Optional: Preparing customized versions of JDBC drivers and ICCSAP libraries

The Cloud Pak operator includes a single version of Db2 (db2jcc4.jar), Oracle (ojdbc8.jar), Microsoft SQL Server (mssql-jdbc.jre8.jar), and PostgreSQL (postgresql-42.7.2.jar) JDBC drivers to use in your production deployments. If you need to use other versions, then you must package these files into a compressed file and use the sc_drivers_url configuration parameter to download them from an accessible web server. If you need IBM Content Collector for SAP Applications libraries, you must also put them inside the compressed file.

Before you begin

Note: Before you package the files into a compressed file, you must make sure that the custom JDBC driver that you want to use is compatible with Java 11.

Procedure

  1. Prepare your JDBC files and organize them into the following folder structure:

    Add JDBC drivers for Business Automation Navigator and all the other patterns in your deployment that need them. For more information about compatible JDBC drivers, see Db2 JDBC information, Oracle JDBC information, SQL Server JDBC information, and PostgreSQL JDBC information.

    The following JAR files are the default versions:

    /jdbc/db2/db2jcc4.jar
    /jdbc/oracle/ojdbc8.jar
    /jdbc/sqlserver/mssql-jdbc.jre8.jar
    /jdbc/postgresql/postgresql-42.7.2.jar 

    The Db2 license file (db2jcc_license_cu.jar) is included in all Db2 server editions and you must take the license file from the Db2 Activation CD or download it from Passport Advantage. For more information, see Db2 license files.

    For Oracle, you must download the required JDBC JAR and other companion JAR files such as orai18n.jar, oraclepki.jar, osdt_core.jar, osdt_cert.jar from the Oracle Technology Network JDBC Download Page.

    If you want to deploy Application Engine or playback server and use a customized JDBC driver for Oracle, then you need ODPI-C applications with Oracle Instant Client to connect to the database. Download the Oracle Instant Client compressed file from Oracle Instant Client Download Page. Download the Oracle Instant Client file required for your operating system. Extract the file and copy the extracted files to the /oracle_node directory as shown in the following example:
    /jdbc/oracle_node/<extracted files>
  2. Download the SAP Netweaver SDK 7.50 library from the SAP Service Marketplace or SAP NW RFC SDK 7.50. Ensure that the library includes the following files: libicudata.so.50, libicudecnumber.so, libicui18n.so.50, libicuuc.so.50, libsapnwrfc.so, and libsapucum.so.
    Note: You need an SAP Support user (S-user) ID to access the SAP Service Marketplace.
  3. Download the SAP Cryptographic Library version 8 from the SAP Service Marketplace or COMMONCRYPTOLIB 8. Ensure that the library includes the following file: libsapcrypto.so.
  4. Download the SAP Java Connector Release 3.1 from the SAP Service Marketplace or SAP JCO 3.1. Ensure that the library includes the following file: sapjco3.
  5. Extract all the content of the packages to a saplibs directory and give read and write permissions to the directory by running the chmod command.
    /saplibs/libicudata.so.50
    /saplibs/libicudecnumber.so
    /saplibs/libicui18n.so.50
    /saplibs/libicuuc.so.50
    /saplibs/libsapcrypto.so
    /saplibs/libsapjco3.so
    /saplibs/libsapnwrfc.so
    /saplibs/libsapucum.so
    /saplibs/sapjco3.jar
  6. Compress them into a file (.zip, .tar, .tar.gz, .tar.bz2, .tar.xz) by running the following command.
    zip -r $localpath_to_zip/jdbc.zip jdbc saplibs

    The command generates the path and file name: $localpath_to_zip/jdbc.zip.

  7. Use HTTPd as a download service for the JDBC files.
    • Choice 1: Use the HTTPd docker image to start a container with the name http.
      1. Start a HTTPd container by running the following command.
        docker run -dit --name http -p 8888:80 httpd
      2. Open the container by using the URL http://hostname:8888. The hostname is where you run the HTTPd docker image. It displays the following message:
        "it works!"
      3. Copy the compressed file to the docker container by running the following command.
        docker cp $localpath_to_zip/jdbc.zip http:/usr/local/apache2/htdocs
    • Choice 2: Use a HTTP Server as a download service for the JDBC files.
      Attention: The CP4BA deployment and operators do not maintain this HTTP Server, so make sure that the container is protected against breaches, malware, and malicious actors.
      1. Go to the target project of your Cloud Pak for Business Automation deployment (cp4ba-project).
        oc project <cp4ba-project>
      2. Allocate a PVC.
        Tip: If you already have a PVC that can be used to store the JDBC drivers, then you can ignore the step to create a PVC.
        1. Create a PVC by running the following command.
          oc apply -f - <<EOF
          apiVersion: v1
          kind: PersistentVolumeClaim
          metadata:
            name: jdbc-driver-pvc
          spec:
            accessModes:
              - ReadOnlyMany
            storageClassName: <storage-class-name>
            resources:
              requests:
                storage: 100Mi
          EOF

          Make sure that you replace <storage-class-name> with a storage class in your cluster.

        2. Create a dummy pod and mount the PVC that you created.
          Note: Use any valid image to create your dummy pod, such as BusyBox. The following example uses image: image-registry.openshift-image-registry.svc:5000/openshift/httpd, but in an air-gap environment you must use the digest (SHA Hash) of the image.
          oc apply -f - <<EOF
          apiVersion: v1
          kind: Pod
          metadata:
            name: dummy
            labels:
              run: dummy
          spec:
            containers:
            - name: mycontainer
              image: image-registry.openshift-image-registry.svc:5000/openshift/httpd
              volumeMounts:
              - name: tmp-mount
                mountPath: /mnt
            volumes:
            - name: tmp-mount
              persistentVolumeClaim:
                claimName: jdbc-driver-pvc
          EOF
      3. Copy the $localpath_to_zip/jdbc.zip to the PVC.
        oc cp $localpath_to_zip/jdbc.zip $(oc get pod --selector=run=dummy -o=jsonpath='{.items[*].metadata.name}'):/mnt
      4. Create the HTTP Server and mount the PVC.
        1. Create the cp4ba-driver-http service by running the following command.
          oc new-app httpd --name=cp4ba-driver-http
          Important: The container must be run as non-root and deny privilege escalation (securityContext.runAsNonRoot=true, securityContext.allowPrivilegeEscalation=false) to prevent the risk of any exploitation.
        2. Mount the PVC to the cp4ba-driver-http service.
          oc patch deployment cp4ba-driver-http --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/volumes", "value": [{"name": "jdbc-driver","persistentVolumeClaim": {"claimName": "jdbc-driver-pvc"}}]}]'
          oc patch deployment cp4ba-driver-http --type='json' -p='[{"op": "replace", "path": "/spec/template/spec/containers/0/volumeMounts", "value": [{"name": "jdbc-driver","mountPath": "/var/www/html"}]}]'
        3. Verify that the JDBC drivers can be downloaded from the command line by running one of the following commands.
          oc exec -it $(oc get pod --selector=run=dummy -o=jsonpath='{.items[*].metadata.name}') -- bash
          curl -o /tmp/jdbc.zip http://cp4ba-driver-http:8080/jdbc.zip -s
          curl -o /tmp/jdbc.zip https://cp4ba-driver-http:8443/jdbc.zip -k -s 
          ls -lrt /tmp
        4. You can delete the dummy pod after the Cloud Pak for Business Automation operator downloads the compressed file. For more information, see step 8.
          oc delete pod $(oc get pod --selector=run=dummy -o=jsonpath='\{.items[*].metadata.name}')
  8. The Cloud Pak for Business Automation operator downloads the compressed file when you set the value of the custom resource (CR) sc_drivers_url parameter to the URL of the file in the HTTPd container.

    You set the values of the CR parameters when you create an instance of the production deployment. The following example shows the URL of the file in the HTTPd container: http://hostname:8888/jdbc.zip. The hostname is where you run the HTTPd docker image.

    shared_configuration:
      sc_drivers_url: http://hostname:8888/jdbc.zip

    The following example shows the URL of the cp4ba-driver-http service.

    shared_configuration:
      sc_drivers_url: http://cp4ba-driver-http:8080/jdbc.zip

    To update the deployment CR after it is created, run the following command:

    oc patch icp4aclusters <cr_name> --type='json' -p '[{"op": "replace", "path": "/spec/shared_configuration/sc_drivers_url", "value": "http://cp4ba-driver-http:8080/jdbc.zip"}]'

What to do next

The next task to complete depends on the capabilities that you selected for your deployment. You must prepare all of these capabilities and any dependencies. Use the instructions on how to prepare your cluster for the capabilities that you want to install. For more information, see Preparing your chosen capabilities.