Tuesday, October 16, 2012

Law License Enforcement options in DB2

Yesterday I received an interesting question regarding licensed features in DB2 and how the license is enforced. Someone was able to create an MQT even though the DB2 edition does not include support for it. But why? I try to explain.

The DB2 Information Center has an overview of features by edition. DB2 utilizes a license management server to control what features can be used and for reporting and auditing of compliance. The db2licm tool is the interface to the server and is used to add licenses, list features, and much more. Traditionally, DB2 had a "soft stance" on license enforcement, e.g., unlicensed features could be used without the software complaining (only the lawyers).

By customer request that eventually changed, so that compliance could be enforced on company level (and lawyers and finance could focus on keeping the books clean). From my time as DB2 developer I remember discussions on how to implement certain hard stops. In DB2 V9.5 hard enforcement of license compliance was offered for the first time AFAIK. I found these two DB2 9.5 fixpack notes on FP2 and enforcement of pureXML and storage features (which I was involved in) and FP4 changes on enforcement of WLM, CPU, and memory usage.

When installing DB2, by default enforcement is set to SOFT as it seems:
hloeser@ems:~$ db2licm -l show detail
Product name:                     "IBM Database Enterprise Developer Edition"
License type:                     "Developer"
Expiry date:                      "Permanent"
Product identifier:               "db2dede"
Version information:              "10.1"

Product name:                     "DB2 Advanced Enterprise Server Edition"
License type:                     "Developer"
Expiry date:                      "Permanent"
Product identifier:               "db2aese"
Version information:              "10.1"
Enforcement policy:               "Soft Stop"


The behavior can be changed using the "-e" (enforcement) option of db2licm:
hloeser@ems:~$ db2licm -e db2aese HARD

LIC1412W  A hard stop enforcement policy has been set. This enforcement
      policy stops unlicensed requests.

Explanation:

You issued the db2licm command with the -e parameter, to update the
enforcement policy, and specified the value HARD. (For example, db2licm
-e db2ese HARD.) The value HARD specifies that unlicensed requests will
not be allowed.

User response:

As a mechanism for you to keep track of, and differentiate, the DB2
database products and features installed on your system, it is
recommended that you register the license key for each DB2 database
product and feature.

If you want unlicensed requests to be logged but not restricted, change
the enforcement policy to SOFT. For example, db2licm -e db2ese SOFT



LIC1411I  Enforcement policy type updated successfully.


As I have AESE installed, it does not really allow me to show you an example. But you could try to compress or create an MQT on DB2 Express-C. Here is the output after switching the enforcement:
hloeser@ems:~$ db2licm -l
Product name:                     "IBM Database Enterprise Developer Edition"
License type:                     "Developer"
Expiry date:                      "Permanent"
Product identifier:               "db2dede"
Version information:              "10.1"

Product name:                     "DB2 Advanced Enterprise Server Edition"
License type:                     "Developer"
Expiry date:                      "Permanent"
Product identifier:               "db2aese"
Version information:              "10.1"
Enforcement policy:               "Hard Stop"


As mentioned, SOFT has been the traditional way and is the default in DB2. However, to be compliant and to be on the safe side for audits, switching to HARD is a good idea.

BTW: You can generate a compliance report using db2licm:
hloeser@ems:~$ db2licm -g comp.txt

LIC1440I  License compliance report generated successfully.
Anything troublesome in there...?

4 comments:

Anonymous said...

Hello Henrik,

Where are the unlicensed requests logged (in case of SOFT enforcement)?
Thanks
Andy

Henrik Loeser said...

Hello Andy,

some information is logged internally and the compliance report should show that information (db2licm -g). In addition the notification log (instancename.nfy) in your dump directory should have messages.

I would need to research if there is anything written to the db2diag.log.

Henrik

Anonymous said...

Henrik, thanks for your reply.


db2licm -g reports just one row
"DB2 Workgroup Server Edition Violation"
and I am not able to find what license rule is violated.

db2licm -l shows

Product name: "DB2 Workgroup Server Edition"
License type: "CPU Option"
Expiry date: "Permanent"
Product identifier: "db2wse"
Version information: "9.7"
Max number of Value Units: "480"
Max amount of memory (GB): "64"

I think server used for DB2 installation should meet limits of license purchased (IBM DB2 WORKGROUP SERVER EDITION PROCESSOR VALUE UNIT (PVUS) LICENSE), server has 16GB RAM and 4 CPU cores = 280 PVU

SELECT * FROM SYSIBMADM.ENV_FEATURE_INFO
shows no output

How can I find which particular license rule is violated?

Andy

Henrik Loeser said...

Are you using the sample database? There is an important note in this InfoCenter document about checking license violations:

"Note: On DB2 Workgroup Server Edition and DB2 Express® Edition, the SAMPLE database includes materialized query tables (MQT), and multidimensional cluster tables (MDC) that causes a license violation. This violation can only be removed by upgrading to DB2 Enterprise Server Edition."

Henrik

LinkWithin

Related Posts with Thumbnails