Powered by Algolia

    Switch of OpenIAM datasource database

    The following sections describe options to switch OpenIAM datasource database.

    Switch existing installation using another database

    Sometimes during installation customers go ahead with default DB type which is MySQL database. It's easy to install and use it right away. But going forward they might want to start using other DB type like msSQL DB, Oracle DB or PostgreSQL. You must be aware that switching of DB is not the same as migration, you will have clean installation with default passwords. All the confiuration done via OpenIAM web interface will be gone, as well as created users, roles, groups etc. Part of this activity will be vault clean up, make sure you know all password written there. Please follow provided steps to switch OpenIAM DB.

    RPM type of installation

    1. Stop OpenIAM application by running 'openiam-cli stop' command, after please make sure all processes are down.
    2. Modify datasource.properties file in /usr/local/openiam/conf/properties accordingly to new db type.
    3. Modify /usr/local/openiam/env.conf by setting new DB connection details in FLYWAY_% variables
    4. Prepare vault secrets to re-bootstrap them on next steps. You can retrieve current secrets from vault by running script utils/vault/vault.fetch.property.sh
    ./vault.fetch.property.sh vault.secret.rabbitmq.password
    ./vault.fetch.property.sh vault.secret.redis.password
    ./vault.fetch.property.sh vault.secret.elasticsearch.password
    ./vault.fetch.property.sh vault.secret.elasticsearch.username
    1. Stop vault server by running command 'pkill -9 vault'. Now we need to clean up vault database, for it stop ETCD by running 'systemctl stop etcd' and run 'rm -rf /var/lib/etcd/default.etcd/member/'. Then start etcd by running 'systemctl start etcd' and start vault by running start.sh from utils/vault.
    2. Run /usr/local/openiam/utils/vault/bootstrap.sh and re-populate new secrets for connection. Secrets for redis, rabbitmq and elasticsearch use ones you fetched on step 4.
    3. Run /usr/local/openiam/utils/flyway/init.sh to install schemas in the new database
    4. start openiam by running 'openiam-cli start' command
    5. restart httpd service by running 'systemctl restart httpd' command
    Previous
    Securing your installation
    Next
    Administration Guide