Linux and UNIX systems: Activate A-TAP on all nodes of a DB2 Cluster

A-TAP needs to be activated on all nodes where a DB2 server is shared by nodes on a DB2 cluster.


  1. Authorize db2 user on node 1. <guardium_base>/xxx/guardctl authorize-user <user-name>
    For example:

    # /usr/local/guardium/bin/guardctl authorize-user db2inst1

    # /usr/local/guardium/bin/guardctl is_user_authorized db2inst1

    User 'db2inst1' is authorized.

  2. Activate A-TAP on node 1.
    <guardium_base>/xxx/guardctl db_instance=<instance> activate
    For example:

    # /usr/local/guardium/guard_stap/guardctl db_instance=db2inst1 activate

    # /usr/local/guardium/guard_stap/guardctl list-active

  3. Restore the original DB2 server on node 1 after activating ATAP on it, so that other nodes can activate ATAP. (All nodes share the executable.( In the db2 adm directory, copy db2sysc-guard-original over db2sysc (make a copy of each first and set them aside). For example:
    # > cp db2sysc-guard-original db2sysc
  4. Delete db2sysc-guard-original (or it will fail activation on node 2). For example:
    # rm -rf db2sysc-guard-original
  5. Move cluster resources to node 2. For example:
    # pcs resource move resource_id <destination node>
  6. Authorize db2 user and activate on node 2 (steps 1 and 2). This will create the libraries on node 2 and replace the db2sysc-guard-original that has been deleted. The current status should be:

    # /usr/local/guardium/guard_stap/guardctl list-active



    # /usr/local/guardium/guard_stap/guardctl list-active