一、背景知识

本文将介绍使用达梦安全版的docker镜像，创建安全版本数据库后，如何延期安全版的KEY。

二、从创建容器到更新KEY

创建安全版本的docker

[root@node1 ~]# docker run -d -p 35236:5236 --restart=always --name dmsingle \
> --privileged=true -e MODE=dmsingle -e PAGE_SIZE=16 -e CASE_SENSITIVE=1 \
> -e UNICODE_FLAG=1 -e LENGTH_IN_CHAR=1 -e SYSDBA_PWD=SYSDBA001 \
> -e LD_LIBRARY_PATH=/opt/dmdbms/bin \
> -v /home/mnt/disks/dmsingle:/opt/dmdbms/data \
> dm8:dm8_20230629_rev187846_x86_rh6_64
88b2fd4f75642ebece82ef5802aba4ab0978164b3e948c765879aecde2f1bf00
[root@node1 ~]# 

启动容器

[root@node1 ~]# docker start dmsingle
dmsingle
[root@node1 ~]# 

检查数据库和KEY相关信息

拷贝安全版本的KEY到docker容器

[root@node1 ~]# docker cp /root/dm24625sec.key dmsingle:/opt/dmdbms/bin/dm.key
                                             Successfully copied 2.56kB to dmsingle:/opt/dmdbms/bin/dm.key
[root@node1 ~]# 

进行 DM 服务器的 LICENSE 校验

2024-03-30 12:23:35.607 [INFO] database P0000000051 T0000000000000000159  License will expire on 2024-06-25
2024-03-30 12:23:35.607 [INFO] database P0000000051 T0000000000000000159  License will expire on 2024-06-25
Script start.

到此，KEY从2024-4-17延期到2024-6-25，且验证成功。

二、额外测试：考虑到创建安全版本的数据库未使用dm.key，重启容器验证KEY是否生效。

重启容器

[root@node1 ~]# docker restart dmsingle
dmsingle
[root@node1 ~]# 

容器日志，关键日志报错：lic info is different between dm.key and sysinfo.

Start DmAPService...
Starting DmAPService:                                      [ OK ]
/opt/dmdbms/conf/dm.ini does not exist, use default dm.ini
Start DMSERVER success!
Dmserver is running.
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
DM Database is not OK, please wait...
 * Starting periodic command scheduler cron
   ...done.
2024-03-30 12:22:23.322 [INFO] database P0000000051 T0000000000000000051  SYSTEM IS READY.
2024-03-30 12:22:23.322 [INFO] database P0000000051 T0000000000000000051  [for dem]SYSTEM IS READY.
2024-03-30 12:22:23.322 [INFO] database P0000000051 T0000000000000000051  set g_dw_stat from UNDEFINED to NONE success, g_dw_recover_stop is 0
2024-03-30 12:22:24.321 [INFO] database P0000000051 T0000000000000000105  trx4_min_tid_collect set min_active_id_opt, min_active_id: 3673, first_tid: 3006
2024-03-30 12:23:35.607 [INFO] database P0000000051 T0000000000000000159  License will expire on 2024-06-25
2024-03-30 12:23:35.607 [INFO] database P0000000051 T0000000000000000159  License will expire on 2024-06-25
2024-03-30 12:24:09.948 [INFO] database P0000000044 T0000000000000000044  INI parameter DPC_2PC changed, the original value 1, new value 0
2024-03-30 12:24:09.955 [INFO] database P0000000044 T0000000000000000044  version info: security
2024-03-30 12:24:09.955 [INFO] database P0000000044 T0000000000000000044  os_sema2_create_low, create and inc sema success, key:233681170, sem_id:0, sem_value:1!
2024-03-30 12:24:09.960 [FATAL] database P0000000044 T0000000000000000044  lic info is different between dm.key and sysinfo.

原因分析

如果之前是非安全版的环境，当前的 dm.key 是安全版的 KEY，服务器将会从非安全版环境升级为安全版。
具体可以参考达梦ECO中文章“https://eco.dameng.com/document/dm/zh-cn/pm/start-shut-down#7.1.3%20%E6%A3%80%E6%9F%A5%20LICENSE”

解决过程

添加UPD_LIC=1前台方式数据库后，重启容器

####进入容器
[root@node1 ~]# docker exec -it  dmsingle  /bin/bash                          
###添加UPD_LIC=1前台方式数据库
root@89e71c7d22bd:/# /opt/dmdbms/bin/dmserver UPD_LIC=1  /opt/dmdbms/data/DAMENG/dm.ini
version info: security
DM Database Server 64 V8 05134284044-20230417-187846-20040 startup...
Normal of FAST
Normal of DEFAULT
Normal of RECYCLE
Normal of KEEP
Normal of ROLL
Database mode = 0, oguid = 0
License will expire on 2024-06-25
begin redo pwr log collect, last ckpt lsn: 0 ...
redo pwr log collect finished
main rfil[/opt/dmdbms/data/DAMENG/DAMENG01.log]'s grp collect 0 valid pwr record, discard 1 invalid pwr record
EP[0]'s cur_lsn[38376], file_lsn[38376]
begin redo log recover, last ckpt lsn: 0 ...
redo log recover finished
ndct db load finished
ndct second level fill fast pool finished
ndct third level fill fast pool finished
ndct second level fill fast pool finished
ndct third level fill fast pool finished
ndct fill fast pool finished
pseg_set_gtv_trxid_low next_trxid in mem:[4008]
pseg_collect_mgr_items, total collect 0 active_trxs, 0 cmt_trxs, 0 pre_cmt_trxs, 0 to_release_trxs, 0 active_pages, 0 cmt_pages, 0 pre_cmt_pages, 0 to_release_pages, 0 mgr pages, 0 mgr recs!
next_trxid in mem:[5010]
next_trxid = 6012.
pseg recv finished
nsvr_startup end.
aud sys init success.
aud rt sys init success.
systables desc init success.
ndct_db_load_info success.
nsvr_process_before_open begin.
nsvr_process_before_open success.
SYSTEM IS READY.

###摁ctrl+c，终止前台运行

^CServer is stopping...
listener closed  and all sessions disconnected
adjust undo_retention & wakeup purge thread...full check point starting...
generate force checkpoint, rlog free space[526755328], used space[10107392]
checkpoint begin, used_space[10107392], free_space[526755328]...
checkpoint end, 1604 pages flushed, used_space[745984], free_space[536116736].
full check point end.
shutdown audit subsystem...OK
shutdown schedule subsystem...OK
shutdown timer successfully.
pre-shutdown MAL subsystem...OK
shutdown worker threads subsystem...OK
shutdown logic log subsystem...OK
shutdown sequence cache subsystem...OK
wait for mtsk link worker to exit..OK
shutdown mpp session subsystem...OK
wait for rapply is all over... OK
rapply worker threads exit successfully.
pre ending task & worker threads...OK
shutdown dblink subsystem...OK
shutdown local parallel threads pool successfully.
shutdown pthd_pools...OK
shutdown session subsystem...shutdown aux session subsystem...OK
shutdown rollback segments purging subsystem...OK
shutdown transaction subsystem...OK
shutdown locking subsystem...OK
shutdown dbms_lock subsystem...OK
ending tsk and worker threads...OK
ckpt2_exec_immediately begin.
checkpoint begin, used_space[745984], free_space[536116736]...
checkpoint end, 0 pages flushed, used_space[6656], free_space[536856064].
checkpoint begin, used_space[6656], free_space[536856064]...
checkpoint end, 0 pages flushed, used_space[0], free_space[536862720].
checkpoint begin, used_space[0], free_space[536862720]...
checkpoint end, 0 pages flushed, used_space[0], free_space[536862720].
shutdown archive subsystem...OK
shutdown redo log subsystem...OK
shutdown MAL subsystem...OK
shutdown message compress subsystem successfully.
shutdown task subsystem...OK
shutdown trace subsystem...OK
shutdown svr_log subsystem...OK
shutdown plan cache subsystem...OK
shutdown database dictionary subsystem...OK
shutdown file subsystem...OK
shutdown mac cache subsystem...OK
shutdown dynamic login cache subsystem...OK
shutdown ifun/bifun/sfun/afun cache subsystem...OK
shutdown crypt subsystem...OK
shutdown pipe subsystem...OK
shutdown compress component...OK
shutdown slave redo subsystem...OK
shutdown kernel buffer subsystem...OK
shutdown SQL capture subsystem...OK
shutdown control file system...OK
shutdown dtype subsystem...OK
shutdown huge buffer and memory pools...OK
close lsnr socket
DM Database Server shutdown successfully.
root@89e71c7d22bd:/# 

重启容器

[root@node1 disks]# docker restart dmsingle
dmsingle
[root@node1 disks]# 

检查容器日志

Script start.
Start DmAPService...
Starting DmAPService:                                      [ OK ]
/opt/dmdbms/conf/dm.ini does not exist, use default dm.ini
Start DMSERVER success!
Dmserver is running.
DM Database is not OK, please wait...
DM Database is OK
 * Starting periodic command scheduler cron
   ...done.
2024-03-30 12:37:23.886 [INFO] database P0000000044 T0000000000000000044  nmac_cache_init... 
2024-03-30 12:37:23.887 [INFO] database P0000000044 T0000000000000000135  nsvr_lsnr_thread successfully created.
2024-03-30 12:37:23.887 [INFO] database P0000000044 T0000000000000000098  hpc_clear_active_trx adjust n_crash_active_trx from 0 to 0.
2024-03-30 12:37:23.887 [INFO] database P0000000044 T0000000000000000044  backup control file /opt/dmdbms/data/DAMENG/dm.ctl to file /opt/dmdbms/data/DAMENG/dm_20240330123723_887108.ctl
2024-03-30 12:37:23.888 [INFO] database P0000000044 T0000000000000000044  backup control file /opt/dmdbms/data/DAMENG/dm.ctl to file /opt/dmdbms/data/DAMENG/ctl_bak/dm_20240330123723_887878.ctl succeed
2024-03-30 12:37:23.888 [INFO] database P0000000044 T0000000000000000044  local instance name is DMSERVER, mode is NORMAL, status is OPEN.
2024-03-30 12:37:23.888 [INFO] database P0000000044 T0000000000000000044  SYSTEM IS READY.
2024-03-30 12:37:23.888 [INFO] database P0000000044 T0000000000000000044  [for dem]SYSTEM IS READY.
2024-03-30 12:37:23.888 [INFO] database P0000000044 T0000000000000000044  set g_dw_stat from UNDEFINED to NONE success, g_dw_recover_stop is 0
2024-03-30 12:37:24.887 [INFO] database P0000000044 T0000000000000000097  trx4_min_tid_collect set min_active_id_opt, min_active_id: 9025, first_tid: 9021

到此为止，在docker下运行的达梦安全版本数据库已完美更新KEY。