Skip to main content
Before you can use the IBM i MCP Server, you must install and configure Mapepire on your IBM i system. Mapepire is the database connectivity layer that enables MCP tools and AI agents to communicate with Db2 for i.
Mapepire is Required: The IBM i MCP Server cannot function without Mapepire. Install and configure Mapepire first before proceeding with server setup.
Prerequisites: You need SSH access to your IBM i system and appropriate administrative privileges to install software and configure network services.

What is Mapepire?

Mapepire is a modern, high-performance database server for IBM i that provides SQL query execution capabilities over WebSocket connections. It acts as a gateway between modern application architectures (like MCP servers, AI agents, and REST APIs) and IBM i’s Db2 for i database. Key Features:
  • Modern database server for IBM i
  • SQL query execution over WebSocket connections
  • Secure, encrypted connections to Db2 for i
  • Optimized for AI agent workloads
  • Supports modern authentication methods
  • Low-latency responses for interactive applications

Why Mapepire Enables AI and MCP Workloads

Traditional IBM i database access methods (ODBC, JDBC) don’t align well with modern AI and MCP architectures that require:
  • Fast, lightweight connections: AI agents make frequent, short-lived database queries
  • WebSocket support: Enables real-time, bidirectional communication for streaming results
  • Modern JSON-based protocols: Simplifies integration with TypeScript/JavaScript ecosystems
  • Low-latency responses: Essential for interactive AI conversations and tool executions
Mapepire bridges this gap by providing a modern, WebSocket-based SQL query interface that’s optimized for the request/response patterns of AI agents and MCP tools.

Installation Methods

The easiest way to install Mapepire is using the RPM package manager:
If you need help getting started with RPMs on IBM i, see the IBM i Open Source RPM Guide.
Full Documentation: For comprehensive setup and configuration instructions, see the Mapepire System Administrator Guide.

Option 2: Manual Installation

If RPM installation isn’t available, you can install manually:
  1. Create download directory:
  2. Download the distribution:
  3. Extract and set permissions:

Starting Mapepire

If you installed via RPM, use Service Commander for easy management:

Manual Startup

For RPM installation:
For manual installation:
For manual installation with Service Commander:

Configuration

Port Configuration

Mapepire uses port 8076 by default. This is the standard port and changing it is not recommended.
Important: You’ll need port 8076 when configuring the DB2i_PORT variable in your .env file. Ensure your IBM i firewall allows inbound connections on this port.
If you need to change the port:

TLS/SSL Configuration

Mapepire supports several TLS certificate options: If you have Let’s Encrypt certificates (e.g., from CertBot), Mapepire will automatically use them:

Option 2: Custom Certificate

Create a custom certificate store with these specifications:
SettingValue
File location/QOpenSys/etc/mapepire/cert/server.jks
FormatJKS
Store passwordmapepire
Key passwordmapepire
Certificate aliasmapepire
Example using DCM Tools:

Option 3: Self-Signed Certificate

If no certificate is configured, Mapepire will automatically generate a self-signed certificate. This is suitable for development but not recommended for production.

Security Configuration

Exit Points

Mapepire uses the same exit points as standard JDBC applications. For more information, see the IBM Support page on JDBC exit points.
Due to Mapepire’s architecture, all client connections appear to come from 127.0.0.1. IP-based exit point rules will need to inspect the CLIENT_WRKSTNNAME client special register to get the actual client IP address.

Connection Rules

Configure user and IP-based access restrictions in:
Rule format:
  • allow <username>@<ip-address>
  • deny <username>@<ip-address>
  • Use * as wildcard
  • Last matching rule takes precedence
  • Comments start with #
Example - Disable Q user profiles:*
Example - Restrict to specific users and IP range:

Testing the Installation

Verify Mapepire is Running

  1. Check the process:
  2. Test connectivity:
  3. Test with Service Commander:

Configure IBM i MCP Server

Once Mapepire is running, configure your IBM i MCP Server .env file:
Set DB2i_IGNORE_UNAUTHORIZED=true if using self-signed certificates. For production with proper certificates, set this to false.

Troubleshooting

Common Issues

Port already in use:
Permission denied:
Certificate issues:

Log Files

Check Mapepire logs for detailed error information:

Next Steps

After setting up Mapepire:
  1. Configure your IBM i MCP Server
  2. Test the connection
  3. Set up SQL tools
  4. Build your first agent

Additional Resources