Creating a service instance for Db2 Warehouse from the web client

After you install Db2 Warehouse, you can optionally create more Db2 Warehouse service instances in the operands project. If you are a IBM® Software Hub user, you can use the web client to create service instances. The web client guides you through the process of creating service instances.

Who needs to complete this task?
To create a service instance from the web client, you must have the Create service instances permission in IBM Software Hub.
When do you need to complete this task?
Complete this task only if you want to create a service instance from the web client.
Alternative methods for creating a service instance

Before you begin

This task assumes that the following prerequisites are met:

Prerequisite Where to find more information
Db2 Warehouse is installed. If this task is not complete, see Installing Db2 Warehouse.
If you plan to deploy on a dedicated node, you must label the node. You will enter the label during the deployment process. If this task is not complete, see Setting up dedicated nodes for your Db2 Warehouse deployment.

Procedure

To create a service instance:

  1. From the navigation, select Data > Databases.
  2. Click Create a database.
  3. Select the database type and version. Click Next.
  4. In the Configure area, specify the number of nodes, memory per node, and CPU per node.
    Attention: If you use Portworx or OpenShift Data Foundation storage, you must select 4K sector size. For more information, see Storage requirements.

    The console checks your OpenShift cluster for adequate memory and CPU resources to meet your specifications. An error message displays when inadequate resources are found. If this issue occurs, you must either reduce the amounts that you specified or add more resources to the cluster.

  5. If you are using a dedicated node, click Deploy database on dedicated nodes and enter the node label in the Value for node label box.
    Note: The following warning banner might show up:

    A valid dedicated node with label "{label}" was not found. No available nodes are labeled and tainted.

    On occasion, this warning banner might be translucent and the message hard to read. If so, refresh the page.

    For more information, see Setting up dedicated nodes for your Db2 Warehouse deployment.

  6. On the Advanced configuration page, specify the following options:
    • Select the Oracle compatibility option to specify whether Db2 Warehouse is deployed in Oracle compatibility mode (the DB2_COMPATIBILITY_VECTOR registry variable is set to ORA).
    • What type of workload to use:
      Operational Analytics
      Sets the registry variable DB2_WORKLOAD to PUREDATA_OLAP to use Netezza Performance Server for Operational Analytics.
      Analytics
      Sets the DB2_WORKLOAD value to Analytics to set the default table organization to COLUMN for column-organized tables.
    • Select the Allow SSL port only option to disable the TCP/IP port, which allows only SSL connections to be made to the database.
    • Select the Disable Db2 encryption option to disable Db2 native encryption.
    • Select the Deploy Db2 Warehouse with non-root deployment checkbox to deploy Db2 Warehouse using Red Hat® OpenShift's restricted-v2 security context constraint (SCC) which ensures workloads run with non-root privileges and prevents elevated permissions.

      For more information, see Deploying Db2 Warehouse with non-root access in a restricted-v2 SCC on IBM Software Hub.

  7. If vault is enabled, the Credentials page will automatically appear. Clusters without vault enabled default to generating a Kubernetes secret for each instance created. If you would like to still deploy an instance that uses the default method, select Generate a Kubernetes secret. If you would like to use existing credentials in a secret you have added to an external HashiCorp or CyberArk vault, or existing credentials in a secret you have created in the internal vault, select Use secrets from a vault.

    Use the option that matches your environment:

    You have no existing secrets, but you have an existing vault.
    The Add secret button appears with the dropdown menu disabled. If you select Add secret, it opens a new tab and takes you to the Configuration page where you see a Vaults and secrets tab. Select Secrets on that tab, and then Add secret. Ask your administrator to share a secret with you.
    You have no existing secrets or existing vaults, but you do have permission to add vaults.
    In the first option, it does not matter if you have this permission because a vault already exists. In this option, you must either ask your administrator to share a secret with you and then click Reload, or you can select Add vault. A new tab opens to the page where you can add an external HashiCorp or CyberArk vault, and then either add a secret on that tab or click Reload on the first tab, which will reload to the first situation.
    You have no existing secrets or existing vaults, and you do not have permission to add vaults.
    In this case, you must ask your administrator to share a secret with you. When a secret is shared, click Reload to enable dropdowns.

    The dropdown menus that might be visible are Password and SSL certificate, depending on what is enabled in your environment. All dropdowns available must select a secret to continue.

    When you create or add a secret, ensure it follows these guidelines, which are also present in the informational tips next to each dropdown:
    • The Password dropdown is filtered to display only credential secrets. The selected credential must include a password key.
    • The SSL certificate dropdown is filtered to display only generic secrets. The selected generic secret must include three name-value pairs with the keys: ca.crt, tls.crt, and tls.key.

    On the Finalize page, ensure all the information under the Credentials section is correct.

    For more information on creating and managing secrets in a vault, see Configuring vault usage.

  8. You can choose to keep your system data, user data, backup data, transaction logs, archive logs, and temporary table space data together in a single storage location, or put them in separate locations. System data contains the information that is used by Db2 Warehouse to manage and configure the database. User data is the main database data. Backup data is the storage for saving Db2 Warehouse backup images. Transaction logs storage is the location to save main database transaction logs. Archive logs storage is the location to save database archive logs. Temporary table space storage is the location where main database temporary table spaces are created.
    Remember:
    • meta is the shared (RWX) volume for Db2 Warehouse metadata, also referenced as System Data.
    • data is the non-shared (RWO) volume for database storage, also referenced as User data.
    • If you choose Separate locations for all data, you must specify a storage volume type, a name, and a size for all storage locations.
    • If you choose Single locations for all data as the Storage structure, you must select File storage on the Storage page because the Db2 Warehouse instance pod and the built-in etcd pod mounts the same volume for metadata. Block storage cannot be mounted by multiple pods because block storage is in read/write once (RWO) mode.
    • If you use Portworx storage, you must specify a 4 K block size.
  9. Specify the storage to use for the database.
    For the available options, see Configuring database storage for Db2 Warehouse.
  10. Click Next.
  11. Optional: Specify a new display name for the database. The new name must be unique among all existing database deployments.
  12. Ensure that the summary is correct and click Create.
    You might have to wait 2 to 40 minutes, based on the number of worker nodes and the amount of memory that were allocated to the deployment.

    The database is ready when it shows up as Available on the Databases tab.

What to do next

As a database administrator, you can: