A
Db2
pureScale
environment requires a user ID for the instance owner, a non-root user ID
to use a secure shell (SSH) network protocol between hosts, and another to run fenced
user-defined functions or procedures.
If
you use the Db2
Setup wizard to install the Db2
pureScale Feature, the
required users are created as part of the installation. Otherwise, you must create the users
manually. These users are required on all servers hosting a cluster caching facility or member. Each user must be
configured to have the same user settings and password as the same user on all other
servers.
Before you begin
- You must
have root user authority to create users and groups.
- If you
manage users and groups with security software, additional
steps might be required when defining Db2 database
users and groups.
About this task
You need
these users to create the
Db2
pureScale instance:
- One user for the instance owner
- A
non-root user ID to use a secure shell (SSH) network protocol between hosts in a Db2
pureScale cluster (this
user ID can default to be the instance owner)
- One user for the fenced user
For
the instance owner and the fenced user, specify two distinct users that are members of separate
groups. You can use existing users and groups, or have them created on your behalf by the
installation. If you want the users to be created for you during the installation, the users and
groups must not exist on any of the hosts. To use existing users, both users must exist on all the
hosts with the same user ID (UID), group ID (GID), and HOME directory before
installation.
A
Db2 managed IBM
Spectrum Scale requires a non-root user ID to SSH between hosts in the Db2
pureScale cluster. The
user ID must be a user without special privileges. It is used by the root account on the local host
to execute commands as root on a remote host in the same cluster. This user ID must be created on
all hosts.
The user and group names used in this task are the defaults, and are documented in the following
table. You can specify your own user and group names as long as they adhere to your system naming
rules and Db2
naming rules.
Table 1. Default users and groups
Required user |
User name |
Group name |
Instance owner |
db2sdin1 |
db2iadm1 |
Fenced user |
db2sdfe1 |
db2fadm1 |
Non-root user ID to SSH between hosts
|
db2ssh1 |
db2iadm1 |
If you plan to use the Db2 Setup wizard to install your Db2 database product, the
Db2 Setup wizard creates these users for you.
Restrictions
The user names you create must conform to both to the naming rules of your operating
system, and to the rules of the Db2 database system.
Procedure
To create these users, perform
the following steps:
- Log on to a host.
- Create a group for the instance owner and a group
for fenced
users to run user-defined functions (UDFs) or stored procedures.
Before adding the groups on the first host, select a group ID
for each group that does not exist on any of the servers.
Operating
System |
Step |
AIX® |
Run the mkgroup command with the id parameter
to create the groups db2iadm1 and db2fadm1 with
the group ID 999 and 998:mkgroup id=999 db2iadm1
mkgroup id=998 db2fadm1
|
Linux® |
Run groupadd --gid option to create the groups
db2iadm1 and db2fadm1 with the group identifiers
999 and
998:groupadd --gid 999 db2iadm1
groupadd --gid 998 db2fadm1
|
- Create a
user that belongs to each group that you created
in the previous step.
Before adding the users on the first
host, choose user ID numbers for both users that do not exist on any
of the servers.
Operating System |
Step |
AIX |
Run mkuser to create each user and configure
user ID (id), the primary group for the user
(pgrp), the complete list of groups the user
belongs to (groups), and the home directory of
user (home).mkuser id=1004 pgrp=db2iadm1 groups=db2iadm1 home=/db2home/db2sdin1 core=-1 data=491519 stack=32767 rss=-1 fsize=-1 db2sdin1
mkuser id=1003 pgrp=db2fadm1 groups=db2fadm1 home=/db2home/db2sdfe1 db2sdfe1
|
Linux |
Run useradd to create each user, assign the user ID, group, and create
the home directory for the
user.useradd --uid 1004 -g db2iadm1 -m -d /db2home/db2sdin1 db2sdin1
useradd --uid 1003 -g db2fadm1 -m -d /db2home/db2sdfe1 db2sdfe1
|
This
example uses the default instance owner
user name, db2sdin1, and the default fenced user
name, db2sdfe1.
- Set an
initial password for each user that you created.
passwd db2sdin1
passwd db2sdfe1
- Log out.
- Log back on with each of the two users you created.
You might be prompted to change the user password for each user
because it is the first time the user has logged in.
-
Log out.
- Create the exact same user and
group accounts on each computer
that will participate in your database environment.