The talk will be about the project to find a replacement for all IBM products in the company with the example for the databases. What was the goal of the project, the learning, a short overview about the options
we migrated about 500 db2 databases to EnterpriseDB. The database size was from a small size up to 4 TB and we implemented a completely new fully automated deployment of VM and database. Databases are now 11 month in production. The talk will have an overview of the project, the learnings, a few parameters and technical parameters that were found for stability and performance.
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Migration DB2 to EDB - Project Experience
1. Migration DB2 to EDB - Project Experience
Harald Stefan
Munich, December 2020
2. Table of contents
2
December 2020
Migration DB2 to EDB - Project Experience
Introduction
Situation, scope of project and decision
Technology
Status, lessons learned and conclusion
01
02
03
04
Additional information and reference05
4. Company BG-Phoenics GmbH
4
December 2020
Migration DB2 to EDB - Project Experience
BG-Phoenics GmbH has
> 500 employees, thereof 250 in IT
14 locations in Germany
We are THE service provider for the German Social
Accident Insurance.
We manage over 8,500 IT users with more than
21,000 end devices.
We as a full service provider develop and operate
complete applications for our customers including
infrastructure.
5. About me
5
Head of platform databases
15 years leadership experience for technology teams
25 years database experience in development and
administration of various database systems (Relational,
NoSQL, Shared Nothing, Hadoop, ..)
many technology projects and experience in various
technologies
since December 2017 at BG-Phoenics GmbH
Contact
harald.stefan@bg-phoenics.de
NDecember 2020
Migration DB2 to EDB - Project Experience
7. Situation 2017
7
Nearly 1,500 Databases in operation, thereof about 500 are DB2
Many databases highly consolidated and complex to operate due to license situation
7 different database systems
Mission Critical Systems in HA network on VMWare
long set-up times for systems deployment by many participating teams
many weekend activities because of license-driven architecture
December 2020
Migration DB2 to EDB - Project Experience
DB2 DBRMS
Instanz1
Instanz2
Instanz20
Service
1
Service
3
Service
2
8. Mission and scope of project
8
Replacement of IBM products until End of 2019 and therefore large parts of the core
infrastructure
- Content management systems
- about 500 DB2 databases
- Backup system TSM
Database size from < 100 GB up to 2.5 TB compressed, partly with cluster HA setup
Conversion of the databases to characterset UTF8
Content management systems with about 1.5 billion documents
Looking for replacement products for Mission Critical Systems in the Enterprise Network
Reduction of license dependencies to best technical architecture for the company
Replacement of application servers from websphere to Jboss
Replacement of IBM ITM monitoring system
December 2020
Migration DB2 to EDB - Project Experience
9. Analysis and procedure for databases
9
What else do we want to achieve?
- automatic deployment of server and database with all parts
- simple license model
- high throughput and stability
- open architecture for expansion to cloud and container
- backups to S3 storage, if possible
Create matrix with all necessary features
(HA, Partitioning, Hints, Point in Time Recovery, procedural ability
easily accessible support, future-proof product and support, Linux basis)
be careful, the devil is in the details !
after market analysis comparison of 16 database systems with 32 weighted criteria
decision on EDB
December 2020
Migration DB2 to EDB - Project Experience
10. Why EDB?
10
Fast and competent support, meet our SLA demands
Security roadmap fits our planning
DB2 code migratable
Oracle databases are also migratable (as a further option)
All necessary tools included and without additional costs
ressource manager, HA, standby, system wait diagnostic, pooling etc.
ACID Compliant
Application support for all of our core applications
Open minded for customer wishes (adding options and features to the code)
Sustainable and stable with good product roadmap
December 2020
Migration DB2 to EDB - Project Experience
11. Migration Method
11
No direct link from db2 to EDB possible
No direct way to migrate character set
We used a tool to do the migration including data-type and character conversion
12 batches in parallel to migrate and transport data
Reworked code by developers for the procedural business logic
December 2020
Migration DB2 to EDB - Project Experience
DB2
Linux
EDB
Linux
Convert
Tool
Convert
Tool
Convert
Tool
14. Private Cloud - Requirement
14
EDB, private cloud everything automated
Vrealize (Puppet)
We developed the complete functionality with BASH shell
script, then handover to cloud automation team
Private Cloud, RAM (8-128GB) + CPU (2-12) + HDD
(130GB-4TB) selectable
EDB, each DB into a separate VM (x 350 DBs)
HA Solution Standby with EFM
Day-2 Operations
December 2020
Migration DB2 to EDB - Project Experience
success
what most
people believe
In reality
15. Components and Versions
15
December 2020
Migration DB2 to EDB - Project Experience
Product Version Description
VMware 6.x (6.5 or higher) Hypervisor
RHEL 7.8 Operating System
EDB EPAS 10.12.20 Database
EFM 3.4 -> 3.9 Failover manager (HA)
OpenJDK 1.8.0 Java JDK
Commvault 11(BUILD80) SP12
(1303739)
Backup solution
ZIS Monitoring
Automic (was
UC4)
10.0.8+hf.5.build.1413
, changelist
1489053929
Job Management
ITM 18/08/20cit_2.8.0.900
0
Monitoring
PEM Agent 7.6.0-3 -> 7.13 Monitoring
PEM Server 7.6.0-3 -> 7.13 Monitoring
BART Server 2.2 Backup
Die Werkzeuge
vRealize
Puppet
Satellite
16. Order VM/DB via vRA
16
December 2020
Migration DB2 to EDB - Project Experience
17. Problems & Solution
17
What users do we need?
DB/OS
Documentation
Kernel Parameters
Limits
Postgresql.conf
EFM & Network
Init Parameter
checksum
December 2020
Migration DB2 to EDB - Project Experience
21. Current situation and status
21
Simple and good license model in place
Stable and high performant platform that passes HA and high load tests
Live since December 2019
few problems from the DB layer and hardly any failure in 1 year of operation
Databases with 4.5 TB and 128 GB RAM without any problem
-> suitable and tested for large environments
Fully automated provisioning of VM and DB from private Cloud Single and HA
with all necessary processes around (monitoring, backup)
Day2 operations for Online extensions possible in minutes, including recalculation of Linux
and performance values
Online deployment for database configuration without service interruption
-> reload for nearly every parameter possible, caches and cursors remain valid
UTF8 character conversion in DB done (for database without any problem)
-> check application layer and client settings
December 2020
Migration DB2 to EDB - Project Experience
22. Lessons Learned
22
Do not underestimate the emotional component
Communicate as much as possible what you want
to achive and the benefit of the migration
Do a complete review of your application an how
it is working
Testing, testing, testing
Have no fear about the migration
Start with POC and testing, not only paperwork
enterpriseDB is ready for high load databases in
business critical environments
Implement patch process as early as possible to
avoid problems
(we have seen xfs bug and efm memory leak
-> both solved and running fine)
Think about automation
December 2020
Migration DB2 to EDB - Project Experience
23. Conclusion
23
Projekt BSW – EDB Private Cloud
IT-B/MD/DM
• Provision in hours vs. provision in weeks
• Batch Quantities of deployments using vRO workflow
• No reworking necessary after provision
• Facilitate daily business by Day2 operations (root; disk+ram enlargement, …)
• Avoidance of errors by onTop-Automation (see documentation and passwords)
• Performance by precisely calculated parameters, limits, heaps...etc
• With the 1:1 Setup we have smooth operation and very rare incidents
• PrivateCloud open for other RDBMS
• Permanent expansion of our Cloud-Service planned !!
Currently Secure Linux in DMZ and migration V12 in work
24. Ihre Fragen . Ihr Feedback .
24
Questions - Feedback
26. Users (1/2)
26
December 2020
Core renovation, Project experience EDB
OS users
Enterprisedb (EDB binary & process owner)
Efm (EFM binary & process owner)
Database Owner (application)
DB Users
Enterprisedb (superuser)
Efm (DB Status for HA)
S48deploy (HA - Standby)
Database Owner (application)
27. Users (2/2)
27
December 2020
Migration DB2 to EDB - Project Experience
Name Purpose OS/DB user
Root OS Superuser OS
Enterprisedb EDB Binary & Prozess Owner OS
<DB_NAME> Db Owner DB & OS
<DB_NAME>a Phoenics Schema-user DB & OS
<DB_NAME>e Phoenics Schema-user DB & OS
Efm EFM (HA Solution) Binary & process owner DB & OS
S48commv OS User for Commvault DB & OS
S48deploy DB User for Replication DB & OS
S48itbdm DBA Group DB & OS
S48ZIS ZIS Agent – Monitoring DB & OS
(any other user) Checked through LDAP DB / OS
28. Kernel Parameters (Doc according link)
28
December 2020
Migration DB2 to EDB - Project Experience
T-Shirt sizes & clear rules?
https://www.postgresql.org/docs/10/kernel-resources.html
31. Shell Limits (Doc)
31
December 2020
Migration DB2 to EDB - Project Experience
The PostgreSQL server uses one process per connection so you
should provide for at least as many processes as allowed
connections, in addition to what you need for the rest of your
system. This is usually not a problem but if you run several
servers on one machine things might get tight.
The factory default limit on open files is often set to “socially
friendly” values that allow many users to coexist on a machine
without using an inappropriate fraction of the system resources.
If you run many servers on a machine this is perhaps what you
want, but on dedicated servers you might want to raise this
limit.
36. Security pg_hba.conf
36
December 2020
Migration DB2 to EDB - Project Experience
By default, only local connections are allowed for postgres
extend entries in pg_hba.conf what is allowed.
We allow certain networks, 10.48, 10.248, …
as enterprisedb
or LDAP authenticated users
We allow replication with special user s48deploy & efm (HA- P/M/S)
Future SHA-256, TDE
37. Pg_hba.conf (1/3)
37
December 2020
Migration DB2 to EDB - Project Experience
IP_PRIMARY=$(nslookup ${PRIMARY_HOST} |grep Address | awk 'NR==2{print $2}')
IP_PRIMARY=$(getent ahostsv4 ${PRIMARY_HOST} | awk 'NR==1{ print $1 }')
NETWORK_CLASS=$(ip addr | grep $IP_PRIMARY | cut -d/ -f 2 | awk '{print $1}')
MY_NETWORK=$(ipcalc ${IP_PRIMARY}/${NETWORK_CLASS} -n| cut -d= -f 2)
# Allow pemagent to use local connection without password
host all ${UNIX_EDB_USER} ${IP_PRIMARY}/32 trust
host all ${UNIX_EDB_USER} ${IP_STANDBY}/32 trust
38. Pg_hba.conf (2/3)
38
December 2020
Migration DB2 to EDB - Project Experience
# database user Entry for standby
host replication ${THE_REPLICATION_DB_USER} ${IP_STANDBY}/32 md5
host replication ${THE_REPLICATION_DB_USER} ${IP_PRIMARY}/32 md5
# Entries for efm must come before the LDAP entry
host all ${EFM_USER} ${IP_PRIMARY}/32 md5
host all ${EFM_USER} ${IP_STANDBY}/32 md5
host all ${EFM_USER} ${IP_WITNESS}/32 md5
39. Pg_hba.conf (3/3)
39
December 2020
Migration DB2 to EDB - Project Experience
# We trust all connections as enterprisedb
host all ${UNIX_EDB_USER} ${MY_NETWORK}/${NETWORK_CLASS} md5
host replication ${UNIX_EDB_USER} ${MY_NETWORK}/${NETWORK_CLASS} md5
# Remote Connections are authenticated in OpenLDAP (if not enterprisedb)
host all all ${MY_NETWORK}/${NETWORK_CLASS} ldap ldapserver=ldap-ro.company.com ldaptls=1
ldapbinddn="uid=USERNAME,ou=users,ou=technical,ou=accounts,ou=linux,dc=ms,dc=DOMAIN,dc=de"
ldapbindpasswd=PASSWORD ldapbasedn="ou=accounts,ou=linux,dc=ms,dc=DOAMIN,dc=de"
Hinweis der Redaktion
Good afternoon ladies and gentlemen, I would like to welcome you to my presentation.
---
Projekt seit Dezember 2019 live
Aktuell kurze Vorstellung des Projektes und einige Technische Hintergründeim Anhang noch Referenzen zum Nachlesen, da sonst die Zeit nicht reicht
Company is mainly located in Munich, development in Hannover
Our customers are professional associations and 11 accident insurance companies
(BG BAU, BGN and BG RCI and others (BV7 until then) BG-N = Food and hospitality BG-RCI = Raw materials and chemical industry
GUSO with 11 accident insurance companies Germany
BG = Employers Liability Insurance
------
Betrieb sitzt hauptsächlich in München, Entwicklung in Hannover
Unsere Kunden sind Berufsgenossenschaften und 11 Unfallkassen
(BG BAU, BGN und BG RCI und weitere (BV7 bis dahin ) BG-N = Nahrung und Gastgewerbe BG-RCI = Rohstoffe und Chemische Industrie
GUSO mit 11 Unfallkassen deutschlandweit
Downtimes and their coordination very difficult
Maintenance almost only possible at the weekend
Extensive maintenance of the environment, documentation and configuration
DB number:about 500 DB2 about 500 SQL Server about 200 Oracle+ smaller applications and derivatives
------
Downtimes und deren Abstimmungen sehr schwierig
Fast nur am Wochenende Maintenance möglich
Aufwendige Pflege der Umgebung, Dokumentation und Konfiguration
DB Anzahl:rund 500 DB2rund 500 SQL Serverrund 200 Oracle+ kleinere Anwendungen und Derivate
Weg von Lizenzarch
Hints
Compression is different (based on Linux methods not Database)
Checkpointing and behaviour on Linux not equal like Oracle/DB2
Contraints are different (in DB2 constraints with equal names possible, not in EDB); EDB similar like Oracle
Prozedural logic/triggers has to be checked exactly because they are different
Field and data type translation
UTF8 translation
Split big schemas and tables to batches
Runtime migration for 4 TB databasestarted with 2 days for migration datafinished in production with 10 hours
We tried realy to separate the app traffic from the cluster traffic but nothing works; Application and Database traffic is using the same interface Relevant for standby configurations but sofar no real problem identified
Virtuallp.prefix is the parameter to rund efm with virtual ip adress but does not change the traffic
Facepalm: Hand vor das Gesicht, Schämen
Monitoring with PEM for DB internal, service monitoring
external company-wide tool (ZIS, Leutek)
Conversion DB2 to EDB with simultaneous UTF8 with tool own porting very complex
Around 40 services done and in production
Mission Critical Systems running absolutely fine
some solved challenges after the first heavy loadings: intensive work with manufacturer and partners solved it good support from EDB
test error situations well;
checkpointing is different than expected
------
Monitoring mit PEM für DB intern, Service Monitoring externes unternehmensweites Tool (ZIS, Leutek)
Umstellung DB2 nach EDB mit gleichzeitigem UTF8 mit Tool gemachteigene Portierung sehr aufwendig
Rund 40 Services in Umstellung, knapp die Hälfte umgestellt
Der Rest bis Ende Dezember geplant, vor allem die Mission Critical Systeme
Auch ein paar aktuelle Herausforderungen nach den ersten Live Gängen und Hochlast-Beladungen:intensive Arbeit mit Hersteller und Partner diese zu lösenFehlersituationen gut anschauen und durchtesten; Checkpointing ist anders als erwartet