ttInstanceCreate

The ttInstanceCreate utility creates a new TimesTen instance with the values, behaviors, and characteristics specified by you through the available options.

You can specify options in one of these ways:

On the command line.
In a file.
Interactively as the utility runs.

If you do not specify options on the command line, or if the only options used are -record and/or -verbose, ttInstanceCreate runs in an interactive mode, prompting the Instance Administrator for the information needed to set up the instance.

If you specify the -batch option on the command line, ttInstanceCreate runs in interactive mode, and attempts to answer any questions by fetching the answers from a recorded batch file, generated by a previous run that specified the -record option. If the answer to a question is not present in the batch file, the utility prompts the Instance Administrator to answer the question interactively.

If you specify other options on the command line, they are used as the source of information. The ttInstanceCreate utility does not prompt the user for unknown values.

Usage in TimesTen Scaleout and TimesTen Classic

This utility is supported in both TimesTen Classic and TimesTen Scaleout. In TimesTen Scaleout is used only to create the first management instance; to create additional instances, use ttGridAdmin instanceCreate.

Required Privilege

This utility requires the instance administrator privilege.

Syntax

ttInstanceCreate {-h | -help | -?} [-verbose]

To create an instance for TimesTen Classic, use:

ttInstanceCreate [-name name] [-location path] [-daemonport port] [-csport port] ]
 [-start] [-tnsadmin path] [-force] [-record filename] [-strict] [-verbose]
 [-serverEncryption {accepted|rejected|requested|required} -serverCipherSuites {comma-separated list}]

To create an instance with FIPS mode, specify one or both of the following options:

-ssl_fips_140

-db_fips_140

To create an instance that specifies the asymmetric cryptographic algorithm to use when generating a key pair for TLS, specify this option:

-asym_alg ECC|RSA

To create the first management instance for a grid in TimesTen Scaleout, use:

ttInstanceCreate [-name name] [-location path] [-daemonport port] [-csport port]
 [-grid] [-force] [-record filename] [-strict] [-verbose]

To create the first management instance for a grid that uses TLS in TimesTen Scaleout, use:

ttInstanceCreate [-name name] [-location path] [-daemonport port] [-csport port]
 [-grid] [-serverEncryption {accepted|rejected|requested|required}] -serverCipherSuites {suites}
 [-force] [-record filename] [-strict] [-verbose]

To create an instance whose main daemon is managed by systemd, use:

ttInstanceCreate [-name name] [-location path] [-daemonport port] [-csport port]
 [-grid] [-force] [-record filename] [-strict] [-verbose] [-systemd]

To create a client-only instance, use:

ttInstanceCreate [-name name] [-location path] [-clientonly]
 [-force] [-record filename] [-strict] [-verbose]

ttInstanceCreate [-batch [filename]]

Options

ttInstanceCreate has the options:

Option	Description
`-h` `-help` `-?`	Displays help information.
`-asym_alg ECC\|RSA`	Specifies the asymmetric cryptographic algorithm to use when generating a key pair for TLS. The valid values are `ECC` or `RSA`. The `ttCreateInstance` utility passes the `-asym_alg` option to the `ttCreateCerts` utility. See ttCreateCerts. The `-asym_alg` option is optional. If you do specify it, ensure that the algorithm you choose matches the cipher suites you choose. For example, if you specify RSA, ensure your list of cipher suites include one or more RSA-specific cipher suites. If you do not specify `-asym_alg`, TimesTen does the following: Checks to see which of the algorithms (ECC or RSA) is common to the given cipher suites, and uses that one. If both ECC and RSA are commonly used, TimesTen uses ECC. If there is no common algorithm, TimesTen generates an error.
`-name` `name`	Specifies the name of the instance to be created.
`-location` `path`	Specifies the path of the directory in which the instance is to be created. This directory must already exist. A new directory is created in the existing directory. The name of the new directory is specified in the `-name` option. This new directory is the new instance home.
`-force`	Specifies that an instance directory specified with the `-instance` option is to be overwritten if it already exists. The directory is overwritten only if: 1. The specified instance directory is empty, or 2. The specified instance directory contains a `conf/timesten.conf` file.
`-record` `filename`	Records responses to installation questions into the file specified by `filename`. The file then can be specified as the parameter to the `-batch` option.
`-batch [filename]`	Specifies the file to be used to provide input to the `ttInstanceCreate` utility. If not specified, no input file is used.
`-strict`	Ensures that the platform running the command is supported and prevents the instance creation if it is not.
`-serverEncryption {accepted\|rejected\|requested\|required}`	Determines whether encryption is accepted, rejected, requested, or required for a client/server connection. `accepted`: Enable an encrypted session if required or requested by the client; use an unencrypted session otherwise. This is the default. `rejected`: Demand an unencrypted session. (If the server does not support encryption, TimesTen behaves as if this is the setting on the server.) The connection is rejected if the client requires encryption. `requested`: Request an encrypted session if the client allows it (if the client has any setting other than rejected); use an unencrypted session otherwise. `required`: Demand an encrypted session. Reject the connection if the client rejects encryption. With a setting other than rejected, the `ttInstanceCreate` utility generates certificates for TLS if there are compatible settings for server encryption between the server and client (as long as there are also compatible settings for cipher suites). See Configuration for TLS for Client/Server in Oracle TimesTen In-Memory Database Security Guide The `-serverEncryption` and `-serverCipherSuites` values are set at the instance creation level in the `timesten.conf` file and serve as the default values for any database created on that instance. However, you can override them by setting the corresponding connection attribute in the database definition. Note: If you did not create certificates when you created the instance, you need to run the ttCreateCerts utility manually to use TLS on a particular database. . See Task 2: Set Server Configuration for TLS in TimesTen Classic in Oracle TimesTen In-Memory Database Security Guide regarding usage of the `-serverEncryption` and `-serverCipherSuites` options.
`-serverCipherSuites {suites}`	Lists the cipher suite or suites that can be used for Transport Layer Security. TimesTen 22.1 supports cipher suites that include both RSA and ECC authentication/digital signature algorithms. If you are using RSA keys, ensure to include one or more cipher suites with an RSA authentication/digital signature algorithm. Similarly, if you are using ECC keys, ensure to include one or more cipher suites with an ECDSA (Elliptic Curve Digital Signature Algorithm) authentication/digital signature algorithm. For example, if your key is ECC, then the `TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256` cipher suite is valid, but the `TLS_RSA_WITH_AES_128_CBC_SHA256` cipher suite is not valid. There is no default setting. You can specify one or more cipher suites. If you specify more than one cipher suite, ensure to separate each by a comma, and list them in order of preference. For TLS to be used, there must be at least one common cipher suite. For a list of supported cipher suites, see Transport Layer Security for TimesTen Client/Server in Oracle TimesTen In-Memory Database Security Guide.
`-ssl_fips_140`	Enables SSL (TLS) FIPS encryption for both client and server.
`-db_fips_140`	Enables FIPS symmetric encryption (TDE) for both client and server.
`-tnsadmin` `location`	For cache operations, this option configures the location to be used for the `TNS_ADMIN` setting.
`-verbose`	Displays additional information during the operation of the utility.
`-grid`	Indicates that the instance should be configured for use with TimesTen Scaleout.
`-systemd`	Specifies that the instance’s main daemon will be managed by systemd.
-`clientonly`	Specifies that the instance is client-only. Most other arguments are not supported for a client-only instance.

Use these options for full instances with client and server capabilities:

Option	Description
`-daemonport` `daemon_port`	The port number on which the TimesTen daemon process (`timestend`) for this instance listens. This port must not already be in use by any other application or instance on the system.
`-csport` `port`	The value to be used for the TimesTen client/server port number for this instance. If not specified, the default is `daemonport` `+ 1`.

Use this option for instances intended for TimesTen Classic:

Option	Description
`-start`	Specifies that the instance should be started after it is created.