Installing the PEM server on an existing Postgres servers v9

You can use an existing Postgres server (version 11 or later) to host the PEM server and the pem database. Postgres installers and prerequisite software extensions are freely available on the EnterpriseDB website.

You can configure an existing Postgres server for a PEM server installation.

Note

These instructions are guidelines. the actual steps needed to configure your Postgres installation depend on the configuration of your Postgres server.

The following versions of Postgres are preconfigured to contain the sslutils extension and a service script. No additional preparation is required to use the following Postgres versions as a PEM backend database server:

  • PostgreSQL 11 or later (as bundled with the PEM Server installer)
  • EDB Postgres Advanced Server 11 or later

Preparing the Postgres server

Before installing the PEM server on an existing Postgres server, you must:

After preparing the server, you can use the PEM server installer to install PEM on the existing Postgres server.

Installing the sslutils extension

The Postgres server where the PEM server will reside must contain the sslutils extension. The sslutils package is freely available for download from the EDB website.

When the web page opens, select the link for the SRC- SSL Utils 1.3 package. When the download completes, extract the file, and copy it into the Postgres installation directory.

You don't need to manually add the sslutils extension when using the following Postgres installations:

  • PostgreSQL 10 or later (as distributed with the PEM server installer)
  • Advanced Server 10 or later

Build sslutils with the same compiler that you used to compile the backend Postgres installation. If you're using a backend Postgres database that was installed on a Windows platform using a PostgreSQL one-click installer (from EnterpriseDB) or an EDB Postgres Advanced Server installer, you must use Visual Studio to build sslutils.

While specific details of the installation process vary by platform and compiler, the basic steps are the same. You must:

  1. Copy the sslutils package to the Postgres installation directory.

  2. Open the command line of the appropriate compiler, and navigate to the sslutils directory.

  3. Use the following commands to build sslutils:

    SET USE_PGXS=1
    
    SET GETTEXTPATH=<path_to_gettext>
    
    SET OPENSSLPATH=<path_to_openssl>
    
    SET PGPATH=<path_to_pg_installation_dir>
    
    SET ARCH=x86
    
    REM Set ARCH x64 for 64 bit
    
    msbuild sslutils.proj /p:Configuration=Release

    Where:

    path_to_gettext specifies the location of the GETTEXT library and header files.

    path_to_openssl specifies the location of the openssl library and header files.

    path_to_pg_installation_dir specifies the location of the Postgres installation.

  4. Copy the compiled sslutils files to the appropriate directory for your installation. The sslutils directory contains the following files:

    sslutils--1.3.sql
    
    sslutils--unpackaged--1.3.sql
    
    sslutils--pemagent.sql.in
    
    sslutils.dll

    Copy the .dll libraries and .sql files into place:

    COPY sslutils*.sql* "%PGPATH%\share\extension\"
    
    COPY sslutils.dll "%PGPATH%\lib\"

Registering the service

When you install a PostgreSQL or EDB Postgres Advanced Server database using an installer from EnterpriseDB, the installer registers the service for you.

If you're using Windows to host the PEM backend database, you must register the name of the Postgres server with the Windows service manager. If you're using a Postgres server that was created using an EnterpriseDB installer, the service is registered automatically. If you are manually building the installation, you can use the register clause of the Postgres pg_ctl command to register the service:

pg_ctl register [-N <service_name>] [-U <user_name>]
 | [-P <password>] [-D <data_directory>]

Where:

  • service name specifies the name of the Postgres cluster.
  • user_name specifies the name of an operating system user with sufficient privileges to access the Postgres installation directory and start the Postgres service.
  • password specifies the operating system password associated with the user.
  • data_directory specifies the location of the Postgres data directory.

For more information about using the pg_ctl command and the available command options, see the Postgres core documentation.

Invoking the PEM server installer

After preparing the existing Postgres server, invoke the PEM server installer. Assume administrator privileges and navigate to the directory that contains the installer. Then, invoke the installer:

pem_server-7.<x>.<x>-<x>-<platform>

Where <x> is the major and minor versions of PEM, and <platform> is the platform.

Then, begin the installation:

  1. The installer displays a Welcome screen. Select Next.

  2. Review the license agreement before selecting the appropriate radio button and accepting the agreement. Select Next.

  3. Use the Installation Directory dialog box to specify the location of the PEM server and access the Advanced Options dialog box:

    • Use the Installation Directory field to open a browser dialog and select the directory to install the PEM server in.
    • If you're installing the PEM server on an existing server, select Show advanced options to include the Advanced Options dialog box in the installation process.
    • Select Next.
  4. Use the Advanced Options dialog box to specify an installation type. Select:

    • Web Services and Database if both the Postgres server and the PEM-HTTPD server will reside on the current host. This option is valid if you're using an existing Postgres server to host the PEM server or using the PEM server installer to install the Postgres server where the PEM server will reside.

      If you select Web Services and Database, the PEM server installer checks the current host for a PEM-HTTPD installation and upgrades or installs PEM-HTTPD if necessary.

    • Web Services if only the PEM-HTTPD server will reside on the current host. See Installing web services for more information about invoking this option.

    • Database if you're installing only the PEM server (and creating the pem backend database) on the current host. This option is valid if you're using an existing Postgres server to host the PEM server or using the PEM server installer to install the PostgreSQL server where PEM will reside.

    After selecting an installation option, select Next.

  5. Use the list on the Database Server Selection dialog box to select a backend database for the PEM server:

    • Select the name of a Postgres server on the current host that was installed using a Postgres one-click installer or EDB Postgres Advanced Server installer.
    • Select PostgreSQL x (Packaged) to install and use the PostgreSQL server that's packaged with the PEM server installer, where x is the version of the PostgreSQL database server.
    • Select Other Database Server to to use a Postgres database that was installed from a source other than an EnterpriseDB installer (such as from an rpm or built from source).
    Note

    The selected database server must include an installation of the sslutils contrib module and a registered service (on Windows).

    For more information, see Preparing the Postgres server.

    If you selected Web Services and Database on the Advanced Options dialog box, the installation wizard checks the current host for an existing PEM-HTTPD installation and upgrades or installs the service as needed.

    If you selected Database on the Advanced Options dialog box, the Database Server Installation Details dialog box opens.

  6. Use the fields on the Database Server Installation Details dialog box to describe the connection to the Postgres server that will host the PEM server:

    • Enter the name of a database superuser in the User field.
    • Enter the password associated with the superuser in the Password field.

    Select Next.

  7. Provide the administrator password for the PEM agent service to run under. Select Next.

  8. Use the Network Details dialog box to specify the CIDR-style network address for the PEM agents to connect to the server (the client-side address). The specified address is added to the server's pg_hba.conf file.

    You can specify more network addresses by manually adding entries to the pg_hba.conf file on the PostgreSQL server. Use the first entry as a template.

    After you add the network address, select Next.

    The PEM server installer installs a PEM agent to the host where the server resides to monitor the server and provide alert processing and garbage collection services. A certificate is also installed in the location specified in the Agent certificate path field.

  9. You can enter an alternate description or an alternate agent certificate path for the PEM agent or accept the defaults. Select Next.

  10. The wizard is now ready to install the PEM server. Select Next to continue with the installation.

    During the installation process, the installer copies files to the system and sets up the PEM server's backend database. A confirmation indicates that the pem database was created and configured.

  11. Select OK.

If you're using a PEM-HTTPD service that resides on a separate host, you must:

  • Modify the pg_hba.conf file on the Postgres server host to allow connections between the hosts.
  • Invoke the PEM server installer on the host of the PEM-HTTPD server. See Installing Web Services for more information about installing PEM-HTTPD.

Invoking the server installer from the command line

The command line options of the PEM server and PEM agent installers offer functionality in situations where a graphical installation might not work because of limited resources or system configuration. You can:

  • Include the --mode unattended option when invoking the installer to perform an installation without user input.

Not all command line options are suitable for all platforms. For a complete reference guide to the command line options, use the --help option when you invoke the installer.

Invoking the PEM server installer in unattended mode

You can perform an unattended PEM server installation by providing installation preferences on the command line when invoking the installer. The system on which you're installing the PEM server must have internet access.

You must have administrator privileges to install the PEM server. Before invoking the PEM server installer, you must install the following dependencies:

  • PostgreSQL
  • pem-httpd
  • Language Pack

You can use the PEM server installer to satisfy the dependencies of the PEM server. Navigate to the location of the installer, and use the following command to extract the dependencies:

pem-server-7.<x>.<x>-windows-x64.exe --extract-dependents C:\

In this example, the files are extracted to the C:\ directory. After extracting the files, you must install each program. Navigate to the directory that contains the files (in this example, C:\), and enter:

edb-languagepack-<version>-windows-x64.exe --mode unattended
pem-httpd-<version>-windows-x64.exe --mode unattended
postgresql-<version>-windows-x64.exe --mode unattended

Then, you can invoke the PEM server installer:

pem-server-7.<x>.<x>-windows-x64.exe --mode unattended
--existing-user <registered_edb_user> --existing-password
<edb_user_password> --pgport <port> --pguser postgres
--agent_description pem-agent --systempassword <windows_password>
--agent-crt-path C:\edb``

Where:

  • registered_edb_user specifies the name of a registered EnterpriseDB user. To register, visit the EDB website.
  • edb_user_password specifies the password associated with the EDB user account.
  • port specifies the port used by the backing PostgreSQL database. By default, the PostgreSQL database uses port 5432.
  • cidr_address_range specifies the address range to add to the pg_hba.conf file of the PEM server's backing database to allow connections from the agents for the server to monitor. You can specify a network range (for example, 192.168.2.0/24) to provide server access to agents that reside on the same network.
  • windows_password specifies the password associated with the Windows administrator's account.
Note

When invoked in unattended mode, the PostgreSQL installer creates a user named postgres with a password of postgres.