The Dockerfiles, as shipped, contain one Perl script that runs as root. This Perl script performs an initial configuration of the tt
container in each Pod. It then switches from root
to the oracle
user. If you do not want any process in any container to run as root, you can use the procedure in this appendix.
Note: TimesTen (including the TimesTen daemons, the TimesTen agent, and the Kubernetes Operator) does not run as root.
The appendix shows a complete example.
The overview describes the requirements for configuring the TimesTen containers to run as non-root. The remaining sections show the standard setup procedures for configuring your active standby pairs of TimesTen databases. The final section shows you how to verify the TimesTen containers are running as non-root.
Topics:
You can configure your containers to run as non-root. This involves two additional steps from the standard setup procedures:
Uncomment USER
333
in the Dockerfile
located in the /ttimage
directory. See "Build the TimesTen image" for details.
Include .template.spec.securityContext
information in the YAML file of your TimesTenClassic object. See "Create the TimesTenClassic object" for details.
Before starting the example, ensure you have:
Completed the prerequisites. See "Prerequisites" for information on the required prerequisites.
To set up the environment, perform these steps from your Linux development host:
Perform these steps to download the full distribution of TimesTen and then unpack the TimesTen Operator distribution that is embedded within it. Perform all steps from your Linux development host.
From the directory of your choice:
Create one subdirectory into which you will download the TimesTen full distribution. For example, create the installation_dir
subdirectory. (The installation_dir
directory is used in the remainder of this chapter.)
Create a second subdirectory into which you will unpack the TimesTen Operator distribution. For example, create the kube_files
subdirectory. (This kube_files
directory is used in the remainder of this chapter.)
% mkdir -p installation_dir % mkdir -p kube_files
You are now ready to download and unpack the TimesTen full distribution.
Navigate to installation_dir
.
% cd installation_dir
Download the TimesTen full distribution into this directory. As an example, download the t
imesten1814110.server.linux8664.zip
file, (the 18.1.4.11.0
full distribution for Linux 64-bit).
From the installation_dir
, use the ZIP utility to unpack the TimesTen distribution.
% unzip timesten1814110.server.linux8664.zip Archive: /timesten/installation/timesten1814110.server.linux8664.zip creating: tt18.1.4.11.0/ creating: tt18.1.4.11.0/ttoracle_home/ ... creating: tt18.1.4.11.0/kubernetes/ ...
You successfully unpacked the TimesTen full distribution.
Note that the installation_dir
/tt18.1.4.11.0/kubernetes
directory is created. The operator.zip
file is located in this directory. For example, this is a sample directory structure after unpacking the distribution:
% pwd
installation_dir/tt18.1.4.11.0
% dir
3rdparty include lib oraclescripts README.html ttoracle_home
bin info network PERL startup
grid kubernetes nls plsql support
Navigate to the kube_files
directory and unpack the operator.zip
file into it. In this example, unpack the installation_dir
/tt18.1.4.11.0/kubernetes
/operator.zip
file.
% cd kube_files % unzip installation_dir/tt18.1.4.11.0/kubernetes/operator.zip [...UNZIP OUTPUT...]
You successfully unpacked the installation_dir
/tt18.1.4.11.0/kubernetes/operator.zip
file into the kube_files
directory.
Review the directory structure. Later in this chapter, you will modify some of the files in these subdirectories. This example shows the most important subdirectories and files, which can change from release to release.
README.md deploy/crd.yaml deploy/operator.yaml deploy/service_account.yaml operator/Dockerfile operator/timestenclassic-operator ttimage/agent2 ttimage/.bashrc ttimage/create1.sql ttimage/create2.sql ttimage/Dockerfile ttimage/get1.sql ttimage/pausecq.sql ttimage/repcreate.sql ttimage/repduplicate.sql ttimage/runsql,sql ttimage/starthost.pl ttimage/.ttdotversion ttimage/.ttdrop
Note:
This directory tree must persist through the lifetime of the TimesTen Operator.In addition, do not delete the TimesTen full distribution file (t
imesten1814110.server.linux8664.zip
, in this example). You need to copy this file into the:
/operator
directory to build the Operator image and push the image to the image registry. See "Build the Operator image" for details.
/ttimage
directory to build the TimesTen image and push the image to the image registry. See "Build the TimesTen image" for details.
You successfully downloaded and unpacked the TimesTen Operator distribution.
The Operator runs by using a Kubernetes service account. This service account needs permissions and privileges in your namespace. These permissions and privileges are granted through a role. The s
ervice_account.yaml
file adds the service account and the role to your namespace, and grants the service account the privileges that are specified in the role. The service_account.yaml
file is provided in the operator.zip
file you previously unpacked.
Note:
The provided role gives thetimestenclassic-operator
broad permissions within your namespace. Examine the permissions provided in the service_account.yaml
file to see if the permissions need to be modified. If so, modify the permissions before running the commands in this example.Perform these steps:
Navigate to the kube_files
/deploy
directory.
% cd kube_files/deploy
Create the service account.
% kubectl create -f service_account.yaml role.rbac.authorization.k8s.io/timestenclassic-operator created serviceaccount/timestenclassic-operator created rolebinding.rbac.authorization.k8s.io/timestenclassic-operator created
The service_account.yaml
file created the timestenclassic-operator
service account and the timestenclassic-operator
role in your namespace, and granted the service account the privileges specified in the role.
Navigate to the kube_files
/deploy
directory, and then use the kubectl
create
command to create the TimesTenClassic customized resource definition (CRD) in your Kubernetes cluster.
% cd kube_files/deploy
% kubectl create -f crd.yaml
customresourcedefinition.apiextensions.k8s.io/
timestenclassics.timesten.oracle.com created
You successfully added the TimesTenClassic object type to your Kubernetes cluster.
Kubernetes Operators are Pods that run a customized image. Before you can run the Operator, you must build this image and push it to your image registry.
The files needed to create the image are provided in the kube_files
/operator
directory (part of the ZIP file you previously unpacked). In the kube_files
/operator
directory are the Dockerfile
and the binaries needed to create the Operator image.
To build the Operator image and push it to your registry, perform these steps:
Navigate to the kube_files
/operator
directory, and copy the TimesTen distribution into it. This example assumes you downloaded the timesten1814110.server.linux8664.zi
p
distribution into the installation_dir
directory. See "Download the TimesTen Operator" for information. Then, verify the timesten1814110.server.linux8664.zi
p
file is in the kube_files
/operator
directory.
% cd kube_files/operator % cp installation_dir/timesten1814110.server.linux8664.zip . % ls -a Dockerfile timesten1814110.server.linux8664.zip timestenclassic-operator
Navigate to the kube_files
/operator
directory (if not already in this directory) and use the docker
command to build the Operator image. You can choose any name for ttclassic-operator:2
(represented in bold in this example). Note that the output may change from release to release.
% cd kube_files/operator % docker build -t ttclassic-operator:3 . Sending build context to Docker daemon 478.6MB Step 1/7 : FROM container-registry.oracle.com/os/oraclelinux:7 ---> d788eca028a0 Step 2/7 : ARG TT_DISTRO=timesten1814110.server.linux8664.zip ---> Using cache ---> a259a93fe906 Step 3/7 : RUN yum -y install openssl unzip && /usr/sbin/useradd -d /tt-operator -m -u 1001 -s /bin/nologin -U tt-operator ---> Using cache ---> e3f1427246ab Step 4/7 : COPY --chown=tt-operator:tt-operator timestenclassic-operator /usr/local/bin/timestenclassic-operator ---> Using cache ---> 6ccad53230f0 Step 5/7 : COPY --chown=tt-operator:tt-operator $TT_DISTRO /tt-operator/ $TT_DISTRO ---> 5cd31705485a Step 6/7 : USER tt-operator ---> Running in 6a773ddac5dd Removing intermediate container 6a773ddac5dd ---> 875ee38ebc75 Step 7/7 : ENTRYPOINT ["/usr/local/bin/timestenclassic-operator"] ---> Running in fed0f6c94c2f Removing intermediate container fed0f6c94c2f ---> 10dde79e1617 Successfully built 10dde79e1617 Successfully tagged ttclassic-operator:3
Use the docker
command to tag the Operator image.
Replace phx.ocir.io/youraccount
with the location of your image registry. (phx.ocir.io/youraccount
is represented in bold in this example.)
Replace ttclassic-operator:3
with the name you chose in the previous step. (ttclassic-operator
is represented in bold in this example.)
% docker tag ttclassic-operator:3 phx.ocir.io/youraccount/ttclassic-operator:3
Use the docker
command to push the Operator image to your registry.
Replace phx.ocir.io/youraccount
with the location of your image registry. (phx.ocir.io/youraccount
is represented in bold in this example.)
Replace ttclassic-operator:3
with the name you chose in the previous steps. (ttclassic-operator:3
is represented in bold in this example.)
% docker push phx.ocir.io/youraccount/ttclassic-operator:3 The push refers to repository [phx.ocir.io/youraccount/ttclassic-operator] 46458e9fc890: Pushed 471a399f0540: Pushed 9e51a2b82af3: Pushed 2f915858a916: Layer already exists 3: digest: sha256:9b941f12e3d52298b9b38f7766ddcdfb1d011857a990ff01a8adafd32f3d3e8d size: 1166
You successfully built the Operator image and pushed it to your image registry.
To deploy the Operator, you first customize it for your namespace and then deploy it. As a final step, you can verify the Operator is running. See "Deploying the Operator" for information.
To customize the Operator for your namespace, navigate to the kube_files
/deploy
directory, and edit the operator.yaml
file. This file is provided in the distribution that you previously unpacked. See "Downloading TimesTen and the TimesTen Operator" for details.
Modify these fields represented in bold (in the operator.yaml
file below):
replicas:
1
Replace 1
with the number of copies of the Operator that you would like to run. 1
is acceptable for development and testing. However, you can run more than one replica for high availability purposes.
Replace sekret
with the name of the image pull secret that Kubernetes uses to pull images from your registry.
Replace phx.ocir.io/youraccount
with the location of your image registry.
Replace ttclassic-operator:3
with the name you chose in the previous steps.
% cd kube_files/deploy % vi operator.yaml apiVersion: apps/v1 kind: Deployment metadata: name: timestenclassic-operator spec: replicas: 1 selector: matchLabels: name: timestenclassic-operator template: metadata: labels: name: timestenclassic-operator spec: serviceAccountName: timestenclassic-operator imagePullSecrets: - name: sekret containers: - name: timestenclassic-operator image: phx.ocir.io/youraccount/ttclassic-operator:3 command: - timestenclassic-operator imagePullPolicy: Always env: - name: WATCH_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: POD_NAME valueFrom: fieldRef: fieldPath: metadata.name - name: OPERATOR_NAME value: "timestenclassic-operator" - name: GODEBUG value: "x509ignoreCN=0"
Use the kubectl
create
command to define the Operator to your namespace and to start the Operator.
% kubectl create -f operator.yaml deployment.apps/timestenclassic-operator created
You deployed the Operator. The Operator should now be running.
Use the kubectl
get
pods
command to verify the Operator is running. If the STATUS
field has a value of Running
, the Operator is running.
% kubectl get pods NAME READY STATUS RESTARTS AGE timestenclassic-operator-846cb5c97c-9gv46 1/1 Running 0 37s
You verified that the Operator is running.
Before you can start TimesTen in your Kubernetes cluster, you must first package TimesTen as a container image and then push the image to your image registry. The files that you need to do this are provided in the kube_files
directory tree. See "Building the TimesTen image" for information.
To run the TimesTen containers as non-root, you must uncomment USER
333
in the kube_files
/ttimage
/Dockerfile
.
To create the TimesTen container image, perform these steps:
Navigate to the kube_files
/ttimage
directory, and copy the TimesTen distribution into it. This example assumes you downloaded the timesten1814110.server.linux8664.zi
p
distribution into the installation_dir
directory. See "Download the TimesTen Operator" for information. Then, verify the timesten1814110.server.linux8664.zi
p
file is in the kube_files
/ttimage
directory.
% cd kube_files/ttimage % cp installation_dir/timesten1814110.server.linux8664.zip . % ls *.zip timesten1814110.server.linux8664.zip
Navigate to the kube_files
/ttimage
directory (if not already in this directory). Edit the Dockerfile
, replacing timesten1814110.server.linux8664.zip
with the name of your TimesTen full distribution. If your TimesTen distribution is timesten1814110.server.linux8664.zip
, no modification is necessary. If not, the modification you need to make is represented in bold. Note: The TimesTen full distribution must be 18.1.4.11.0
or later.
In addition, uncomment USER
333
in this Dockerfile
(represented in bold, in this example).
% cd kube_files/ttimage % vi Dockerfile # Copyright (c) 2019, 2021, Oracle and/or its affiliates. FROM container-registry.oracle.com/os/oraclelinux:7 ARG TT_DISTRO=timesten1814110.server.linux8664.zip RUN yum -y install tar gzip vim curl unzip libaio util-linux RUN groupadd -g 333 oracle RUN useradd -M -d /tt/home/oracle -s /bin/bash -u 333 -g oracle oracle RUN install -d -m 0750 -o oracle -g oracle /home/oracle COPY --chown=oracle:oracle $TT_DISTRO /home/oracle/ COPY --chown=oracle:oracle .bashrc starthost.pl .ttdrop .ttdotversion agent2 create1.sql create2.sql get1.sql repcreate.sql repduplicate.sql runsql.sql pausecg.sql /home/oracle/ # Uncomment the following line if you are using the optional non-root installation procedure. USER 333 ENTRYPOINT "/home/oracle/starthost.pl"
Use the docker
command to build the TimesTen container image. Replace tt1814110
with a name of your choosing (represented in bold, in the docker
build
command below). Note that the output may change from release to release.
% docker build -t tt1814110:3 . Sending build context to Docker daemon 445.8MB Step 1/9 : FROM container-registry.oracle.com/os/oraclelinux:7 ---> d788eca028a0 Step 2/9 : ARG TT_DISTRO=timesten1814110.server.linux8664.zip ---> Using cache ---> a259a93fe906 Step 3/9 : RUN yum -y install tar gzip vim curl unzip libaio util-linux ---> Using cache ---> ac676b5376f3 Step 4/9 : RUN groupadd -g 333 oracle ---> Using cache ---> ce16920f085c Step 5/9 : RUN useradd -M -d /tt/home/oracle -s /bin/bash -u 333 -g oracle oracle ---> Using cache ---> 0319814aca1c Step 6/9 : RUN install -d -m 0750 -o oracle -g oracle /home/oracle ---> Using cache ---> c8612b53398a Step 7/9 : COPY --chown=oracle:oracle $TT_DISTRO /home/oracle/ ---> 31cae98b71fd Step 8/9 : COPY --chown=oracle:oracle .bashrc starthost.pl .ttdrop .ttdotversion agent2 create1.sql create2.sql get1.sql repcreate.sql repduplicate.sql runsql.sql pausecg.sql /home/oracle/ ---> e50eb99c9b54 Step 9/9 : ENTRYPOINT "/home/oracle/starthost.pl" ---> Running in 0b41efd38837 Removing intermediate container 0b41efd38837 ---> 171245e546d5 Successfully built 171245e546d5 Successfully tagged tt1814110:3
Use the docker
command to tag the TimesTen container image. Replace the following, represented in bold, in the docker
tag
command below.
tt1814110:3
with the name you chose in the previous step.
p
hx.ocir.io/youraccount
with the location of your image registry.
% docker tag tt1814110:3 phx.ocir.io/youraccount/tt1814110:3
Use the docker
command to push the TimesTen container image to your registry. Replace the following, represented in bold, in the docker
push
command below.
p
hx.ocir.io/youraccount
with the location of your image registry.
tt1814110:3
with the name you chose previously.
% docker push phx.ocir.io/youraccount/tt1814110:3 The push refers to repository [phx.ocir.io/youraccount/tt1814110] 97a0f250b2fe: Pushed 650b003a3ad4: Pushed b8de51528854: Pushed 62192d26e325: Pushed 7dfe13e9b5a4: Pushed d8570fce965c: Pushed 2f915858a916: Layer already exists 3: digest: sha256:a6ac313394229eb2256d4a56fbcd8e2eda50ea2cc21991fa76f11701f2299710 size: 1788
You successfully built the TimesTen container image. It is pushed to your image registry.
This section creates the sample
ConfigMap. This ConfigMap contains the db.ini
, the adminUser
, and the schema.sql
metadata files. This ConfigMap will be referenced when you define the TimesTenClassic object. See "Understanding the configuration metadata and the Kubernetes facilities" for information on the configuration files and the ConfigMap facility.
On your Linux development host, perform these steps:
From the directory of your choice, create an empty subdirectory for the metadata files. This example creates the cm_sample
subdirectory. (The cm_sample
directory is used in the remainder of this example to denote this directory.)
% mkdir -p cm_sample
Navigate to the ConfigMap directory.
% cd cm_sample
Create the db.ini
file in this ConfigMap directory (cm_sample
, in this example). In this db.ini
file, define the PermSize
and DatabaseCharacterSet
connection attributes.
vi db.ini
PermSize=200 DatabaseCharacterSet=AL32UTF8
Create the adminUser
file in this ConfigMap directory (cm_sample
in this example). In this adminUser
file, create the scott
user with the tiger
password.
vi adminUser
scott/tiger
Create the schema.sql
file in this ConfigMap directory (cm_sample
in this example). In this schema.sql
file, define the s
sequence and the emp
table for the scott
user. The Operator will automatically initialize your database with these object definitions.
vi schema.sql
create sequence scott.s; create table scott.emp ( id number not null primary key, name char(32) );
Create the ConfigMap. The files in the cm_sample
directory are included in the ConfigMap and, later, will be available in the TimesTen containers.
In this example:
The name of the ConfigMap is sample
. Replace sample
with a name of your choosing. (sample
is represented in bold in this example.)
This example uses cm_sample
as the directory where the files that will be copied into the ConfigMap reside. If you use a different directory, replace cm_sample
with the name of your directory. (cm_sample
is represented in bold in this example.)
Use the kubectl
create
command to create the ConfigMap:
% kubectl create configmap sample --from-file=cm_sample configmap/sample created
You successfully created and deployed the sample
ConfigMap.
Use the kubectl
describe
command to verify the contents of the ConfigMap. (sample
, in this example.)
% kubectl describe configmap sample Name: sample Namespace: mynamespace Labels: <none> Annotations: <none> Data ==== adminUser: ---- scott/tiger db.ini: ---- PermSize=200 DatabaseCharacterSet=AL32UTF8 schema.sql: ---- create sequence scott.s; create table scott.emp ( id number not null primary key, name char(32) ); Events: <none>
This section creates the TimesTenClassic object. See "Defining and creating the TimesTenClassic object" and "The TimesTenClassic object type" for detailed information on the TimesTenClassic object.
To run the TimesTen containers as non-root, you must add SecurityContext
as illustrated below.
Perform these steps:
Create an empty YAML file. You can choose any name, but you may want to use the same name you used for the name of the TimesTenClassic object. (In this example, sample
.) The YAML file contains the definitions for the TimesTenClassic object. See "TimesTenClassicSpecSpec" for information on the fields that you must specify in this YAML file as well as the fields that are optional.
To run the TimesTen containers as non-root, add .template.spec.securityContext
information (represented in bold, in this example).
In addition, replace the following. (The values you can replace are represented in bold.)
name
: Replace sample
with the name of your TimesTenClassic object.
storageClassName
: Replace oci
with the name of the storage class used to allocate PersistentVolumes to hold TimesTen.
storageSize
: Replace 250G
with the amount of storage that should be requested for each Pod to hold TimesTen. Note: This example assumes a production environment and uses a value of 250G
for storageSize
. For demonstration purposes, a value of 50G
is adequate. See the storageSize
and the logStorageSize
entries in the Table 11-3, "TimesTenClassicSpecSpec" for information.
image
: Replace phx.ocir.io/youraccount
/tt1814110:3
with the location of the image registry (phx.ocir.io
/
youraccount
) and the image containing TimesTen (tt1814110:3
)
imagePullSecret
: Replace sekret
with the image pull secret that Kubernetes should use to fetch the TimesTen image.
dbConfigMap
: This example uses one ConfigMap (called sample
) for the db.ini
, the adminUser
, and the schema.sql
metadata files. This ConfigMap will be included in the ProjectedVolume. This volume is mounted as /ttconfig
in the TimesTen containers. See "Using ConfigMaps and Secrets" and "Example using one ConfigMap" for information on ConfigMaps.
% vi sample.yaml apiVersion: timesten.oracle.com/v1 kind: TimesTenClassic metadata: name: sample spec: ttspec: storageClassName: oci storageSize: 250G image: phx.ocir.io/youraccount/tt1814110:3 dbConfigMap: - sample imagePullSecret: sekret template: spec: securityContext: fsGroup: 333 containers: - name: tt securityContext: runAsUser: 333 runAsGroup: 333
Use the kubectl
create
command to create the TimesTenClassic object from the contents of the YAML file (in this example, sample.yaml
). Doing so begins the process of deploying your active standby pair of TimesTen databases in the Kubernetes cluster.
% kubectl create -f sample.yaml configmap/sample created timestenclassic.timesten.oracle.com/sample created
You successfully created the TimesTenClassic object in the Kubernetes cluster. The process of deploying your TimesTen databases begins, but is not yet complete.
Use the kubectl
get
and the kubectl
describe
commands to monitor the progress of the active standby pair as it is provisioned.
Note:
For thekubectl
get
timestenclassic
and kubectl
describe
timestenclassic
commands, you can alternatively specify kubectl
get
ttc
and kubectl
describe
ttc
respectively. timestenclassic
and ttc
are synonymous when used in these commands, and return the same results. The first kubectl
get
and the first kubectl
describe
examples in this appendix use timestenclassic
. The remaining examples in this appendix use ttc
for simplicity.Use the kubectl
get
command and review the STATE
field. Observe the value is Initializing
. The active standby pair provisioning has begun, but is not yet complete.
% kubectl get timestenclassic sample NAME STATE ACTIVE AGE sample Initializing None 11s
Use the kubectl
get
command again to see if value of the STATE
field has changed. In this example, the value is Normal
, indicating the active standby pair of databases are now provisioned and the process is complete.
% kubectl get ttc sample NAME STATE ACTIVE AGE sample Normal sample-0 3m33s
Use the kubectl
describe
command again to view the active standby pair provisioning in detail. Note the Security
Context
(represented in bold) is included in the active standby pair provisioning, indicating the TimesTen containers are running as non-root.
% kubectl describe ttc sample Name: sample Namespace: mynamespace Labels: <none> Annotations: <none> API Version: timesten.oracle.com/v1 Kind: TimesTenClassic Metadata: Creation Timestamp: 2021-04-09T22:01:34Z Generation: 1 Resource Version: 148466657 Self Link: /apis/timesten.oracle.com/v1/namespaces/mynamespace/timestenclassics/sample UID: 25ff6f40-997f-11eb-86a3-06b2b9dd76bc Spec: Template: Spec: Containers: Name: tt Security Context: Run As Group: 333 Run As User: 333 Security Context: Fs Group: 333 Ttspec: Db Config Map: sample Image: phx.ocir.io/youraccount/tt1814110:3 Image Pull Policy: Always Image Pull Secret: sekret Storage Class Name: oci Storage Size: 250G Status: Classic Upgrade Status: Active Start Time: 0 Active Status: Image Update Pending: false Last Upgrade State Switch: 0 Prev Reset Upgrade State: Prev Upgrade State: Standby Start Time: 0 Standby Status: Upgrade Start Time: 0 Upgrade State: Active Pods: sample-0 High Level State: Normal Last Event: 27 Last High Level State Switch: 1618005884 Pod Status: Cache Status: Cache Agent: Not Running Cache UID Pwd Set: true N Cache Groups: 0 Db Status: Db: Loaded Db Id: 34 Db Updatable: Yes Initialized: true Last High Level State Switch: ? Pod Status: Agent: Up Last Time Reachable: 1618006024 Pod IP: 10.244.7.37 Pod Phase: Running Prev High Level State: Healthy Prev Image: Replication Status: Last Time Rep State Changed: 0 Rep Agent: Running Rep Peer P State: start Rep Scheme: Exists Rep State: ACTIVE Times Ten Status: Daemon: Up Instance: Exists Release: 18.1.4.11.0 Admin User File: true Cache User File: false Cg File: false Disable Return: false High Level State: Healthy Intended State: Active Local Commit: false Name: sample-0 Schema File: true Using Twosafe: false Cache Status: Cache Agent: Not Running Cache UID Pwd Set: true N Cache Groups: 0 Db Status: Db: Loaded Db Id: 34 Db Updatable: No Initialized: true Last High Level State Switch: ? Pod Status: Agent: Up Last Time Reachable: 1618006024 Pod IP: 10.244.14.33 Pod Phase: Running Prev High Level State: Healthy Prev Image: Replication Status: Last Time Rep State Changed: 0 Rep Agent: Running Rep Peer P State: start Rep Scheme: Exists Rep State: STANDBY Times Ten Status: Daemon: Up Instance: Exists Release: 18.1.4.11.0 Admin User File: true Cache User File: false Cg File: false Disable Return: false High Level State: Healthy Intended State: Standby Local Commit: false Name: sample-1 Schema File: true Using Twosafe: false Prev High Level State: Initializing Prev Reexamine: Prev Stop Managing: Rep Create Statement: create active standby pair "sample" on "sample-0.sample.mynamespace.svc.cluster.local", "sample" on "sample-1.sample.mynamespace.svc.cluster.local" NO RETURN store "sample" on "sample-0.sample.mynamespace.svc.cluster.local" PORT 4444 FAILTHRESHOLD 0 store "sample" on "sample-1.sample.mynamespace.svc.cluster.local" PORT 4444 FAILTHRESHOLD 0 Rep Port: 4444 Status Version: 1.0 Events: Type Reason Age From Message ---- ------ ---- ---- ------- - Create 5m34s ttclassic Service sample created - Create 5m34s ttclassic StatefulSet sample created - Create 5m34s ttclassic Secret tt25ff6f40-997f-11eb-86a3-06b2b9dd76bc created - StateChange 4m12s ttclassic Pod sample-1 Daemon Up - StateChange 4m12s ttclassic Pod sample-0 Agent Up - StateChange 4m12s ttclassic Pod sample-0 Release 18.1.4.11.0 - StateChange 4m12s ttclassic Pod sample-1 Agent Up - StateChange 4m12s ttclassic Pod sample-1 Release 18.1.4.11.0 - StateChange 4m12s ttclassic Pod sample-0 Daemon Up - StateChange 3m2s ttclassic Pod sample-0 Database Loaded - StateChange 3m2s ttclassic Pod sample-0 Database Updatable - StateChange 3m2s ttclassic Pod sample-0 CacheAgent Not Running - StateChange 3m2s ttclassic Pod sample-0 RepAgent Not Running - StateChange 3m2s ttclassic Pod sample-0 RepState IDLE - StateChange 3m2s ttclassic Pod sample-0 RepScheme None - StateChange 3m1s ttclassic Pod sample-0 RepAgent Running - StateChange 3m1s ttclassic Pod sample-0 RepScheme Exists - StateChange 3m1s ttclassic Pod sample-0 RepState ACTIVE - StateChange 2m42s ttclassic Pod sample-1 Database Loaded - StateChange 2m42s ttclassic Pod sample-1 Database Not Updatable - StateChange 2m42s ttclassic Pod sample-1 CacheAgent Not Running - StateChange 2m42s ttclassic Pod sample-1 RepAgent Not Running - StateChange 2m42s ttclassic Pod sample-1 RepScheme Exists - StateChange 2m42s ttclassic Pod sample-1 RepState IDLE - StateChange 2m31s ttclassic Pod sample-1 RepAgent Running - StateChange 2m31s ttclassic Pod sample-1 RepState STANDBY - StateChange 2m25s ttclassic TimesTenClassic was Initializing, now Normal
Your active standby pair of TimesTen databases are successfully deployed (as indicated by Normal
.) There are two TimesTen databases, configured as an active standby pair. One database is active. (In this example, sample-0
is the active database, as indicated by Rep
State
ACTIVE
). The other database is standby. (In this example, sample-1
is the standby database as indicated by Rep
State
STANDBY
). The active database can be modified and queried. Changes made on the active database are replicated to the standby database. If the active database fails, the Operator automatically promotes the standby database to be the active. The formerly active database will be repaired or replaced, and will then become the standby.
You can run the kubectl
exec
command to invoke shells in your Pods and control TimesTen, which is running in those Pods. Run the Linux id
command to verify the UID is 333
.
Establish a shell in the Pod and run the Linux id
command.
% kubectl exec -it sample-0 -c tt -- /usr/bin/bash % id uid=333(oracle) gid=333(oracle) groups=333(oracle)
Verify you can connect to the sample
database and run a simple query.
% ttisql sample Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved. Type ? or "help" for help, type "exit" to quit ttIsql. connect "DSN=sample"; Connection successful: DSN=sample;UID=oracle;DataStore=/tt/home/oracle/datastore/sample; DatabaseCharacterSet=AL32UTF8;ConnectionCharacterSet=US7ASCII;AutoCreate=0; PermSize=200;DDLReplicationLevel=3;ForceDisconnectEnabled=1; (Default setting AutoCommit=1) Command> SELECT * FROM dual; < X > 1 row found.