Refreshing the target database secret

If you change the secret for accessing the target database service, you have to ensure that Data Gate can pick up the new secret, so that both services use the same secret.

1. Change the secret for accessing the target database service by following steps 1 through 3 in Updating the password secrets. Make sure to leave out step 4, that is, do not restart the database engine pod.
2. Identify the Data Gate instance identifier, and assign the value to the variable DG_INSTANCE_ID by issuing the oc get dginstance command. For example:

   oc get dginstance -n ${PROJECT_CPD_INST_OPERANDS}
   NAME                 VERSION   BUILD      STATUS      RECONCILED   AGE
   dg1699914520773847   5.0.0     5.0.0.82   Completed   5.0.0        6h58m

   In this example, the instance ID is dg1699914520773847. Set the variable DG_INSTANCE_ID to this instance ID.

3. Identify the Data Gate instance pod, and assign the value to the variable DG_POD by issuing the following oc get pod command:

   DG_POD=$(oc get pod -n ${PROJECT_CPD_INST_OPERANDS} -l icpdsupport/app=dg-instance-server,\
   icpdsupport/serviceInstanceId=`echo ${DG_INSTANCE_ID} | sed 's/^dg//'` -o jsonpath='{.items[0].metadata.name}')

4. Stop the Data Gate synchronization function.
   1. To this end, run the following command to access the proper container:

      oc exec -it -n ${PROJECT_CPD_INST_OPERANDS} ${DG_POD} -c data-gate-apply bash

   2. To stop the synchronization function, run the following command:

      /head/tools/datagate-apply/stop_apply.sh

      If the command runs successfully, the screen output looks like this:

      Datagate-Apply-Stop: Stopping the datagate-apply instance:[XY1A]. It usually takes up to 1 minute.
      Datagate-Apply-Stop: Suspend the datagate-apply instance:[XY1A].
      SUCCESS - Instance XY1A is now SUSPENDED. 
      Datagate-Apply-Stop: Suspend the datagate-apply instance:[XY1A] successfully.
      SUCCESS - Instance XY1A is now stopped.
      Datagate-Apply-Stop: Stop the datagate-apply instance:[XY1A] successfully.

5. Shut down the db2u pod.
   1. Get the db2u sts name:

      oc get sts -n ${PROJECT_CPD_INST_OPERANDS} | grep db2u

      The sts name is output on the screen. See the following example:

      c-db2oltp-1629250582941130-db2u 1/1 4d18h

   2. Shut down the db2u pod. Example:

      oc scale sts -n ${PROJECT_CPD_INST_OPERANDS} c-db2oltp-1629250582941130-db2u --replicas=0

   3. Rerun the command in step 5.a to check the state of the db2u pod.
      The screen output must indicate that no db2u pod is running. This is indicated by the numbering 0/1. For example:

      c-db2oltp-1629250582941130-db2u 0/1 4d18h

6. Refresh the db2inst1 password in the Data Gate configuration file and restart the Data Gate server service.
   1. Access the data-gate-server container by running the following command:

      oc exec -it -n ${PROJECT_CPD_INST_OPERANDS} ${DG_POD} -c data-gate-server bash

   2. Run the following command to make the Data Gate server pick up the changed target database secret:

      /head/tools/datagate-server/refresh_db2luw_password.sh

      A successful command execution generates the following screen output:

      2023-06-13 13:41:32 - Refresh-Password: Start to refresh password
      2023-06-13 13:41:32 - Refresh-Password: Enforce /head/dwa/etc/dwa.server.password-salt 
      permission to 400
      Accelerator-Stop: Found the process of Datgate Server and start to shutdown it.
      Accelerator-Stop: Datgate Server has been stopped successfully
      2023-06-13 13:41:33,250 - INFO - The generation of the dwa password for the 
      platform user was successful 2023-06-13 13:41:33.
      .
      .
      .
      Accelerator-Start: Please checkout the detailed server log from 
      /head/dwa/var/log/ffdc/dwa-server.stdout.2023-06-13-13-41-34-UTC
      2023-06-13 13:41:34 - Refresh-Password: Refresh password successfully

7. Restart the db2u pod.
   1. Run the following command:

      oc scale sts -n ${PROJECT_CPD_INST_OPERANDS} c-db2oltp-1629250582941130-db2u --replicas=1

   2. Display the STS name of the db2u pod once more to verify the restart:

      oc get sts -n ${PROJECT_CPD_INST_OPERANDS} | grep db2u

      After a successful restart, the screen output displays 1/1 running db2u pods. Example:

      c-db2oltp-1629250582941130-db2u 1/1 4d18h

8. Restart the Data Gate synchronization function.
   1. Access the data-gate-apply container by running the following command:

      oc exec -it -n ${PROJECT_CPD_INST_OPERANDS} ${DG_POD} -c data-gate-apply bash

   2. To start the synchronization function, run the following command:

      /head/tools/datagate-apply/start_apply.sh

      If the command runs successfully, the screen output looks like this:

      Datagate-Apply-Start: Wait for monitor to start the datagate-apply instance:[XY1A].
      Datagate-Apply-Start: Remove the suspend file for the datagate-apply instance:[XY1A].
      Datagate-Apply-Start: 1 - checking if the datagate-apply instance: [XY1A] is running.
      Datagate-Apply-Start: The datagate-apply process has been started successfully.
      Datagate-Apply-Start: Start the datagate-apply instance:[XY1A] successfully.