deon/spdocker
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
7d5aa9fa43
spdocker/source/server/index.md
Deon George 6804c6f569
Added client
2019-06-28 15:59:11 +10:00

10 KiB
Raw Blame History

title header-img date description related
Server img/header_img/server.jpg 2018-03-07 09:50:12 Spectrum Protect Server in a Docker Container
page title
firstrun Initial Container Setup
page title
normalrun Normal Run of Container
page title
upgrade Upgrading SP
page title
recover Recovering the SP Database
page title
runoc Running OC in a container
page title
/client/index Admin Client in a container

Putting Spectrum Protect into a Container Updated

Tested with Spectrum Protect 8.1.8! Just replace any reference to 8.1.7 with 8.1.8!

(These instructions as based on Spectrum Protect 8.1.7. References to SP means Spectrum Protect.)

NOTES

  • Depending how your storage volumes are provisioned to running containers, you may need to increase the "default size" of a provisioned volume. For example if your storage driver is devicemapper then the default volume size Base Device Size may be 10GB, which wont be enough for a SP installation. You will need to increase it to at least 15GB - details on how to do that are outside of the scope of this document.
  • Also make sure your host has sufficient memory to perform the build - SP requires at least 12GB of RAM to pass the installation logic. I actually perform the build on an iMac with 16GB of memory allocated to Docker. It is also using the overlay storage driver, which means the size of the volume the build container gets is the available free capacity of my /Users mount point.
  • The accompanying files for this build are available in my gitlab
  • And lastly, most importantly, running SP in a container is not officially supported by IBM - so you cannot make a help-desk call about having problems. Technically it should work without problems, but if you are experiencing a problem, be prepared to recreate your environment on a physical host and validate that your problem still exists (and thus not a result of Docker or the implementation on Docker).

Create your Dockerfile

As at the time of writing these instructions, Red Hat Linux is not available in the Docker hub - but CentOS is a good clone. We'll use it

Image preparation

FROM centos:7

Next we need to install some dependencies - these are documented in the Knowledge Center as a requirement for running SP on Linux. You might like to check to make sure these are still all that is required for newer releases of SP.

RUN yum -y install http://yum.leenooks.net/CentOS/7/base/redhat-release-7-6.el7.centos.12.2.x86_64.rpm \
 libaio \
 ksh \
 compat-libstdc++-33 \
 numactl && \
 yum clean all && rm -rf /var/tmp/*

NOTE: During the installation of SP, it tests to make sure it is running on RedHat Linux by testing the existence of an RPM package redhat-release. The redhat-release installed on line 1 is a fake RPM package - it installs no files, but just emulates the existence of that required RPM package.

Spectrum Protect Installation

Now copy in our silent install configuration files. These files are based on the silent install XML files that come on the installation media. Some details on these files are also in the Knowledge Center

COPY install.xml install-fp.xml /tmp/
> **NOTES** > * We only include the silent install configuration files here - not the installation media, otherwise the size of the resulting Docker image is too big. Current versions of `docker build` do provide the ability to "flatten" the resulting container, but those instructions are outside the scope of this tutorial. > * The `install.xml` file performs an installation of the server, with the license libraries/files. You need this when you install a licensed version of Spectrum Protect. > * The `install-fp.xml` file performs an installation of the server WITHOUT the license libraries/files. Since fixpacks (from fixpack central) dont includes the license files, we need to use this file during the install of fixpacks. > * TIP: If you download the server package from the IBM http site (which doesnt include the license libraries/files), you can use this `install-fp.xml` file during the install to create a 90 day trial!

Next, is performing a silent installation of SP.

RUN SOURCE_URL=http://YOUR_SITE_URL_HERE && \
 mkdir -p /tmp/build/base && cd /tmp/build/base && \
 curl -SL ${SOURCE_URL}/SP_8.1_LIN86_SER_STG_ML.bin > tsm && chmod +x tsm && ./tsm && rm -f tsm && \
 ./install.sh -s -input /tmp/install.xml -acceptLicense && \
 rm -rf /tmp/build/base && \
 mkdir -p /tmp/build/patch && cd /tmp/build/patch && \
 curl -SL ${SOURCE_URL}/8.1.7.000-IBM-SPSRV-Linuxx86_64.bin > tsm && chmod +x tsm && ./tsm && rm -f tsm && \
 ./install.sh -s -input /tmp/install-fp.xml -acceptLicense && \
 rm -rf /tmp/build /tmp/install*xml

NOTE: Some information on what is occurring here.

  • This is an "new install" (lines 1-5) then followed by an "upgrade" (lines 6-8). The reason for the new install first, is that the Spectrum Protect license files and license libraries are not available in upgrades (from Fix Central). So you'll need to install from your downloaded media from Passport Advantage, and then upgrade it to the latest release from Fix Central. If you sourced your installation media from Passport Advantage, then the license files and libraries are probably in that installation media, you can exclude lines 6-8.
  • To avoid the resulting Docker Image being too large, we download the installation media from a web server (Line 3) and then delete it after it has been expanded. We also do the same for up upgrade package (line 7).
  • Lines 4 and 8 are silent installation methods for install SP and applying updates.
  • Lines 5 and 9 delete any installation files to reduce the size of the resulting Docker Image.

Spectrum Protect Post-Installation

Now we set our user environment that will ultimately run SP

ENV USER=tsm USERDIR=/tsm USERID=201 GROUPID=201

NOTE: You can set these according to your enterprise policy. USERDIR will ultimately need to be persistent storage using your favourite storage provisioning methodology. I generally host mount when starting the container using -v /host/path/user:/tsm and it works well. I have used some 3rd party persistent storage offerings, however, they often have not worked. While I haven't explored in detail why not, I suspect it is because of Direct IO calls being made by DB2 and those 3rd party offerings not supporting those system calls.

Now we create our user

RUN groupadd servers -g ${GROUPID} && useradd -d ${USERDIR} -u ${USERID} -g ${GROUPID} -s /bin/bash ${USER}

Copy some default Server configuration files in place

COPY dsmserv.opt tsmdbmgr.opt ${USERDIR}/
COPY dsm.sys /opt/tivoli/tsm/server/bin/dbbkapi/
RUN chmod a+r /opt/tivoli/tsm/server/bin/dbbkapi/dsm.sys

We'll now do some post installation setup, first create the DB2 instance for our user and change the default directory for the database to be the same as the instance directory for the server.

RUN /opt/tivoli/tsm/db2/instance/db2icrt -a server -s ese -u ${USER} ${USER} && \
 mkdir -m 750 /database && \
 chown ${USER}:servers /database /tsm/dsmserv.opt /tsm/tsmdbmgr.opt && \
 su ${USER} -lc "db2 update dbm cfg using dftdbpath ${USERDIR} && db2set -i ${USER} DB2NOEXITLIST=ON"

NOTE: Keep all these commands on one RUN line otherwise the db2 update dbm command will fail with an SQL6031N error.

Setup sqllib/userprofile

RUN su ${USER} -lc "echo setenv LD_LIBRARY_PATH /opt/tivoli/tsm/server/bin/dbbkapi:/usr/local/ibm/gsk8_64/lib64:\\\$LD_LIBRARY_PATH >> sqllib/usercshrc && echo export LD_LIBRARY_PATH=/opt/tivoli/tsm/server/bin/dbbkapi:/usr/local/ibm/gsk8_64/lib64:\\\$LD_LIBRARY_PATH >> sqllib/userprofile && echo export DSMI_CONFIG=${USERDIR}/tsmdbmgr.opt >> sqllib/userprofile && echo export DSMI_DIR=/opt/tivoli/tsm/server/bin/dbbkapi >> sqllib/userprofile && echo export DSMI_LOG=${USERDIR} >> sqllib/userprofile"

When SP starts on a new install, there are no ADMINs defined, so here is a macro to help us.

COPY admin.macro /tsm/

Final Docker Image Parameters

And our final Docker Image settings for when our container starts.

COPY init /sbin/

EXPOSE 1500 1543
VOLUME [ "${USERDIR}","/database","/data" ]
ENTRYPOINT [ "/sbin/init" ]
CMD [ "start" ]

Set your container timezone (optional)

If you want your running container to be in your timezone, then add this to your Dockerfile

# Set out local time
RUN ln -sf /usr/share/zoneinfo/Australia/Melbourne /etc/localtime

NOTE: This will set your timezone to Melbourne, Australia - naturally, choose the appropriate Country/City for your timezone.

Build your Image

A complete Dockerfile is available here if you need one as a starting point. Once you have your images loaded on a web server, and the supporting build files run docker build -t ibm/spectrumprotect:8.1.x .

If your final build is successful, you should see a Docker Image that is about 3GB.

REPOSITORY           TAG     IMAGE ID      CREATED        SIZE
ibm/spectrumprotect  8.1.7   b56baf7faab5  2 minutes ago  3.24GB

NOTES

  • Make sure you have enough space in your /var/lib/docker directory - the build will use about 9 GB's.

Now that your container is built, you'll want to start it a specific way, depending on whether you are starting a clean new instance of SP, or an existing instance. Those details are here.

Trying out a container image

If you are interested, the SP server (without license files) is available on the IBM FTP site. I've put together the instructions on how to build this server image (v8.1.7) or use my already made image. Those details are here.