我构建包含IBM MQ 9.1,DB2express-c 9.7 + ubuntu 16.04 64位的docker映像。
我想在我的Db2数据库上启用MQ函数(将msg发送到队列中)。
但是当我使用 enable_MQFunctions 时,我得到了以下错误:
*** Error -- while connecting to TEST
Make sure that user(db2inst1) and password(pass) are valid and that the DB2 instance has started.
*** enable_MQFunction finished with error
数据库,用户,密码都不错。而且我不明白这个命令之前没有与我的数据库有关的问题
我今天使用的Dockerfile(仅包含DB2和IBM MQ,不带IIB):
# © Copyright IBM Corporation 2015, 2017
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#==============================
#========================
#FROM centos:7
FROM ubuntu:16.04
#FROM ubuntu:17.10
#LABEL maintainer "Arthur Barr <arthur.barr@uk.ibm.com>, Rob Parker <PARROBE@uk.ibm.com>"
#LABEL "ProductID"="98102d16795c4263ad9ca075190a2d4d" \
# "ProductName"="IBM MQ Advanced for Developers" \
# "ProductVersion"="9.0.4"
# The URL to download the MQ installer from in tar.gz format
#oryginal ARG MQ_URL=https://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev904_ubuntu_x86-64.tar.gz
ARG MQ_URL=http://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev910_ubuntu_x86-64.tar.gz
#ARG MQ_URL=http://public.dhe.ibm.com/ibmdl/export/pub/software/websphere/messaging/mqadv/mqadv_dev80_linux_x86-64.tar.gz
#ARG MQ_URL=\\172.29.5.249\mqadv_dev910_ubuntu_x86-64.tar.gz
# The MQ packages to install
ARG MQ_PACKAGES="ibmmq-server ibmmq-java ibmmq-jre ibmmq-gskit ibmmq-web ibmmq-msg-.*"
#RUN rm /var/lib/apt/lists/*
RUN apt-get clean -y
RUN apt-get autoclean -y
RUN export DEBIAN_FRONTEND=noninteractive \
# Install additional packages required by MQ, this install process and the runtime scripts
&& apt-get update -y \
&& apt-get install -y --no-install-recommends \
# && yum update -y \
# && yum install -y \
bash \
bc \
ca-certificates \
coreutils \
curl \
debianutils \
file \
findutils \
gawk \
grep \
libc-bin \
lsb-release \
mount \
passwd \
procps \
sed \
tar \
util-linux \
# Download and extract the MQ installation files
&& export DIR_EXTRACT=/tmp/mq \
&& mkdir -p ${DIR_EXTRACT} \
&& cd ${DIR_EXTRACT} \
&& curl -LO $MQ_URL \
&& tar -zxvf ./*.tar.gz \
# Recommended: Remove packages only needed by this script
#
#&& package-cleanup --leaves --all \ <-------moje dodanie
# Recommended: Create the mqm user ID with a fixed UID and group, so that the file permissions work between different images
&& groupadd --system --gid 990 mqm \
&& useradd --system --uid 990 --gid mqm mqm \
&& usermod -G mqm root \
# Find directory containing .deb files
&& export DIR_DEB=$(find ${DIR_EXTRACT} -name "*.deb" -printf "%h\n" | sort -u | head -1) \
# Find location of mqlicense.sh
&& export MQLICENSE=$(find ${DIR_EXTRACT} -name "mqlicense.sh") \
# Accept the MQ license
&& ${MQLICENSE} -text_only -accept \
&& echo "deb [trusted=yes] file:${DIR_DEB} ./" > /etc/apt/sources.list.d/IBM_MQ.list \
# Install MQ using the DEB packages
&& apt-get update \
&& apt-get install -y $MQ_PACKAGES \
# Remove 32-bit libraries from 64-bit container
&& find /opt/mqm /var/mqm -type f -exec file {} \; \
| awk -F: '/ELF 32-bit/{print $1}' | xargs --no-run-if-empty rm -f \
# Remove tar.gz files unpacked by RPM postinst scripts
&& find /opt/mqm -name '*.tar.gz' -delete \
# Recommended: Set the default MQ installation (makes the MQ commands available on the PATH)
&& /opt/mqm/bin/setmqinst -p /opt/mqm -i \
# Clean up all the downloaded files
&& rm -f /etc/apt/sources.list.d/IBM_MQ.list \
&& rm -rf ${DIR_EXTRACT} \
# Apply any bug fixes not included in base Ubuntu or MQ image.
# Don't upgrade everything based on Docker best practices https://docs.docker.com/engine/userguide/eng-image/dockerfile_best-practices/#run
&& apt-get upgrade -y sensible-utils \
# End of bug fixes
&& rm -rf /var/lib/apt/lists/* \
# Optional: Update the command prompt with the MQ version
&& echo "mq:$(dspmqver -b -f 2)" > /etc/debian_chroot \
&& rm -rf /var/mqm \
# Optional: Set these values for the Bluemix Vulnerability Report
&& sed -i 's/PASS_MAX_DAYS\t99999/PASS_MAX_DAYS\t90/' /etc/login.defs \
&& sed -i 's/PASS_MIN_DAYS\t0/PASS_MIN_DAYS\t1/' /etc/login.defs \
&& sed -i 's/password\t\[success=1 default=ignore\]\tpam_unix\.so obscure sha512/password\t[success=1 default=ignore]\tpam_unix.so obscure sha512 minlen=8/' /etc/pam.d/common-password
#==========db2 expres START====
#FROM centos:7
#MAINTAINER Leo Wu <leow@ca.ibm.com>
###############################################################
#
# System preparation for DB2
#
###############################################################
#********************z iib-mq-db2 git
RUN dpkg --add-architecture i386
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt-get update && \
apt-get install -y --no-install-recommends \
curl \
bash \
bc \
coreutils \
curl \
debianutils \
findutils \
gawk \
grep \
libc-bin \
lsb-release \
libncurses-dev \
libstdc++6 \
gcc \
binutils \
make \
libpam0g:i386 \
lib32stdc++6 \
lib32gcc1 \
libcurl4-gnutls-dev:i386 \
numactl \
libaio1 \
libxml2 \
mount \
passwd \
procps \
rpm \
sed \
tar \
wget \
util-linux
RUN rm -rf /var/lib/apt/lists/*
RUN apt-get dist-upgrade -y
#******************
RUN groupadd db2iadm1 && useradd -G db2iadm1 db2inst1
# Required packages
#RUN yum install -y \
# vi \
# sudo \
# passwd \
# pam \
# pam.i686 \
# ncurses-libs.i686 \
# file \
# libaio \
# libstdc++-devel.i686 \
# numactl-libs \
# which \
# && yum clean all
ENV DB2EXPRESSC_DATADIR /home/db2inst1/data
# IMPORTANT Note:
# Due to compliance for IBM product, you have to host a downloaded DB2 Express-C Zip file yourself
# Here are suggested steps:
# 1) Please download zip file of db2 express-c from http://www-01.ibm.com/software/data/db2/express-c/download.html
# 2) Then upload it to a cloud storage like AWS S3 or IBM SoftLayer Object Storage
# 3) Acquire a URL and SHA-256 hash of file and pass it via Docker's build time argument facility
ARG DB2EXPRESSC_URL=ftp://ftp.software.ibm.com/software/data/db2/express/db2exc_images/db2exc_970_LNX_x86_64.tar.gz
#ARG DB2EXPRESSC_URL=http://lorenzana.gt/uploads/files/v10.5fp1_linuxx64_expc.tar.gz
#ARG DB2EXPRESSC_URL=\\172.29.5.249\public\image\v10.5fp1_linuxx64_expc.tar.gz
ADD db2expc.rsp /tmp/db2expc.rsp
ADD db2rfe.cfg /home/db2inst1/sqllib/instance/db2rfe.cfg
COPY db2expc.rsp /tmp
RUN curl -fkSLo /tmp/expc.tar.gz $DB2EXPRESSC_URL
RUN cd /tmp && tar xf expc.tar.gz
RUN rm -rf /home/db2inst1/sqllib
RUN mkdir /home/db2inst1/sqllib
RUN su - root -c "chmod -R 1777 /home/db2inst1/"
RUN su - db2inst1 -c "/tmp/expc/db2_install -f sysreq -b /home/db2inst1/sqllib"
# RUN su - db2inst1 -c "/tmp/expc/db2setup -r /tmp/db2expc.rsp" || echo "db2setup failed"
RUN echo '. /home/db2inst1/sqllib/db2profile' >> /home/db2inst1/.bash_profile \
&& rm -rf /tmp/db2* && rm -rf /tmp/expc* \
&& sed -ri 's/(ENABLE_OS_AUTHENTICATION=).*/\1YES/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/(RESERVE_REMOTE_CONNECTION=).*/\1YES/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/^\*(SVCENAME=db2c_db2inst1)/\1/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& sed -ri 's/^\*(SVCEPORT)=48000/\1=50000/g' /home/db2inst1/sqllib/instance/db2rfe.cfg \
&& mkdir $DB2EXPRESSC_DATADIR && chown db2inst1.db2iadm1 $DB2EXPRESSC_DATADIR
RUN su - db2inst1 -c "db2start && db2set DB2COMM=TCPIP && db2 UPDATE DBM CFG USING DFTDBPATH $DB2EXPRESSC_DATADIR IMMEDIATE && db2 create database db2inst1" \
&& su - db2inst1 -c "db2stop force" \
&& cd /home/db2inst1/sqllib/instance \
&& ./db2rfe -f ./db2rfe.cfg
#COPY docker-entrypoint.sh /entrypoint.sh
#ENTRYPOINT ["/entrypoint.sh"]
#VOLUME $DB2EXPRESSC_DATADIR
#EXPOSE 50000
#=========db2 express END ====
COPY *.sh /usr/local/bin/
COPY *.mqsc /etc/mqm/
COPY admin.json /etc/mqm/
COPY mq-dev-config /etc/mqm/mq-dev-config
RUN chmod +x /usr/local/bin/*.sh
# Always use port 1414 (the Docker administrator can re-map ports at runtime)
# Expose port 9443 for the web console
#VOLUME /home/db2inst1/data
EXPOSE 1414 9443 50000
ENV LANG=en_US.UTF-8
COPY docker-entrypoint.sh /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
#ENTRYPOINT ["mq.sh"]
entrypoint.sh(带有MQ和DB2命令):
#======= start MQ =====
set -e
mq-license-check.sh
echo "----------------------------------------"
source mq-parameter-check.sh
echo "----------------------------------------"
setup-var-mqm.sh
echo "----------------------------------------"
which strmqweb && source setup-mqm-web.sh
echo "----------------------------------------"
mq-pre-create-setup.sh
echo "----------------------------------------"
source mq-create-qmgr.sh
echo "----------------------------------------"
source mq-start-qmgr.sh
echo "----------------------------------------"
source mq-dev-config.sh
echo "----------------------------------------"
source mq-configure-qmgr.sh
echo "----------------------------------------"
exec mq-monitor-qmgr.sh ${MQ_QMGR_NAME}
#======== z MQ - END ======
pid=0
function log_info {
echo -e $(date '+%Y-%m-%d %T')"\e[1;32m $@\e[0m"
}
function log_error {
echo -e >&2 $(date +"%Y-%m-%d %T")"\e[1;31m $@\e[0m"
}
function stop_db2 {
log_info "stopping database engine"
su - db2inst1 -c "db2stop force"
}
function start_db2 {
log_info "starting database engine"
su - db2inst1 -c "db2start"
}
function restart_db2 {
# if you just need to restart db2 and not to kill this container
# use docker kill -s USR1 <container name>
kill ${spid}
log_info "Asked for instance restart doing it..."
stop_db2
start_db2
log_info "database instance restarted on request"
}
function terminate_db2 {
kill ${spid}
stop_db2
if [ $pid -ne 0 ]; then
kill -SIGTERM "$pid"
wait "$pid"
fi
log_info "database engine stopped"
exit 0 # finally exit main handler script
}
trap "terminate_db2" SIGTERM
trap "restart_db2" SIGUSR1
if [ ! -f ~/db2inst1_pw_set ]; then
if [ -z "$DB2INST1_PASSWORD" ]; then
log_error "error: DB2INST1_PASSWORD not set"
log_error "Did you forget to add -e DB2INST1_PASSWORD=... ?"
exit 1
else
log_info "Setting db2inst1 user password..."
(echo "$DB2INST1_PASSWORD"; echo "$DB2INST1_PASSWORD") | passwd db2inst1 > /dev/null 2>&1
if [ $? != 0 ];then
log_error "Changing password for db2inst1 failed"
exit 1
fi
touch ~/db2inst1_pw_set
fi
fi
if [ ! -f ~/db2_license_accepted ];then
if [ -z "$LICENSE" ];then
log_error "error: LICENSE not set"
log_error "Did you forget to add '-e LICENSE=accept' ?"
exit 1
fi
if [ "${LICENSE}" != "accept" ];then
log_error "error: LICENSE not set to 'accept'"
log_error "Please set '-e LICENSE=accept' to accept License before use the DB2 software contained in this image."
exit 1
fi
touch ~/db2_license_accepted
fi
if [[ $1 = "-d" ]]; then
log_info "Initializing container"
start_db2
log_info "Database db2diag log following"
tail -f ~db2inst1/sqllib/db2dump/db2diag.log &
export pid=${!}
while true
do
sleep 10000 &
export spid=${!}
wait $spid
done
else
exec "$1"
fi
和:
docker run -e LICENSE=accept -e MQ_QMGR_NAME=MQ321 -e DB2INST1_PASSWORD=pass -p 41419:1414 -p 9459:9443 -p 5015:50000 allall4r
毕竟,我使用了来自HERE的命令
所以我执行了:
根:
usermod -G mqm db2inst1
/opt/mqm/bin/setmqinst -i -n Installation1 -p /opt/mqm
mqm用户:
PATH=$PATH:/opt/mqm/bin
db2inst1用户:
LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/mqm/lib64
AMT_DATA_PATH=/opt/mqm
db2start
db2 create db testdb
db2 connect to testdb
cd ~/sqllib/cfg/mq
db2 –tvf amtsetup.sql
在此处上传构建此映像所需的所有文件:UPLOAD LINK
图片将约为3.1GB
答案 0 :(得分:0)
我怀疑您的症状的原因是为enable_MQFunctions尝试运行的enable_MQFunctions命令行指定的帐户当时没有密码 。您可以通过查看db2diag.log来查看确切的身份验证失败消息,和/或通过在运行/etc/passwd之前查看该帐户的enable_MQFunctions条目来证明这一点。
您可以展开Dockerfile以完全在docker build期间为MQ配置Db2,而不是在docker run之后或入口点中运行这些步骤。这样,您将负责Dockerfile中的所有步骤,并且在docker run命令之后无需人工干预即可重复执行。这也意味着您将使用所有必需的配置来预烘焙构建的映像,然后将其持久化。您需要具有足够的Dockerfile脚本编写能力,才能获得理想的结果。
正确完成后,enable_MQFunctions将在docker build期间正常运行,因此,如果遇到错误,则是因为操作不正确。
我可以成功配置数据库并在Dockerfile内全部运行enable_MQFunctions,执行以下步骤(由于使用了非root用户安装的Db2),因此所有配置都已在构建映像中。
在安装Db2之后和db2start之前,Dockerfile应该
创建/home/db2inst1/sqllib/userprofile(只要实例所有者在db2profile或.bash_profile中的.profile中占点,它将运行),以执行以下步骤:
-将/opt/mqm/lib64附加到LD_LIBRARY_PATH
-export AMT_DATA_PATH=/opt/mqm
-将/opt/mqm/bin放在PATH
chown db2inst1:db2iadm1 /home/db2inst1/sqllib/userprofile
在安装Db2之后且在db2start之前,Dockerfile应该运行以下步骤:
-db2set DB2COMM=TCPIP
-db2set DB2ENVLIST=AMT_DATA_PATH
-db2 -v update dbm cfg using federated yes immediate
在Dockerfile中为db2inst1帐户设置密码
然后Dockerfile可以运行db2start,创建数据库(我称其为Sample,您可以随意命名)并以db2inst1用户身份运行以下片段,首先在MQ函数使用的数据库:
su -db2inst1 -c "( db2 -v connect to sample ; \
db2 -tvf /home/db2inst1/sqllib/cfg/mq/amtsetup.sql; \
db2 -v list tables for schema DB2MQ ; \
exit 0 ) "
请注意,您必须在子shell中运行amtsetup.sql来显式退出0,因为amtsetup.sql总是返回非零的退出代码,即使成功完成也是如此。因此,在这种情况下,您希望docker build继续。
如果以上所有步骤均已成功完成并且MQ已成功安装,则稍后可以在Dockerfile中运行enable_MQFunctions,如下所示:
我使用ARG INSTANCE_PASSWORD指定db2inst1密码,该密码可以来自外部。
su - db2inst1 -c "( . ./.profile ;\
db2start ;\
db2 -v activate database sample ;\
cd /home/db2inst1/sqllib/cfg ; \
/home/db2inst1/sqllib/bin/enable_MQFunctions -echo -force -n sample -u db2inst1 -p $INSTANCE_PASSWORD ; \
db2stop force ; \
exit 0)"
答案 1 :(得分:0)
问题出在环境变量上。构建后,我的图像无法容纳任何变量。我尝试使用导出前缀,但没有更改。因此,没有密码,没有好的LD_LIBRARY_PATH。我更改并注销后的事件,变量恢复为默认值。
在我的帐户( db2inst1 )中使用root -> passwd后,我可以使用良好的密码执行enable_MQFunction
下一个错误是我没有db2的有效许可证。