Patching the configuration for Remote Db2 target databases

As prerequisite for upgrading a Data Gate instance that is connected to a remote Db2 target database, the Data Gate instance configuration must be updated before upgrading the Data Gate instance itself.

Before you begin

The following commands need to be executed from a Linux-based system having access to the OpenShift cluster that runs the to-be-upgraded Data Gate instances. The system needs to satisfy the following requirements:

Having the OpenShift CLI installed
Having the jq package installed

About this task

The following steps have to be applied when performing an upgrade from 5.3.x to 5.4.x.

Procedure

Export the required environment variables for the Data Gate instance to be upgraded:

export DG_INSTANCE_ID=<datagate-instance-id>
export INSTANCE_NAMESPACE=<instance-namespace>
export REMOTE_DB2_DATABASE_NAME=<remote-db2-database-name>

Example:

export DG_INSTANCE_ID=1779340647842020
export INSTANCE_NAMESPACE=cpd-instance
export REMOTE_DB2_DATABASE_NAME=BLUDB

If upgrading from 5.3.0 to 5.4.x, export the following variable:

export SSL_CERT_SECRET_NAME=<secret name of the SSL certificate>

Patch the dg-${DG_INSTANCE_ID}-cm ConfigMap.

If upgrading from 5.3.0 to 5.4.0, run the following command to patch the configmap:

CM_NAME="dg-${DG_INSTANCE_ID}-cm"
oc get cm "${CM_NAME}" -n "${INSTANCE_NAMESPACE}" -o json \
| jq --arg db "${REMOTE_DB2_DATABASE_NAME}" --arg cert_secret "${SSL_CERT_SECRET_NAME}" '
    .data["instance.json"] |= (
      gsub(",[[:space:]]*}"; "}")
      | fromjson
      | .create_arguments.metadata.remoteDb2DatabaseName = $db
      | .create_arguments.metadata.isTargetDb2Remote = "true"
      | .create_arguments.metadata.target_database_tls_secret_name = $cert_secret
      | tostring
    )
  ' \
| oc apply -f -

If upgrading from 5.3.1 to 5.4.0, run the following command to patch the configmap:

CM_NAME="dg-${DG_INSTANCE_ID}-cm"
oc get cm "${CM_NAME}" -n cpd-instance -o json \
| jq --arg db "${REMOTE_DB2_DATABASE_NAME}" '
    .data["instance.json"] |= (
      fromjson
      | .create_arguments.metadata.remoteDb2DatabaseName = $db
      | tostring
    )
  ' \
| oc apply -f -

Patch the dg-${DG_INSTANCE_ID}-configuration-cm ConfigMap:

oc patch cm dg-${DG_INSTANCE_ID}-configuration-cm \
  -n ${INSTANCE_NAMESPACE} \
  --type merge \
  -p '{"data":{"target_db2_database_name":"'"${REMOTE_DB2_DATABASE_NAME}"'"}}'

Patch the DatagateInstanceService custom resource:

oc patch DatagateInstanceService "dg${DG_INSTANCE_ID}" \
  -n "${INSTANCE_NAMESPACE}" \
  --type merge \
  -p "{
    \"spec\": {
      \"metadata\": {
        \"remoteDb2DatabaseName\": \"${REMOTE_DB2_DATABASE_NAME}\"
      }
    }
  }"

Verify that the patch was applied successfully:

oc get DatagateInstanceService "dg${DG_INSTANCE_ID}" \
  -n "${INSTANCE_NAMESPACE}" \
  -o yaml

If upgrading from 5.3.0 to 5.4.0, you need to modify the credentials secret too. Follow the steps below to update the secret.

Save the following script to a file, for example update-dg-secret.sh:

#!/usr/bin/env bash
INSTANCE_ID="$1"
NAMESPACE="$2"
OLD_SECRET="dg-${INSTANCE_ID}-target-db2-username-password"
NEW_SECRET="dg-${INSTANCE_ID}-configuration-secret"
TMP_FILE="$(mktemp)"
echo "Cloning secret:"
echo "  Namespace : ${NAMESPACE}"
echo "  Old name  : ${OLD_SECRET}"
echo "  New name  : ${NEW_SECRET}"
# Export secret
oc get secret "${OLD_SECRET}" -n "${NAMESPACE}" -o yaml > "${TMP_FILE}"
# Create new secret with same data
sed -e "s/name: ${OLD_SECRET}/name: ${NEW_SECRET}/" \
    "${TMP_FILE}" | oc apply -n "${NAMESPACE}" -f -
# Verify new secret creation
if oc get secret "${NEW_SECRET}" -n "${NAMESPACE}" >/dev/null 2>&1; then
  echo "New secret created successfully."
  rm -f "${TMP_FILE}"
fi

Make the script file executable by running the following command:
```
chmod +x update-dg-secret.sh
```
Run the script, providing the instance ID and the instance namespace as input parameters which were defined in step 2:
```
./update-dg-secret.sh ${DG_INSTANCE_ID} ${INSTANCE_NAMESPACE}
```