Configuring connectivity for high availability clusters

Set up the idsd daemon on an HCL Informix® server to enable starting a server in a high-availability cluster or adding a shared disk secondary (SDS) server.

Prerequisite: You need root privileges on the Informix server for this procedure.

To use the HCL OpenAdmin Tool (OAT) for Informix for remote administration tasks including starting a server in a high-availability cluster, or adding a secondary server, install and configure the following daemons on the Informix server:

  • An Internet service daemon such as the xinetd or inetd internet daemons for UNIX and Linux.
  • idsd, a daemon process that allows OAT to start a remote Informix server. The daemon resides on the same host as the Informix server, and must be located in a directory accessible to user informix. The idsd daemon is invoked through the xinetd or inetd daemons.
Important: You cannot use the remote administration features on Windows or MAC OS.

To configure an internet daemon and the idsd daemon:

  1. Ensure that the idsd daemon is installed with Informix, in the $INFORMIXDIR/bin directory. Ensure that the owner and group are informix, and that the permissions are 0754:
    For example:
    [informix@myhost]/usr/informix/bin% ls -la idsd 
        -rwxr-xr--  1 informix informix 23717 Oct 15 16:34 idsd
  2. On the server, set up encryption for the connection. For Informix 11.70, use the GSKCmd tool that is available as a part of IBM® JRE 1.6 or later. For earlier Informix versions, use the GSKCmd tool that is included in the IBM Global Security Kit (GSKit).
    1. Create a key database using the following GSKCmd command-line parameters for your platform:
      command -keydb -create -db keydb_name.kdb -pw password -type cms -stash
      For example:
      gsk8cmd -keydb -create -db mydb.kdb -pw mypassw0rd -type cms -stash
    2. Create a self-signed certificate using the following GSKCmd command-line parameters:
      command -cert -create -db keydb_name.kdb -pw password -label label_text
          -dn distinguished name 
          -size <1024 | 512 | 2048> -default_cert yes 
      Where: distinguished name is an X.500 distinguished name. The distinguished name is a quoted string with the following format: CN=common name (required), O=organization, OU=organization unit, L=location, ST=state or province, C=country.
      For example:
      gsk8cmd -cert -create -db mydb.kdb -pw mypassw0rd -label mycertificatelabel
          -dn ",O=ibm,OU=IBM HTTP Server,ST=KS,C=US" 
          -size 1024 -default_cert yes
  3. Open the xinetd or inetd configuration file for editing, and add a service entry for the idsd daemon.
    Important: If the GSKIT_VERSION configuration parameter is set to a nondefault version of IBM Global Security Kit, add the -g NUMBER server program argument to the xinetd or inetd service entry to specify the IBM Global Security Kit version.
    • For the xinetd server daemon: /etc/xinetd.conf.
      service idsd
                   disable = no
                   socket_type = stream 
                   protocol = tcp
                   user = root
                   wait = no 	    
                   server = /usr/informix/bin/idsd
                   server_args = -l /usr/informix/idsd.log 
                       -k /usr/informix/idsd -n idsd_label
    • For the inetd server daemon on UNIX: /etc/inetd.conf:
      idsd stream tcp nowait root /usr/informix/bin/idsd idsd 
          -l /usr/informix/idsd.log -k /usr/informix/idsd -n idsd_label
  4. Open the file /etc/services for editing and add a service named idsd. For example:
    idsd 10000/tcp
    In this example, port number 10000 is used, but you can use any other port greater than 1024 that is not already in use. However, the name must be idsd, and the protocol must be tcp.
  5. Restart the xinetd or inetd service daemons. In most implementations, you can restart by sending the SIGHUP signal to the running inetd or xinetd process. However, on some Linux platforms, you can run the following command as root:
    service xinetd restart

Copyright© 2018 HCL Technologies Limited