Deploying the BRM Database Schema

6 Deploying the BRM Database Schema

Learn how to deploy a new or existing database schema in the Oracle Communications Billing and Revenue Management (BRM) cloud native environment.

Topics in this document:

Deploying BRM with a New Database Schema

To deploy BRM with a new BRM and pipeline database schema:

If you have not already done so, create a BRM database and schema users for the BRM Server and pipeline. See "Creating and Configuring Your BRM Database".
Create a new Kubernetes namespace for oc-cn-init-db-helm-chart:
```
kubectl create namespace InitDbNameSpace
```
Create an override-values.yaml file for oc-cn-init-db-helm-chart, and add keys from Table 6-1.

Note:

This documentation uses the override-values.yaml file name for ease of use, but you can name the file whatever you want.
If you want to deploy the BRM cloud native schema into a multischema database, do the following in your override-values.yaml file:
1. Set the ocbrm.db.skipPrimary key to false.
2. For each secondary schema in your system, add an ocbrm.db.multiSchemas.secondaryN block, where N is 1 for the first secondary schema, 2 for the next secondary schema, and so on.
3. In each ocbrm.db.multiSchemas.secondaryN block, set the following keys:
  
  Note:
  
  If the host, port, and service keys are not defined, the secondary schema uses the same host name, service, and port number as the primary schema.
  - deploy: Set this to true to deploy this secondary schema.
  - host: Set this to the host name of the secondary schema. This key is optional.
  - port: Set this to the port number for the secondary schema. This key is optional.
  - service: Set this to the service name for the secondary schema. This key is optional.
  - schemauser: Set this to the schema user name.
  - schemapass: Set this to the schema password.
  - schematablespace: Set this to the name of the schema tablespace, such as pin01.
  - indextablespace: Set this to the name of the index tablespace, such as pinx01.
4. Enable account migration between your schemas by setting the ocbrm.isAmt key to true.
  
  See "Understanding Account Migration" in BRM Moving Accounts Between Database Schemas for more information.
This shows example entries for a BRM database with one primary schema, two secondary schemas, and account migration enabled:
```
ocbrm:
   isAmt: true
ocbrm:
   db:
      host: hostname
      port: 12345
      service: serviceName
      schemauser: pin01
      schemapass: password
      schematablespace: pin01
      indextablespace: pinx01
      skipPrimary: false
      multiSchemas:    
         secondary1:
            deploy: true
            schemauser: pin02    
            schemapass: password    
            schematablespace: pin02   
            indextablespace: pinx02
         secondary2:  
            deploy: true  
            schemauser: pin03   
            schemapass: password   
            schematablespace: pin03
            indextablespace: pinx03
```

To commit seed data to the BRM database, modify the init-db container (configmap_create_obj_2.yaml) to add the corresponding PCM_OP_CREATE_OBJ input flist. For example:

<PCM_OP $PIN_OPNAME=$PIN_CONF_INIT_OPNAME; $PIN_OPFLAGS=0>
0 PIN_FLD_POID           POID [0] $DB_NUMBER /config/recharge_card_type 0 0
0 PIN_FLD_NAME            STR [0] "-"
0 PIN_FLD_PROGRAM_NAME    STR [0] "load_pin_recharge_card_type"
0 PIN_FLD_HOSTNAME        STR [0] "-"
0 PIN_FLD_VERSION         STR [0] "1"
0 PIN_FLD_ACCOUNT_OBJ    POID [0] 0.0.0.1 /account 1 0
</PCM_OP>

Initialize the BRM database schema by running this command from the helmcharts directory:
```
helm install InitDbReleaseName oc-cn-init-db-helm-chart --namespace InitDbNameSpace --values OverrideValuesFile
```
where:
- InitDbReleaseName is the release name for oc-cn-init-db-helm-chart and is used to track this installation instance.
- InitDbNameSpace is the namespace for oc-cn-init-db-helm-chart.
- OverrideValuesFile is the path to a YAML file that overrides the default configurations in the values.yaml file for oc-cn-init-db-helm-cart.
The init-db Helm chart creates an init-db pod and job for each schema.
After the init-db Helm chart deploys successfully, delete the Helm chart from your namespace by running this command from the helmcharts directory:
```
helm delete InitDbReleaseName -n InitDbNameSpace
```

Table 6-1 lists the keys that directly impact the BRM database schema and pipeline database schema. Add these keys to your override-values.yaml file with the same path hierarchy.

Caution:

Some keys hold sensitive data. They must be handled carefully with controlled access to the file containing its values. Encode all of these values in Base64. See "Secrets" in Kubernetes Concepts.

Table 6-1 oc-cn-init-db-helm-chart Keys

Key	Purpose
imageRepository	The registry server where you have pushed images. Typically, in the format “RepoHost:RepoPort/”. The value is added as a prefix to all image names when you install or upgrade Helm charts. This key is empty by default.
imagePullSecrets	The name of the Secret containing credentials for accessing images from your private image server. This is added to each pod to give it permission to pull the image from your private registry server. See "Creating Secrets for Docker Registry Authorization" for more information.
uniPass	Use this key to apply a uniform password to all BRM cloud native services, including: Database Schemas BRM Root Login Oracle Wallets WebLogic User To override this password for a specific service, specify a different password in the service's key. Note: Use this key for test or demonstration systems only.
db.sslMode	The type of SSL connection required for connecting to the database: TWO_WAY, ONE_WAY, or NO. The default is ONE_WAY.
ocbrm.imagePullPolicy	Specify when to pull images: IfNotPresent: Pulls an image only if one is not present locally. This is the default. Always: Always pulls an image.
ocbrm.isAmt	Specify whether account migration is enabled in your BRM multischema database: True: Account migration is enabled. False: Account migration is disabled. This is the default.
ocbrm.isIPV6Enabled	Specify whether IPV6 is enabled in your Kubernetes environment: True: IPV6 is enabled. False: IPV6 is disabled. This is the default.
ocbrm.ece_deployed	Specify whether to deploy ECE in your BRM cloud native environment: True: ECE configurations will be loaded into your environment. This is the default. False: ECE configurations will not be loaded into your environment.
ocbrm.pdc_deployed	Specify whether to deploy PDC in your BRM cloud native environment: True: PDC configurations will be loaded into your environment. False: PDC configurations will not be loaded into your environment. This is the default.
ocbrm.existing_rootkey_wallet	Specify whether you are using an existing BRM database or an existing root key wallet: True: Uses your existing BRM database or root key wallet. False: Performs a fresh database initialization. This is the default. When set to false, the init-db Helm chart runs lds-config-job to load default strings into the BRM database during deployment. Manually delete lds-config-job after BRM deploys successfully.
ocbrm.is_upgrade	Specify whether to upgrade the existing database schema: True: Upgrades your existing database schema. False: Deploys a new BRM database schema. This is the default.
ocbrm.isSSLEnabled	Specify whether SSL is enabled in the BRM database. The default is true.
ocbrm.cmSSLTermination	Specify whether to disable SSL between the CM and DM/EM. true: The CM is the SSL endpoint. Set it to true when using a custom TLS certificate for the CM. When set to true, also set the isSSLEnabled key to true. false: SSL is enabled across all components, from client to CM to DMs and EMs. This is the default.
ocbrm.customSSLWallet	Whether to use a custom TLS certificate for the CM. true: A custom TLS certificate is used for the CM. When set to true, also set the cmSSLTermination key to true and move the Oracle wallet (brm_custom_wallet) containing the custom TLS certificate to the top level of the Helm chart. false: The default TLS certificate is used for the CM. This is the default.
ocbrm.root_key_rotate	Whether to rotate the BRM root key. The default is false. For more information, see "Rotating the BRM Root Key" in BRM Cloud Native System Administrator's Guide.
ocbrm.brm_root_pass	The BRM root password. The value can be per user. You must generate a Secret. Add this key to your override-values.yaml file with the same path hierarchy.
ocbrm.rotate_brm_role_passwords	Whether to rotate the BRM role passwords. The default is false.
ocbrm.brm_role_pass.*	The initial passwords for each BRM role. The roles grant users the permission to access different BRM components, such as Customer Center or Pipeline Configuration Center (PCC). Note: You must set all of these passwords when the unipass key is not set. You set passwords for the following roles: acct_recv.0.0.0.1: Accounts receivable bc_client.0.0.0.1: Billing Care bill_inv_pymt_sub.0.0.0.1: Invoice payments billing.0.0.0.1: Billing boc_client.0.0.0.1: Business Operations Center collections.0.0.0.1: Collections crypt_utils.0.0.0.1: Encryption utilities cust_center.0.0.0.1: Customer Center cust_mgnt.0.0.0.1: Customer management invoicing.0.0.0.1: Invoicing java_client.0.0.0.1: Java clients load_utils.0.0.0.1: Load utilities payments.0.0.0.1: Payments pcc_client.0.0.0.1: PCC rerating.0.0.0.1: Rerating rsm.0.0.0.1: BRM REST Services Manager super_user.0.0.0.1: Super User ui_client.0.0.0.1: All thick clients ece.0.0.0.1: ECE Note: After you deploy or upgrade the database schema, you should rotate the role passwords regularly to improve security. To do so, see "Rotating BRM Role Passwords" in BRM Cloud Native System Administrator's Guide.
ocbrm.wallet.*	Specify the passwords for these wallets: client: The password for the client wallet. server: The password for the server wallet. root: The password for the root wallet. You must generate Secrets for these keys.
ocbrm.db.*	The details for connecting to a shared database. The keys in this section take precedence over other database connection keys. Add these keys only if your system uses a shared database: host: The host name of the machine on which the BRM database is configured. port: The port on which the BRM database is configured. service: The BRM database service name. sslMode: The type of SSL connection required for connecting to the database: TWO_WAY, ONE_WAY, or NO. The default is ONE_WAY. walletPassword: The password for accessing the database certificates from the TrustStore and KeyStore. walletType: The type of file specified as the TrustStore or KeyStore for database SSL connections: SSO or pkcs12. enable_partition: Whether partitioning is enabled in your BRM database: Yes or No. The default is Yes. storage_model: The size of the BRM database tablespaces: Test (less than 700 MB), Small (less than 1.5 GB), Medium (less than 30 GB), or Large (greater than 30 GB). schemauser: The user name for the primary BRM schema. The user name should be pre-created with all of the required grants. schemapass: The password for the database schema. schematablespace: The name of the schema tablespace. indextablespace: The name of the index tablespace. nls_lang: The language, territory, and character set. Set this to American_America.characterset, where characterset is either UTF8 or AL32UTF8. Note: You must use American_America as the language and territory, regardless of your locale. pipelineschemauser: The BRM pipeline schema user name, which should be pre-created with all of the required grants. pipelineschemapass: The BRM pipeline schema password. You must generate a Secret. Add this key to your override-values.yaml file with the same path hierarchy. pipelineschematablespace: The name of the tablespace for the BRM pipeline schema. This field is case-sensitive. pipelineindextablespace: The name of the index tablespace for the BRM pipeline schema. This field is case-sensitive. skipPrimary: Whether to skip the deployment of the primary schema: False (deploy the primary schema) or True (do not deploy the primary schema). Set skipPrimary to true only if you are adding a schema to an existing BRM multischema system. See "Adding Schemas to a Multischema System" in BRM Cloud Native System Administrator's Guide.
ocbrm.db.multiSchemas.secondaryN	The details for connecting to your secondary schemas, where N is 1 for the first secondary schema, 2 for the next secondary schema, and so on. Add this block only if your BRM database contains multiple schemas. This section will be commented out by default: multiSchemas: secondary1: deploy: true host: localhost port: 1521 service: pindb schemauser: schemapass: schematablespace: indextablespace:

Deploying BRM with an Existing Schema

To deploy BRM with an existing schema and with default Oracle images:

Copy the root-key wallet files from the $BRM_WALLET/client directory to the oc-cn-helm-chart/existing_wallet directory.
In your override-values.yaml file for oc-cn-helm-chart, set the ocbrm.existing_rootkey_wallet key to true.
Deploy oc-cn-helm-chart.

Alternatively, you could deploy BRM with an existing schema by doing this:

Create images for each BRM Server component in the installed BRM staging area (using the same staging area that initialized the database).
In your override-values.yaml file for oc-cn-helm-chart, update the keys with the existing schema credentials and also set the following keys:
- ocbrm.existing_rootkey_wallet: Set this to true.
- ocbrm.use_oracle_brm_images: Set this to false.
- ocbrm.db.queuename: Set this to match the queue name in the existing database.
- obcrm.db.roamqueuename: If you want a database queue for Roaming Pipeline, create another queue in the Oracle database by following the instructions in "Creating Additional Queues for Multischema BRM Systems" in BRM Installation Guide. Then, set the roamqueuename key to the name of the queue you created.
Deploy oc-cn-helm-chart.