This is not an exhaustive list but some thoughts on the pros and cons of running OSS in different environments found on Power Processors.
|IBM i and AIX both baked into the OS Kernel on Power CPU
|No separate OS
||IBM has to update the kernel code to latest AIX, so you might be delayed getting the latest AIX
|OSS has been ported over by Michael Perzl, bullfreeware, and aixtoolbox
||OSS is typically developed for Linux and Intel (Little Endian) first
||OSS packages are not available to download via YUM or APT-GET
||Forks of processes are slower
|IBM I and a Separate Linux LPAR on Power CPU
||Another OS to patch and upgrade
||A purchased DB2 Connect license is required to use the PHP Extension IBM_DB2 to talk with the IBM i. Or you have to use a less feature rich ODBC connection
|OSS is typically developed for Linux and Intel (Little Endian) first
||Compiling OSS from source might have to be modified to work on little endian Power CPU
|OSS packages are available to download via YUM or APT-GET?
||Have to carve up a Separate LPAR allocations of disk, memory, cpu
||There is free versions of Linux but most enterprises will probably go for paying a license to RHEL or SUSE for support and stable releases
Here’s my quick guide on compiling IBM_DB2 PHP extension module (IBM_DB2.so) from source. The version i was working with was 1.9.9. I’m still having some troubles with this extension so i’ll update this guide when I figure out why i’m getting this runtime error with the extension:
#after loading ibm_db2.so
PHP Warning: PHP Startup: Unable to load dynamic library ‘/usr/local/phpdave7/lib/php/extensions/no-debug-non-zts-20160303/ibm_db2.so’ – rtld: 0712-001 Symbol __cxa_finalize was referenced
from module /usr/local/phpdave7/lib/php/extensions/no-debug-non-zts-20160303/ibm_db2.so(), but a runtime definition
of the symbol was not found.
phpize command prepares the build environment for a PHP extension.
configure gets the software ready to be built on your specific system. Ensures dependencies are available and what it needs to know to use them for build and install process.
For example if your compiling c you’ll need a c compiler like gcc and configure will find it amongst other things
gmake controls the generation of executables and other non-source files of a program from the program’s source files.
gmake test runs test scripts against the created executable to make sure its working properly (funcitonal tests)
gmake install will install the application. In the case of a PHP Extension it should move the extension into the PHP extension folder.
The && operator chains all the commands into one line.
phpize && ./configure –build=$CCHOST –host=$CCHOST –target=$CCHOST && gmake && gmake test && gmake install
execute phpize, if it returns zero exit status, execute ./configure, if it returns zero exit status, …
Actual Script to build the extension
Below is my guide to setup Nginx on IBM i PASE environment and have it work with PHP. Let me know if you have any problems. If you don’t already have PHP installed and compiled from source you can check my guide here: https://godzillai5.wordpress.com/2016/06/21/compiling-php7-from-source-on-ibmi-pase-aix/ .
If your looking to lock down your webserver (Apache) running on IBM i against issues found in SSL 2.0, SSL 3.0 or TLS 1.0 Here’s some things to look into:
Issues in SSL 2.0: http://tools.ietf.org/html/rfc6176
Issues in SSL 3.0 (POODLE attacks) : https://tools.ietf.org/html/rfc7568
TLS 1.0 (Cipher block chaining and Padding attacks): http://tools.ietf.org/html/rfc4346#section-1.1
- Go to your IBM Web Administration for i
- http://www.ReplaceWithIBMiDNS.com:2001/HTTPAdmin ->
- Selected Server Dropdown “ZENDSVR – APACHE”->
- “Manage” Tab, “HTTP Servers Tab”, “Server Properties” Tree open , “Security” link ->
- SSL Advanced tab
- Change “SSL version to negotiate:” from “All Versions” to “TLS Version 1.2 only” or
- Add “Ciphers available during negotiation” TLS v1.1 and TLS v1.2 remove any ciphers that are lower.
- Go to your Digital Certificate Manager (DCM)
- Select Certificate Store -> *SYSTEM
- Manage Applications – Update Application Definition
- Update Application Definition
- SSL protocols
- Change from *PGM to Define protocols supported: TLS 1.2, TLS 1.1
- Click Apply
Thanks to @jordiwes (http://www.iqwebdevelopment.ca/) for mentioning this could be done in DCM
Below is a simple example of how to create a UDF to Check if a table exists on the IBM i DB2. We then use that function to determine if we need to create a table.
Simple snippet to show how to use a Sequence object that auto increments in an SQL statement. Just realize that when used in a stored procedure you cannot drop the sequence as the database will let you know that there’s a dependency of this object within a stored proc.
CREATE SEQUENCE MYLIB.MYAUTO_INCREMENTING_SEQ
START WITH 1
INCREMENT BY 1
INSERT INTO MYLIB.MYTABLE
VALUES (NEXT VALUE FOR MYLIB.MYAUTO_INCREMENTING_SEQ,'Godzilla Ice Cream');