Skip to content

Staging Requirements

O/S User / Privileges
  1. Delphix O/S user which is identical to the cockroach software installer O/S user. Script to create Delphix O/S user: createDelphixOSUser.sh
  2. Delphix O/S user must have read and execute privileges on:
    • CockroachDB Install Path: Location where software binaries are installed and located on the staging host.
  3. The CockroachDB installation on the staging environment must have the same version than the source environment.
  4. Empty folder on host to hold Delphix plugin [ approximate 2GB free space ]
  5. Empty folder on host to mount nfs filesystem. This is just and empty folder with no space requirements and act as base folder for nfs mounts.
  6. Please ensure any login banners similar to the one in the image below must be disabled on the staging host. Screenshot
  7. To accomplish necessary tasks on the Cockroach staging hosts, the Delphix OS user account requires privilege elevation specifications. Here is an example specification for the sudo privileges for mount, umount, link/unlink and start/stop cockroach services on the staging host. Using the visudo to edit the sudoers configuration file. 
    Defaults:delphix !requiretty
delphix ALL=NOPASSWD:/bin/mount,/bin/umount,/bin/ln -s *dlpx*.service, /bin/unlink *dlpx*.service, /bin/systemctl daemon-reload, /bin/systemctl *st* *dlpx*.service

  8. To secure your CockroachDB staging cluster’s inter-node and client-node communication, please ensure the certificate directory must contain valid certificates containing the IP address and hostname for the Cockroach DB staging server. Use below command to list certificates and keys: 

    cockroach cert list --certs-dir=[path-to-certs-directory]
    For example: Delphix expects a valid hostname or IP address associated with Certificate File (node.crt) 
    $ cockroach cert list --certs-dir=[path-to-certs-directory]
Certificate directory: /home/cockroach/certs
  Usage  | Certificate File |    Key File     |  Expires   |                             Notes                              | Error
---------+------------------+-----------------+------------+----------------------------------------------------------------+--------
  CA     | ca.crt           |                 | 2032/03/29 | num certs: 1                                                   |
  Node   | node.crt         | node.key        | 2027/03/26 | addresses:crdb-node.example.com,10.1.1.1                       |
  Client | client.root.crt  | client.root.key | 2027/03/26 | user: root                                                     |
(3 rows)

    To create these certificates and keys, use the cockroach cert commands with the appropriate subcommands and flags.

Note: --certs-dir - It’s the valid path to the CockroachDB cluster’s certificate and keys needed by cockroach commands.