Microsoft PowerPoint - SecurityAndInstances-PartI

28 March 0528 March 05 Security and Instances 1

Security and Instances –Part 1

© 2005 IBM Corporation

Renu Pinky SumamIBM India Software Labs

In-demand skills for an on demand world

28 March 05 2 © 2005 IBM Corporation

AGENDA• Instances

� Multiple instances� Creating instances� Closer look

• DB2 Environment� Profile registry� Environment variables� Configuration

parameters• DAS


WHAT IS AN INSTANCE?

• Environment to start using DB2

• Several instances of the same product on a physical machine

• Independent db2 server "engine"

YOUR MACHINE

DB2Prog. Files

Instance A Instance B


Anatomy

DBM CFG DBM CFG

DB CFG

Catalog

Recovery d1

DB CFG

Catalog

Recovery d3

DB CFG

Catalog

Recovery d4

DB CFG

Catalog

Recovery d2

INST1 INST2


WHY MULTIPLE INSTANCES

• Separate test and production environment • Control assignment of authority to each

instance• Tune each instance independently• Limit the impact of an instance failure


THE PRICE…..

• Require additional system resources• Involves more administration


WHAT INSTANCE AM I WORKING ON?

• The DB2INSTANCE environment variable• The DB2 ATTACH statement

� db2 attach to <instance_name>� db2 detach


• Instances� Multiple instances� Creating instances� Closer look

• DB2 Environment� Profile registry� Environment variables� Configuration parameters

• DAS


CREATING INSTANCES• Instance created during installation of DB2

� Windows – DB2� Unix – Your choice (default db2inst1)

• Can create additional instances using db2icrt or through Control Center


A CLOSER LOOK

db2start / db2stop

Service / Port for communication - /etc/services file

Instance dir - install_path \sqllib\instance_name

Instance dir –INSTHOME/sqllib

Instance <==> ServiceInstance <==> UserWindowsUnix


ACTIONS ON INSTANCE• Creating an instance – db2icrt, db2isetup• Listing instances – db2ilist • Updating an instance – db2iupdt• Removing an instance – db2idrop




• DAS


DB2 Environment

• Mechanisms to control many database environment related factors:�DB2 Profile Registry eg: DB2COMM�Environment variables eg: DB2INSTANCE�Configuration parameters eg: SVCENAME


Profile Registry

• Controls most of the DB2 environment • Objective - centralize control of DB2

environment• No need to reboot the system after making

changes to DB2 Registry• Remote administration of variables


TYPES OF REGISTRIES• DB2 Global-Level Profile Registry

�Machine-wide variable settings• DB2 Instance-Level Profile Registry

�Variable settings for a particular instance• DB2 Instance Node-Level Profile Registry

�Resides on every node in a partitioned db• DB2 Instance Profile Registry

�List of instance names


THE db2set COMMAND

• Command line tool to administer the DB2 profile registry

• Set a variable� db2set DB2COMM=TCPIP

• Use db2set –h to list all available options


db2set COMMAND (…contd)• Display global (machine-wide) profile values

� db2set -g• Display instance profile values

� db2set -i db2• List all supported register values

� db2set –lr• List all variables that are set

� db2set -all


db2set -allC:\Documents and Settings\Administrator>db2set -all[e] DB2PATH=C:\Program Files\IBM\SQLLIB[i] DB2INSTPROF=C:\Program Files\IBM\SQLLIB[i] DB2COMM=TCPIP[g] DB2SYSTEM=RENU[g] DB2PATH=C:\Program Files\IBM\SQLLIB[g] DB2INSTDEF=DB2[g] DB2ADMINSERVER=DB2DAS00




• DAS


ENVIRONMENT VARIABLES

• Environment variables that are not set in profiles registry

• Eg: DB2INSTANCE• Use set or export command to set system

environment variables


ORDER OF RESOLVING

EnvironmentNode-levelInstance-levelGlobal-level


CONFIGURATION PARAMETERS• Database manager configuration parameters

affect resources and performance at instance level

• Database configuration parameters affect resources and parameters at database level

• Update using Control Center or CLP� db2 get dbm cfg� db2 update dbm cfg using <parm> <value>




• DAS


DB2 ADMIN SERVER• A control point used to assist with tasks on

DB2 servers.• Assists tools like Control Center, Config

Assistant etc.• Only one DAS on a machine• DAS includes a scheduler


DB2 ADMIN SERVER

SCHEDULER

DB2 Instances

Tools Catalog db

Tools Set• Control Center•Command Center•Development Center•Data Warehouse Center•Command Line Processor

TCPIPPort523


ACTIONS ON DAS

• Starting DAS – db2admin start• Stopping DAS – db2admin stop• Creating DAS – db2admin create / dascrt• Listing DAS – db2admin / daslist• Updating DAS – dasupdt• Removing DAS – db2admin drop / dasdrop


A CLIENT-SERVER MODEL

• Setup communication between two instances• Catalog the server instance and database at

client • You are ready to connect !

SERVERCLIENTInstances with dbClient Instance

TCPIP


Commands to use• Setting up communication (client and server)

� db2set DB2COMM=TCPIP� db2 update dbm cfg using SVCENAME

<port_num>� Update hosts and services file

• Cataloging instance & db, connecting (client)� db2 catalog tcpip node servnode remote

servmach server 50000� db2 catalog db sample at node servnode� db2 connect to sample user <instance> using

<passwd>


SUMMARY

• Instances• DB2 environment• DAS• Client-Server setup


DO AND I UNDERSTAND• Exercises you can try out –

� Create an instance – explore the instance directory

� Try creating a database� Try various options of db2set� Where are the DB2 environment variables?� Create DAS and start using Control Center


REFERENCES• Infocenter :

http://publib.boulder.ibm.com/infocenter/db2help/index.jsp

• Manuals : Admin Guides, Quick Beginnings, Installation Guides etc – http://www-306.ibm.com/software/data/db2/udb/support/manualsv8.html

• http://www-306.ibm.com/software/data/db2/udb/


WHAT’S NEXT?• Security

�Authentication�Authorization�Privileges

Microsoft PowerPoint - SecurityAndInstances-PartI

Documents

db2 db2

ibm corporation

instances instance

control of db2 environment

db2 profile registry

db2 instances tools

db2 environment objective

db2 environment mechanisms