Creating a network policy for built-in etcd for Db2 Warehouse

To use the built-in etcd store from one of the Db2 Warehouse deployments in your HADR configuration, you must create a network policy to allow other database deployments to communicate with the etcd pod.

About this task

Creating a network policy will allow incoming connections to the etcd pod. For more details on the built-in etcd store, see Setting up an etcd store for HADR in Db2 Warehouse.
Important: The built-in etcd store is not to be used in production environments.

Procedure

  1. Create variables referencing the DB2UCLUSTER name and NAMESPACE being used. Use the corresponding DB2UCLUSTER with the database deployment containing the built-in etcd store you are using.
    export DB2UCLUSTER=<db2ucluster_name>
    export NAMESPACE=<namespace_of_db2ucluster>
  2. Create a network policy for the etcd pod by modifying, then running the following script.
    cat <<EOF | oc apply -f -
    apiVersion: networking.k8s.io/v1
    kind: NetworkPolicy
    metadata:
      name: c-${DB2UCLUSTER}-etcd-ext
      namespace: ${NAMESPACE}
    spec:
      ingress:
      - ports:
        - port: 2379
          protocol: TCP
      podSelector:
        matchLabels:
          formation_id: ${DB2UCLUSTER}
          component: etcd
      policyTypes:
      - Ingress
    EOF

Results

You can now use the network policy to access etcd for automated failover.

What to do next

See Setting up an etcd store for HADR in Db2 Warehouse.