DB2+IBM数据库; enable_MQFunctions = 错误 -- 连接到数据库时
DB2+IBM MQ; enable_MQFunctions = Error -- while connecting to database
我构建了 docker 的映像,其中包含 IBM MQ 9.1、DB2express-c 9.7 + ubuntu 16.04 64 位。
我想在我的 Db2 数据库上启用 MQ 功能(将消息发送到队列)。
但是当我使用 enable_MQFunctions 时,我得到了这个错误:
*** Error -- while connecting to TEST
Make sure that user(db2inst1) and password(pass) are valid and that the DB2 instance has started.
*** enable_MQFunction finished with error
数据库、用户、密码都可以。而且我不明白这个命令 w/o 问题连接到我的数据库
我今天用的Dockerfile(只有DB2和IBM MQ,w/o IIB):
# © Copyright IBM Corporation 2015, 2017
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#==============================
#========================
#FROM centos:7
FROM ubuntu:16.04
#FROM ubuntu:17.10
#LABEL maintainer "Arthur Barr <arthur.barr@uk.ibm.com>, Rob Parker <PARROBE@uk.ibm.com>"
#LABEL "ProductID"="98102d16795c4263ad9ca075190a2d4d" \
# "ProductName"="IBM MQ Advanced for Developers" \
# "ProductVersion"="9.0.4"
# The URL to download the MQ installer from in tar.gz format
#oryginal ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev904_ubuntu_x86-64.tar.gz
ARG MQ_URL=http://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev910_ubuntu_x86-64.tar.gz
#ARG MQ_URL=http://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev80_linux_x86-64.tar.gz
#ARG MQ_URL=\172.29.5.249\mqadv_dev910_ubuntu_x86-64.tar.gz
# The MQ packages to install
ARG MQ_PACKAGES="ibmmq-server ibmmq-java ibmmq-jre ibmmq-gskit ibmmq-web ibmmq-msg-.*"
#RUN rm /var/lib/apt/lists/*
RUN apt-get clean -y
RUN apt-get autoclean -y
RUN export DEBIAN_FRONTEND=noninteractive \
# Install additional packages required by MQ, this install process and the runtime scripts
&& apt-get update -y \
&& apt-get install -y --no-install-recommends \
# && yum update -y \
# && yum install -y \
bash \
bc \
ca-certificates \
coreutils \
curl \
debianutils \
file \
findutils \
gawk \
grep \
libc-bin \
lsb-release \
mount \
passwd \
procps \
sed \
tar \
util-linux \
# Download and extract the MQ installation files
&& export DIR_EXTRACT=/tmp/mq \
&& mkdir -p ${DIR_EXTRACT} \
&& cd ${DIR_EXTRACT} \
&& curl -LO $MQ_URL \
&& tar -zxvf ./*.tar.gz \
# Recommended: Remove packages only needed by this script
#
#&& package-cleanup --leaves --all \ <-------moje dodanie
# Recommended: Create the mqm user ID with a fixed UID and group, so that the file permissions work between different images
&& groupadd --system --gid 990 mqm \
&& useradd --system --uid 990 --gid mqm mqm \
&& usermod -G mqm root \
# Find directory containing .deb files
&& export DIR_DEB=$(find ${DIR_EXTRACT} -name "*.deb" -printf "%h\n" | sort -u | head -1) \
# Find location of mqlicense.sh
&& export MQLICENSE=$(find ${DIR_EXTRACT} -name "mqlicense.sh") \
# Accept the MQ license
&& ${MQLICENSE} -text_only -accept \
&& echo "deb [trusted=yes] file:${DIR_DEB} ./" > /etc/apt/sources.list.d/IBM_MQ.list \
# Install MQ using the DEB packages
&& apt-get update \
&& apt-get install -y $MQ_PACKAGES \
# Remove 32-bit libraries from 64-bit container
&& find /opt/mqm /var/mqm -type f -exec file {} \; \
| awk -F: '/ELF 32-bit/{print }' | xargs --no-run-if-empty rm -f \
# Remove tar.gz files unpacked by RPM postinst scripts
&& find /opt/mqm -name '*.tar.gz' -delete \
# Recommended: Set the default MQ installation (makes the MQ commands available on the PATH)
&& /opt/mqm/bin/setmqinst -p /opt/mqm -i \
# Clean up all the downloaded files
&& rm -f /etc/apt/sources.list.d/IBM_MQ.list \
&& rm -rf ${DIR_EXTRACT} \
# Apply any bug fixes not included in base Ubuntu or MQ image.
# Don't upgrade everything based on Docker best practices https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#run
&& apt-get upgrade -y sensible-utils \
# End of bug fixes
&& rm -rf /var/lib/apt/lists/* \
# Optional: Update the command prompt with the MQ version
&& echo "mq:$(dspmqver -b -f 2)" > /etc/debian_chroot \
&& rm -rf /var/mqm \
# Optional: Set these values for the Bluemix Vulnerability Report
&& sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' /etc/login.defs \
&& sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' /etc/login.defs \
&& sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' /etc/pam.d/common-password
#==========db2 expres START====
#FROM centos:7
#MAINTAINER Leo Wu <leow@ca.ibm.com>
###############################################################
#
# System preparation for DB2
#
###############################################################
#********************z iib-mq-db2 git
RUN dpkg --add-architecture i386
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt-get update && \
apt-get install -y --no-install-recommends \
curl \
bash \
bc \
coreutils \
curl \
debianutils \
findutils \
gawk \
grep \
libc-bin \
lsb-release \
libncurses-dev \
libstdc++6 \
gcc \
binutils \
make \
libpam0g:i386 \
lib32stdc++6 \
lib32gcc1 \
libcurl4-gnutls-dev:i386 \
numactl \
libaio1 \
libxml2 \
mount \
passwd \
procps \
rpm \
sed \
tar \
wget \
util-linux
RUN rm -rf /var/lib/apt/lists/*
RUN apt-get dist-upgrade -y
#******************
RUN groupadd db2iadm1 && useradd -G db2iadm1 db2inst1
# Required packages
#RUN yum install -y \
# vi \
# sudo \
# passwd \
# pam \
# pam.i686 \
# ncurses-libs.i686 \
# file \
# libaio \
# libstdc++-devel.i686 \
# numactl-libs \
# which \
# && yum clean all
ENV DB2EXPRESSC_DATADIR /home/db2inst1/data
# IMPORTANT Note:
# Due to compliance for IBM product, you have to host a downloaded DB2 Express-C Zip file yourself
# Here are suggested steps:
# 1) Please download zip file of db2 express-c from http://www-01.ibm.com/software/data/db2/express-c/download.html
# 2) Then upload it to a cloud storage like AWS S3 or IBM SoftLayer Object Storage
# 3) Acquire a URL and SHA-256 hash of file and pass it via Docker's build time argument facility
ARG DB2EXPRESSC_URL=ftp://ftp.software.ibm.com/software/data/db2/express/db2exc_images/db2exc_970_LNX_x86_64.tar.gz
#ARG DB2EXPRESSC_URL=http://lorenzana.gt/uploads/files/v10.5fp1_linuxx64_expc.tar.gz
#ARG DB2EXPRESSC_URL=\172.29.5.249\public\image\v10.5fp1_linuxx64_expc.tar.gz
ADD db2expc.rsp /tmp/db2expc.rsp
ADD db2rfe.cfg /home/db2inst1/sqllib/instance/db2rfe.cfg
COPY db2expc.rsp /tmp
RUN curl -fkSLo /tmp/expc.tar.gz $DB2EXPRESSC_URL
RUN cd /tmp && tar xf expc.tar.gz
RUN rm -rf /home/db2inst1/sqllib
RUN mkdir /home/db2inst1/sqllib
RUN su - root -c "chmod -R 1777 /home/db2inst1/"
RUN su - db2inst1 -c "/tmp/expc/db2_install -f sysreq -b /home/db2inst1/sqllib"
# RUN su - db2inst1 -c "/tmp/expc/db2setup -r /tmp/db2expc.rsp" || echo "db2setup failed"
RUN echo '. /home/db2inst1/sqllib/db2profile' >> /home/db2inst1/.bash_profile \
&& rm -rf /tmp/db2* && rm -rf /tmp/expc* \
&& sed -ri 's/(ENABLE_OS_AUTHENTICATION=).*/YES/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/(RESERVE_REMOTE_CONNECTION=).*/YES/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/^\*(SVCENAME=db2c_db2inst1)//g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/^\*(SVCEPORT)=48000/=50000/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& mkdir $DB2EXPRESSC_DATADIR && chown db2inst1.db2iadm1 $DB2EXPRESSC_DATADIR
RUN su - db2inst1 -c "db2start && db2set DB2COMM=TCPIP && db2 UPDATE DBM CFG USING DFTDBPATH $DB2EXPRESSC_DATADIR IMMEDIATE && db2 create database db2inst1" \
&& su - db2inst1 -c "db2stop force" \
&& cd /home/db2inst1/sqllib/instance \
&& ./db2rfe -f ./db2rfe.cfg
#COPY docker-entrypoint.sh /entrypoint.sh
#ENTRYPOINT ["/entrypoint.sh"]
#VOLUME $DB2EXPRESSC_DATADIR
#EXPOSE 50000
#=========db2 express END ====
COPY *.sh /usr/local/bin/
COPY *.mqsc /etc/mqm/
COPY admin.json /etc/mqm/
COPY mq-dev-config /etc/mqm/mq-dev-config
RUN chmod +x /usr/local/bin/*.sh
# Always use port 1414 (the Docker administrator can re-map ports at runtime)
# Expose port 9443 for the web console
#VOLUME /home/db2inst1/data
EXPOSE 1414 9443 50000
ENV LANG=en_US.UTF-8
COPY docker-entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
#ENTRYPOINT ["mq.sh"]
entrypoint.sh(使用 MQ 和 DB2 命令):
#======= start MQ =====
set -e
mq-license-check.sh
echo "----------------------------------------"
source mq-parameter-check.sh
echo "----------------------------------------"
setup-var-mqm.sh
echo "----------------------------------------"
which strmqweb && source setup-mqm-web.sh
echo "----------------------------------------"
mq-pre-create-setup.sh
echo "----------------------------------------"
source mq-create-qmgr.sh
echo "----------------------------------------"
source mq-start-qmgr.sh
echo "----------------------------------------"
source mq-dev-config.sh
echo "----------------------------------------"
source mq-configure-qmgr.sh
echo "----------------------------------------"
exec mq-monitor-qmgr.sh ${MQ_QMGR_NAME}
#======== z MQ - END ======
pid=0
function log_info {
echo -e $(date '+%Y-%m-%d %T')"\e[1;32m $@\e[0m"
}
function log_error {
echo -e >&2 $(date +"%Y-%m-%d %T")"\e[1;31m $@\e[0m"
}
function stop_db2 {
log_info "stopping database engine"
su - db2inst1 -c "db2stop force"
}
function start_db2 {
log_info "starting database engine"
su - db2inst1 -c "db2start"
}
function restart_db2 {
# if you just need to restart db2 and not to kill this container
# use docker kill -s USR1 <container name>
kill ${spid}
log_info "Asked for instance restart doing it..."
stop_db2
start_db2
log_info "database instance restarted on request"
}
function terminate_db2 {
kill ${spid}
stop_db2
if [ $pid -ne 0 ]; then
kill -SIGTERM "$pid"
wait "$pid"
fi
log_info "database engine stopped"
exit 0 # finally exit main handler script
}
trap "terminate_db2" SIGTERM
trap "restart_db2" SIGUSR1
if [ ! -f ~/db2inst1_pw_set ]; then
if [ -z "$DB2INST1_PASSWORD" ]; then
log_error "error: DB2INST1_PASSWORD not set"
log_error "Did you forget to add -e DB2INST1_PASSWORD=... ?"
exit 1
else
log_info "Setting db2inst1 user password..."
(echo "$DB2INST1_PASSWORD"; echo "$DB2INST1_PASSWORD") | passwd db2inst1 > /dev/null 2>&1
if [ $? != 0 ];then
log_error "Changing password for db2inst1 failed"
exit 1
fi
touch ~/db2inst1_pw_set
fi
fi
if [ ! -f ~/db2_license_accepted ];then
if [ -z "$LICENSE" ];then
log_error "error: LICENSE not set"
log_error "Did you forget to add '-e LICENSE=accept' ?"
exit 1
fi
if [ "${LICENSE}" != "accept" ];then
log_error "error: LICENSE not set to 'accept'"
log_error "Please set '-e LICENSE=accept' to accept License before use the DB2 software contained in this image."
exit 1
fi
touch ~/db2_license_accepted
fi
if [[ = "-d" ]]; then
log_info "Initializing container"
start_db2
log_info "Database db2diag log following"
tail -f ~db2inst1/sqllib/db2dump/db2diag.log &
export pid=${!}
while true
do
sleep 10000 &
export spid=${!}
wait $spid
done
else
exec ""
fi
比:
docker run -e LICENSE=accept -e MQ_QMGR_NAME=MQ321 -e DB2INST1_PASSWORD=pass -p 41419:1414 -p 9459:9443 -p 5015:50000 allall4r
毕竟,我使用的命令来自:HERE
所以我执行了:
root:
usermod -G mqm db2inst1
/opt/mqm/bin/setmqinst -i -n Installation1 -p /opt/mqm
mqm 用户:
PATH=$PATH:/opt/mqm/bin
db2inst1 用户:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/mqm/lib64
AMT_DATA_PATH=/opt/mqm
db2start
db2 create db testdb
db2 connect to testdb
cd ~/sqllib/cfg/mq
db2 –tvf amtsetup.sql
在此处上传构建此映像所需的所有文件:UPLOAD LINK
图片大约为 3.1GB
我怀疑您的症状的原因是为 enable_MQFunctions 命令行指定的帐户当时 enable_MQFunctions 没有密码尝试 运行。您可以通过查看 db2diag.log 以查看确切的身份验证失败消息来证明这一点,and/or 通过查看您之前该帐户的 /etc/passwd 条目 运行 enable_MQFunctions.
您可以扩展 Dockerfile 以完全在 docker build 期间为 MQ 配置 Db2,而不是 运行 在 docker run 之后或入口点执行这些步骤。这样,您将负责 Dockerfile 中的所有步骤,并且在 docker run 命令后无需手动干预即可重复执行。这也意味着您构建的图像 pre-baked 具有所有必需的配置,然后将持久存在。您需要具备足够的能力来编写 Dockerfile 中的脚本才能获得所需的结果。
如果操作正确,enable_MQFunctions 将在 docker build 期间正常运行,因此如果您遇到错误,那是因为您操作不正确。
我可以在 Dockerfile 中成功配置数据库和 运行 enable_MQFunctions,执行以下步骤(因为使用 non-root 安装 Db2),所以所有配置已经在构建的图像中。
在安装 Db2 之后和 db2start 之前,Dockerfile 应该
创建 /home/db2inst1/sqllib/userprofile(每当 instance-owner 帐户从 .bash_profile 或 .profile 点到其 db2profile 时,它将 运行,以执行以下步骤:
-- 将 /opt/mqm/lib64 添加到 LD_LIBRARY_PATH
-- export AMT_DATA_PATH=/opt/mqm
-- 在 PATH
/opt/mqm/bin
chown db2inst1:db2iadm1 /home/db2inst1/sqllib/userprofile
安装 Db2 之后 db2start 之前,Dockerfile 应该 运行 这些步骤:
-- db2set DB2COMM=TCPIP
-- db2set DB2ENVLIST=AMT_DATA_PATH
-- db2 -v update dbm cfg using federated yes immediate
在 Dockerfile 中为 db2inst1 帐户设置密码
Dockerfile 然后可以 运行 db2start,创建数据库(我称之为示例,你可以随意命名)和 运行 片段下面作为用户 db2inst1 首先在 MQ 函数使用的数据库中创建所需的对象:
su -db2inst1 -c "( db2 -v connect to sample ; \
db2 -tvf /home/db2inst1/sqllib/cfg/mq/amtsetup.sql; \
db2 -v list tables for schema DB2MQ ; \
exit 0 ) "
请注意,如图所示,您必须在子外壳中 运行 amtsetup.sql 才能显式退出 0,因为 amtsetup.sql 总是 returns non-zero 退出代码,即使它成功完成。所以你希望 docker build 在这种情况下继续。
如果以上所有步骤都成功完成并且MQ已经成功安装,稍后在Dockerfile中您可以运行 enable_MQFunctions如下:
我使用ARG INSTANCE_PASSWORD指定db2inst1密码,可以来自外部。
su - db2inst1 -c "( . ./.profile ;\
db2start ;\
db2 -v activate database sample ;\
cd /home/db2inst1/sqllib/cfg ; \
/home/db2inst1/sqllib/bin/enable_MQFunctions -echo -force -n sample -u db2inst1 -p $INSTANCE_PASSWORD ; \
db2stop force ; \
exit 0)"
问题出在环境变量上。我的图像在构建后不能包含任何变量。我尝试使用导出前缀但没有改变。所以没有密码,不好LD_LIBRARY_PATH。我更改并注销后的事件,变量恢复为默认值。
在我的帐户 (db2inst1) 上使用 root -> passwd 后,我可以使用正确的密码执行 enable_MQFunction
下一个错误是我没有 db2 的有效许可证..
我构建了 docker 的映像,其中包含 IBM MQ 9.1、DB2express-c 9.7 + ubuntu 16.04 64 位。
我想在我的 Db2 数据库上启用 MQ 功能(将消息发送到队列)。
但是当我使用 enable_MQFunctions 时,我得到了这个错误:
*** Error -- while connecting to TEST
Make sure that user(db2inst1) and password(pass) are valid and that the DB2 instance has started.
*** enable_MQFunction finished with error
数据库、用户、密码都可以。而且我不明白这个命令 w/o 问题连接到我的数据库
我今天用的Dockerfile(只有DB2和IBM MQ,w/o IIB):
# © Copyright IBM Corporation 2015, 2017
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#==============================
#========================
#FROM centos:7
FROM ubuntu:16.04
#FROM ubuntu:17.10
#LABEL maintainer "Arthur Barr <arthur.barr@uk.ibm.com>, Rob Parker <PARROBE@uk.ibm.com>"
#LABEL "ProductID"="98102d16795c4263ad9ca075190a2d4d" \
# "ProductName"="IBM MQ Advanced for Developers" \
# "ProductVersion"="9.0.4"
# The URL to download the MQ installer from in tar.gz format
#oryginal ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev904_ubuntu_x86-64.tar.gz
ARG MQ_URL=http://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev910_ubuntu_x86-64.tar.gz
#ARG MQ_URL=http://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev80_linux_x86-64.tar.gz
#ARG MQ_URL=\172.29.5.249\mqadv_dev910_ubuntu_x86-64.tar.gz
# The MQ packages to install
ARG MQ_PACKAGES="ibmmq-server ibmmq-java ibmmq-jre ibmmq-gskit ibmmq-web ibmmq-msg-.*"
#RUN rm /var/lib/apt/lists/*
RUN apt-get clean -y
RUN apt-get autoclean -y
RUN export DEBIAN_FRONTEND=noninteractive \
# Install additional packages required by MQ, this install process and the runtime scripts
&& apt-get update -y \
&& apt-get install -y --no-install-recommends \
# && yum update -y \
# && yum install -y \
bash \
bc \
ca-certificates \
coreutils \
curl \
debianutils \
file \
findutils \
gawk \
grep \
libc-bin \
lsb-release \
mount \
passwd \
procps \
sed \
tar \
util-linux \
# Download and extract the MQ installation files
&& export DIR_EXTRACT=/tmp/mq \
&& mkdir -p ${DIR_EXTRACT} \
&& cd ${DIR_EXTRACT} \
&& curl -LO $MQ_URL \
&& tar -zxvf ./*.tar.gz \
# Recommended: Remove packages only needed by this script
#
#&& package-cleanup --leaves --all \ <-------moje dodanie
# Recommended: Create the mqm user ID with a fixed UID and group, so that the file permissions work between different images
&& groupadd --system --gid 990 mqm \
&& useradd --system --uid 990 --gid mqm mqm \
&& usermod -G mqm root \
# Find directory containing .deb files
&& export DIR_DEB=$(find ${DIR_EXTRACT} -name "*.deb" -printf "%h\n" | sort -u | head -1) \
# Find location of mqlicense.sh
&& export MQLICENSE=$(find ${DIR_EXTRACT} -name "mqlicense.sh") \
# Accept the MQ license
&& ${MQLICENSE} -text_only -accept \
&& echo "deb [trusted=yes] file:${DIR_DEB} ./" > /etc/apt/sources.list.d/IBM_MQ.list \
# Install MQ using the DEB packages
&& apt-get update \
&& apt-get install -y $MQ_PACKAGES \
# Remove 32-bit libraries from 64-bit container
&& find /opt/mqm /var/mqm -type f -exec file {} \; \
| awk -F: '/ELF 32-bit/{print }' | xargs --no-run-if-empty rm -f \
# Remove tar.gz files unpacked by RPM postinst scripts
&& find /opt/mqm -name '*.tar.gz' -delete \
# Recommended: Set the default MQ installation (makes the MQ commands available on the PATH)
&& /opt/mqm/bin/setmqinst -p /opt/mqm -i \
# Clean up all the downloaded files
&& rm -f /etc/apt/sources.list.d/IBM_MQ.list \
&& rm -rf ${DIR_EXTRACT} \
# Apply any bug fixes not included in base Ubuntu or MQ image.
# Don't upgrade everything based on Docker best practices https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#run
&& apt-get upgrade -y sensible-utils \
# End of bug fixes
&& rm -rf /var/lib/apt/lists/* \
# Optional: Update the command prompt with the MQ version
&& echo "mq:$(dspmqver -b -f 2)" > /etc/debian_chroot \
&& rm -rf /var/mqm \
# Optional: Set these values for the Bluemix Vulnerability Report
&& sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' /etc/login.defs \
&& sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' /etc/login.defs \
&& sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' /etc/pam.d/common-password
#==========db2 expres START====
#FROM centos:7
#MAINTAINER Leo Wu <leow@ca.ibm.com>
###############################################################
#
# System preparation for DB2
#
###############################################################
#********************z iib-mq-db2 git
RUN dpkg --add-architecture i386
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt-get update && \
apt-get install -y --no-install-recommends \
curl \
bash \
bc \
coreutils \
curl \
debianutils \
findutils \
gawk \
grep \
libc-bin \
lsb-release \
libncurses-dev \
libstdc++6 \
gcc \
binutils \
make \
libpam0g:i386 \
lib32stdc++6 \
lib32gcc1 \
libcurl4-gnutls-dev:i386 \
numactl \
libaio1 \
libxml2 \
mount \
passwd \
procps \
rpm \
sed \
tar \
wget \
util-linux
RUN rm -rf /var/lib/apt/lists/*
RUN apt-get dist-upgrade -y
#******************
RUN groupadd db2iadm1 && useradd -G db2iadm1 db2inst1
# Required packages
#RUN yum install -y \
# vi \
# sudo \
# passwd \
# pam \
# pam.i686 \
# ncurses-libs.i686 \
# file \
# libaio \
# libstdc++-devel.i686 \
# numactl-libs \
# which \
# && yum clean all
ENV DB2EXPRESSC_DATADIR /home/db2inst1/data
# IMPORTANT Note:
# Due to compliance for IBM product, you have to host a downloaded DB2 Express-C Zip file yourself
# Here are suggested steps:
# 1) Please download zip file of db2 express-c from http://www-01.ibm.com/software/data/db2/express-c/download.html
# 2) Then upload it to a cloud storage like AWS S3 or IBM SoftLayer Object Storage
# 3) Acquire a URL and SHA-256 hash of file and pass it via Docker's build time argument facility
ARG DB2EXPRESSC_URL=ftp://ftp.software.ibm.com/software/data/db2/express/db2exc_images/db2exc_970_LNX_x86_64.tar.gz
#ARG DB2EXPRESSC_URL=http://lorenzana.gt/uploads/files/v10.5fp1_linuxx64_expc.tar.gz
#ARG DB2EXPRESSC_URL=\172.29.5.249\public\image\v10.5fp1_linuxx64_expc.tar.gz
ADD db2expc.rsp /tmp/db2expc.rsp
ADD db2rfe.cfg /home/db2inst1/sqllib/instance/db2rfe.cfg
COPY db2expc.rsp /tmp
RUN curl -fkSLo /tmp/expc.tar.gz $DB2EXPRESSC_URL
RUN cd /tmp && tar xf expc.tar.gz
RUN rm -rf /home/db2inst1/sqllib
RUN mkdir /home/db2inst1/sqllib
RUN su - root -c "chmod -R 1777 /home/db2inst1/"
RUN su - db2inst1 -c "/tmp/expc/db2_install -f sysreq -b /home/db2inst1/sqllib"
# RUN su - db2inst1 -c "/tmp/expc/db2setup -r /tmp/db2expc.rsp" || echo "db2setup failed"
RUN echo '. /home/db2inst1/sqllib/db2profile' >> /home/db2inst1/.bash_profile \
&& rm -rf /tmp/db2* && rm -rf /tmp/expc* \
&& sed -ri 's/(ENABLE_OS_AUTHENTICATION=).*/YES/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/(RESERVE_REMOTE_CONNECTION=).*/YES/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/^\*(SVCENAME=db2c_db2inst1)//g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/^\*(SVCEPORT)=48000/=50000/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& mkdir $DB2EXPRESSC_DATADIR && chown db2inst1.db2iadm1 $DB2EXPRESSC_DATADIR
RUN su - db2inst1 -c "db2start && db2set DB2COMM=TCPIP && db2 UPDATE DBM CFG USING DFTDBPATH $DB2EXPRESSC_DATADIR IMMEDIATE && db2 create database db2inst1" \
&& su - db2inst1 -c "db2stop force" \
&& cd /home/db2inst1/sqllib/instance \
&& ./db2rfe -f ./db2rfe.cfg
#COPY docker-entrypoint.sh /entrypoint.sh
#ENTRYPOINT ["/entrypoint.sh"]
#VOLUME $DB2EXPRESSC_DATADIR
#EXPOSE 50000
#=========db2 express END ====
COPY *.sh /usr/local/bin/
COPY *.mqsc /etc/mqm/
COPY admin.json /etc/mqm/
COPY mq-dev-config /etc/mqm/mq-dev-config
RUN chmod +x /usr/local/bin/*.sh
# Always use port 1414 (the Docker administrator can re-map ports at runtime)
# Expose port 9443 for the web console
#VOLUME /home/db2inst1/data
EXPOSE 1414 9443 50000
ENV LANG=en_US.UTF-8
COPY docker-entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
#ENTRYPOINT ["mq.sh"]
entrypoint.sh(使用 MQ 和 DB2 命令):
#======= start MQ =====
set -e
mq-license-check.sh
echo "----------------------------------------"
source mq-parameter-check.sh
echo "----------------------------------------"
setup-var-mqm.sh
echo "----------------------------------------"
which strmqweb && source setup-mqm-web.sh
echo "----------------------------------------"
mq-pre-create-setup.sh
echo "----------------------------------------"
source mq-create-qmgr.sh
echo "----------------------------------------"
source mq-start-qmgr.sh
echo "----------------------------------------"
source mq-dev-config.sh
echo "----------------------------------------"
source mq-configure-qmgr.sh
echo "----------------------------------------"
exec mq-monitor-qmgr.sh ${MQ_QMGR_NAME}
#======== z MQ - END ======
pid=0
function log_info {
echo -e $(date '+%Y-%m-%d %T')"\e[1;32m $@\e[0m"
}
function log_error {
echo -e >&2 $(date +"%Y-%m-%d %T")"\e[1;31m $@\e[0m"
}
function stop_db2 {
log_info "stopping database engine"
su - db2inst1 -c "db2stop force"
}
function start_db2 {
log_info "starting database engine"
su - db2inst1 -c "db2start"
}
function restart_db2 {
# if you just need to restart db2 and not to kill this container
# use docker kill -s USR1 <container name>
kill ${spid}
log_info "Asked for instance restart doing it..."
stop_db2
start_db2
log_info "database instance restarted on request"
}
function terminate_db2 {
kill ${spid}
stop_db2
if [ $pid -ne 0 ]; then
kill -SIGTERM "$pid"
wait "$pid"
fi
log_info "database engine stopped"
exit 0 # finally exit main handler script
}
trap "terminate_db2" SIGTERM
trap "restart_db2" SIGUSR1
if [ ! -f ~/db2inst1_pw_set ]; then
if [ -z "$DB2INST1_PASSWORD" ]; then
log_error "error: DB2INST1_PASSWORD not set"
log_error "Did you forget to add -e DB2INST1_PASSWORD=... ?"
exit 1
else
log_info "Setting db2inst1 user password..."
(echo "$DB2INST1_PASSWORD"; echo "$DB2INST1_PASSWORD") | passwd db2inst1 > /dev/null 2>&1
if [ $? != 0 ];then
log_error "Changing password for db2inst1 failed"
exit 1
fi
touch ~/db2inst1_pw_set
fi
fi
if [ ! -f ~/db2_license_accepted ];then
if [ -z "$LICENSE" ];then
log_error "error: LICENSE not set"
log_error "Did you forget to add '-e LICENSE=accept' ?"
exit 1
fi
if [ "${LICENSE}" != "accept" ];then
log_error "error: LICENSE not set to 'accept'"
log_error "Please set '-e LICENSE=accept' to accept License before use the DB2 software contained in this image."
exit 1
fi
touch ~/db2_license_accepted
fi
if [[ = "-d" ]]; then
log_info "Initializing container"
start_db2
log_info "Database db2diag log following"
tail -f ~db2inst1/sqllib/db2dump/db2diag.log &
export pid=${!}
while true
do
sleep 10000 &
export spid=${!}
wait $spid
done
else
exec ""
fi
比:
docker run -e LICENSE=accept -e MQ_QMGR_NAME=MQ321 -e DB2INST1_PASSWORD=pass -p 41419:1414 -p 9459:9443 -p 5015:50000 allall4r
毕竟,我使用的命令来自:HERE
所以我执行了:
root:
usermod -G mqm db2inst1
/opt/mqm/bin/setmqinst -i -n Installation1 -p /opt/mqm
mqm 用户:
PATH=$PATH:/opt/mqm/bin
db2inst1 用户:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/mqm/lib64
AMT_DATA_PATH=/opt/mqm
db2start
db2 create db testdb
db2 connect to testdb
cd ~/sqllib/cfg/mq
db2 –tvf amtsetup.sql
在此处上传构建此映像所需的所有文件:UPLOAD LINK
图片大约为 3.1GB
我怀疑您的症状的原因是为 enable_MQFunctions 命令行指定的帐户当时 enable_MQFunctions 没有密码尝试 运行。您可以通过查看 db2diag.log 以查看确切的身份验证失败消息来证明这一点,and/or 通过查看您之前该帐户的 /etc/passwd 条目 运行 enable_MQFunctions.
您可以扩展 Dockerfile 以完全在 docker build 期间为 MQ 配置 Db2,而不是 运行 在 docker run 之后或入口点执行这些步骤。这样,您将负责 Dockerfile 中的所有步骤,并且在 docker run 命令后无需手动干预即可重复执行。这也意味着您构建的图像 pre-baked 具有所有必需的配置,然后将持久存在。您需要具备足够的能力来编写 Dockerfile 中的脚本才能获得所需的结果。
如果操作正确,enable_MQFunctions 将在 docker build 期间正常运行,因此如果您遇到错误,那是因为您操作不正确。
我可以在 Dockerfile 中成功配置数据库和 运行 enable_MQFunctions,执行以下步骤(因为使用 non-root 安装 Db2),所以所有配置已经在构建的图像中。
在安装 Db2 之后和 db2start 之前,Dockerfile 应该 创建
/home/db2inst1/sqllib/userprofile(每当 instance-owner 帐户从.bash_profile或.profile点到其db2profile时,它将 运行,以执行以下步骤:-- 将
/opt/mqm/lib64添加到LD_LIBRARY_PATH--
export AMT_DATA_PATH=/opt/mqm-- 在
PATH 前添加 chown db2inst1:db2iadm1 /home/db2inst1/sqllib/userprofile安装 Db2 之后
db2start之前,Dockerfile 应该 运行 这些步骤:--
db2set DB2COMM=TCPIP--
db2set DB2ENVLIST=AMT_DATA_PATH--
db2 -v update dbm cfg using federated yes immediate在 Dockerfile 中为 db2inst1 帐户设置密码
Dockerfile 然后可以 运行
db2start,创建数据库(我称之为示例,你可以随意命名)和 运行 片段下面作为用户 db2inst1 首先在 MQ 函数使用的数据库中创建所需的对象:
/opt/mqm/bin
su -db2inst1 -c "( db2 -v connect to sample ; \
db2 -tvf /home/db2inst1/sqllib/cfg/mq/amtsetup.sql; \
db2 -v list tables for schema DB2MQ ; \
exit 0 ) "
请注意,如图所示,您必须在子外壳中 运行 amtsetup.sql 才能显式退出 0,因为 amtsetup.sql 总是 returns non-zero 退出代码,即使它成功完成。所以你希望 docker build 在这种情况下继续。
如果以上所有步骤都成功完成并且MQ已经成功安装,稍后在Dockerfile中您可以运行 enable_MQFunctions如下:
我使用ARG INSTANCE_PASSWORD指定db2inst1密码,可以来自外部。
su - db2inst1 -c "( . ./.profile ;\
db2start ;\
db2 -v activate database sample ;\
cd /home/db2inst1/sqllib/cfg ; \
/home/db2inst1/sqllib/bin/enable_MQFunctions -echo -force -n sample -u db2inst1 -p $INSTANCE_PASSWORD ; \
db2stop force ; \
exit 0)"
问题出在环境变量上。我的图像在构建后不能包含任何变量。我尝试使用导出前缀但没有改变。所以没有密码,不好LD_LIBRARY_PATH。我更改并注销后的事件,变量恢复为默认值。
在我的帐户 (db2inst1) 上使用 root -> passwd 后,我可以使用正确的密码执行 enable_MQFunction
下一个错误是我没有 db2 的有效许可证..