A DB2® pureScale® environment
requires a user ID for the instance owner,
a non-root user ID to use a secure shell (SSH) network protocol between
hosts, and another to run fenced user-defined functions or procedures.
If
you use the DB2 Setup wizard
to install the DB2 pureScale Feature,
the required users are created as part of the installation. Otherwise,
you must create the users manually. These users are required on all
servers hosting a cluster caching facility or member.
Each user must be configured to have the same user settings and password
as the same user on all other servers.
Before you begin
- You must have root user authority to create users and groups.
- If you manage users and groups with security software, additional
steps might be required when defining DB2 database
users and groups.
About this task
You need
these users to
create the
DB2 pureScale instance:
- One user for the instance owner
- A
non-root user ID to use a secure shell (SSH) network protocol between
hosts in a DB2 pureScale cluster
(this user ID can default to be the instance owner)
- One user for the fenced user
For
the instance owner and the fenced user, specify two distinct
users that are members of separate groups. You can use existing users
and groups, or have them created on your behalf by the installation.
If you want the users to be created for you during the installation,
the users and groups must not exist on any of the hosts. To use existing
users, both users must exist on all the hosts with the same user ID
(UID), group ID (GID), and HOME directory before
installation.
A DB2 managed GPFS™ requires a non-root user ID to SSH between
hosts in the DB2 pureScale cluster.
The user ID must be a user without special privileges. It is used
by the root account on the local host to execute commands as root
on a remote host in the same cluster. This user ID must be created
on all hosts.
The user and group names used in this task are
the defaults, and are documented in the following table. You can specify
your own user and group names as long as they adhere to your system
naming rules and DB2 naming
rules.
Table 1. Default users and groupsRequired user |
User name |
Group name |
Instance owner |
db2sdin1 |
db2iadm1 |
Fenced user |
db2sdfe1 |
db2fadm1 |
Non-root user
ID to SSH between hosts |
db2ssh1 |
db2iadm1 |
If you plan to use the DB2 Setup wizard
to install your DB2 database
product, the DB2 Setup wizard creates these users
for you.
Restrictions
The
user names you create must conform to both to the naming rules of
your operating system, and to the rules of the DB2 database
system.
Procedure
To create these users, perform the following steps:
- Log on to a host.
- Create a group for the instance owner and a group for fenced
users to run user-defined functions (UDFs) or stored procedures. Before adding the groups on the first host, select a group ID
for each group that does not exist on any of the servers.
Operating System |
Step |
AIX® |
Run the mkgroup command with the id parameter
to create the groups db2iadm1 and db2fadm1 with
the group ID 999 and 998:mkgroup id=999 db2iadm1
mkgroup id=998 db2fadm1
|
Linux |
Run groupadd with the -gid option
to create the groups db2iadm1 and db2fadm1 with
the group identifiers 999 and 998:groupadd -gid 999 db2iadm1
groupadd -gid 998 db2fadm1
|
- Create a user that belongs to each group that you created
in the previous step. Before adding the users on the first
host, choose user ID numbers for both users that do not exist on any
of the servers.
Operating System |
Step |
AIX |
Run mkuser to create each user and configure
user ID (id), the primary group for the user
(pgrp), the complete list of groups the user
belongs to (groups), and the home directory of
user (home).mkuser id=1004 pgrp=db2iadm1 groups=db2iadm1 home=/db2home/db2sdin1 core=-1 data=491519 stack=32767 rss=-1 fsize=-1 db2sdin1
mkuser id=1003 pgrp=db2fadm1 groups=db2fadm1 home=/db2home/db2sdfe1 db2sdfe1
|
Linux |
Run useradd to create each user, assign
the user ID, group, and create the home directory for the user.useradd -uid 1004 -g db2iadm1 -m -d /db2home/db2sdin1 db2sdin1
useradd -uid 1003 -g db2fadm1 -m -d /db2home/db2sdfe1 db2sdfe1
|
This example uses the default instance owner
user name, db2sdin1, and the default fenced user
name, db2sdfe1.
- Set an initial password for each user that you created.
passwd db2sdin1
passwd db2sdfe1
- Log out.
- Log back on with each of the two users you created. You might be prompted to change the user password for each user
because it is the first time the user has logged in.
- Log out.
- Create the exact same user and group accounts on each computer
that will participate in your database environment.