote TCPIP node using SECURITY SSL , as the Db2 Event Store Enterprise Edition has SSL configured by default:

[db2inst1@a33d5b29ffa2 ~]$ db2 catalog tcpip node nova remote 172.16.197.11 server 18730 SECURITY SSL
DB20000I  The CATALOG TCPIP NODE command completed successfully.
DB21056W  Directory changes may not be effective until the directory cache is
refreshed.

And lastly, I followed the documentation to catalog the database using AUTHENTICATION GSSPLUGIN , which is what Db2 Event Store requires:

[db2inst1@a33d5b29ffa2 ~]$ db2 CATALOG DATABASE eventdb AT NODE  nova AUTHENTICATION GSSPLUGIN
DB20000I  The CATALOG DATABASE command completed successfully.
DB21056W  Directory changes may not be effective until the directory cache is
refreshed.

With all the set up I did, I was able to establish a connection using the user and the password to validate the configuration .

[db2inst1@a33d5b29ffa2 ~]$ db2 CONNECT TO eventdb USER admin USING password

   Database Connection Information

 Database server        = DB2/LINUXX8664 11.1.9.0
 SQL authorization ID   = ADMIN
 Local database alias   = EVENTDB

Now I would like to take one step further and be able to have the db2 instance see both local tables and remote Db2 Event Store tables. Is this possible ?

Answer 1

Yup! You're actually very close.

Given you are connected to your Db2 Event Store database, you can run:

db2 list tables for all

or for a given schema:

db2 list tables for schema <>

Now, since you are using Db2 11.5 docker container, you could also create a database inside the container. For example:

db2 create db testdb

After which you can connect to the database local to the container and list your "local" tables. For example:

> db2 connect to testdb
> db2 list tables for all

The key thing here is your active connection. When it's made to your remote Db2 Event Store database, the db2 list tables ... command will show tables for the remote database, and when connection is made on the local database, the db2 list tables ... command will show tables for the the local database.