Moving from an embedded RSA DB to standalone DB
We have an 7.0 installation with RSA IG&L and DB on the same server. We would like to have these separate, is there any blue print on how to do this?
I was thinking that we could reuse the server with the existing DB and then install RSA OVA on a new VMware and then pointed it to the existing DB. Is this possible when the existing DB was installed doing the old RSA installation?
- Community Thread
- Forum Thread
- Identity G&L
- Identity Governance & Lifecycle
- Installation & Upgrade
- RSA Identity
- RSA Identity G&L
- RSA Identity Governance & Lifecycle
- RSA Identity Governance and Lifecycle
- RSA IGL
I'd like to ensure I understand the scenario.
You currently have the bundled installation from an OVA, and you want to split the two. Preferably by moving the IG&L/Wildfly to a different machine and without losing data.
I don't know of any blueprints, but I would do it like this.
0. Backup the database
1. Ensure the database ports are open to the network. The OVA uses SuSEfirewall2 (SuSEfirewall2 - openSUSE Wiki ) as a wrapper for IPTables
2. Shutdown your current IG&L installation and disable the services to keep them from starting up in case the machine is restarted.
3. Deploy the OVA and follow the wizard, but use the first machines DB as the remote.
4. Copy /home/oracle/security from the old machine to the new. These are encryption keys tied to the database.
5. Log in to the UI and go to Admin > Server Nodes and make your new server the next "System Operations Node" (SON).
Edit: Added step 4, encryption keys
Thank you for taking the time for answer my question.
Our system today is RSA and DB on the same Suse server, i would like to spilt this up. So i get the RSA IG&L on a separate server.
I will try your suggestion, but in the documentation “Installation Guide 7.1.1” under “Verify Prerequisites for a Customer-Supplied Database” it says that we need to run/download this one RSA_IGL_DatabaseOnly.tar.bz2?? I cant find this anywere, so i dont know if this is nessary.
The file you are referencing is the RSA database only installer. You would use this to install an RSA database on a separate server if you do not already have a database installed. In your case, if you would like to use your existing database then you do not need to reinstall the database.
One thing I would keep in mind if you will use your existing database is the following:
- The database sizing parameters (SGA/PGA) have been setup automatically by our installer based on the assumption that the application is also running on the same server. This means you will have a lot of unused memory that the database will not use. Reference 000034569 - Oracle Database Memory Sizing for RSA Identity Governance and Lifecycle to set the correct values (reach out here if you need any help finding the right numbers ).
- After you setup your second VM, go to Admin > System > Server Nodes and make sure you set the new node as SON (and delete the old one).
- You need to make sure that the application on the database server does not get started by mistake. Otherwise you will face some strange problems as if you were running a clustered environment with a connection problem between your cluster nodes.