3.6 Adding a Managed Server

Table of Contents Previous Next


3 Installing Postgres Enterprise Manager : 3.6 Adding a Managed Server

Please note: You must ensure the pg_hba.conf file of the server that you are registering allows connections from the host of the PEM client.
To open the New Server Registration dialog, click on the Add Server button on the client toolbar, or select Add Server from the File menu.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\8a1887f0\nsrone.png
Use fields on the Properties Tab (shown in Figure 3.5) to enter the connection details for the new server.
Enter a descriptive name for the server in the Name field; the descriptive name will be displayed in the tree control.
Use the Service field to specify the name of a service configured in the pg_service.conf file.
Specify the Username that the new server will use when connecting to the database; the specified user must have membership in the pem-admin role.
Check the box next to Store password to instruct the PEM client to store the password for future connections.
Check the box next to Store on PEM Server to instruct the PEM client to store the definition of the server on the PEM server.
If the connecting role is not a member of pem_admin (they are connected using the read-only pem_user role), or the user has not logged in to the PEM server, the server definition is stored for the current user only.
Use the Colour selector to specify a background display color for the server.
Select a server group for the new server using the drop-down list box in the Group field. The new server will be displayed in the selected group in the PEM client tree control.
Use the Team field to specify a Team role name. Only PEM users who are members of this role, who created the server initially, or have superuser privileges on the PEM server will see this server when they log on to PEM. If this field is left blank, all PEM users will see the server. For more information about defining a Team role, see Section 4.2.3.
Tip: Do not click OK (yet) if you wish to register the server as a managed server. To register the server as a managed server, you must complete the PEM Agent tab, binding the server to a PEM agent.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\c5ec1c2a\SSLTab.png
Use fields on the SSL tab (shown in Figure 3.6) to specify any SSL options required.
Use the drop-down list box in the SSL field to select an SSL mode:
If applicable, use the Server Root Certificate File field to access a file browser, and specify the location of the server root certificate.
If applicable, use the Server Certificate Revocation List field to access a file browser, and specify the location of the certificate revocation list.
If applicable, use the Client Certificate File field to access a file browser, and specify the location of the client certificate.
If applicable, use the Client Key File field to access a file browser, and specify the location of the client key file.
Check the box next to SSL Compression to instruct the server to compress the SSL data stream.

C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\44ef9f2d\SSHTunnel.png
Use the fields on the SSH Tunnel tab (shown in Figure 3.7) to implement SSH tunneling to the new server; check the box next to Use SSH tunneling to enable the fields:
Check the box next to Use SSH tunneling to instruct PEM to use SSH tunneling to communicate with the monitored server.
Select the radio button next to Password to specify that the PEM client will provide a password for authentication by the tunnel host. This is the default.
Select the radio button next to Identity file to specify that the PEM client will provide a valid private key file when connecting.
If the tunnel host is expecting a private key file for authentication, use the Identity file field to specify the location of the key file.
If the tunnel host is expecting a password, use the Password/Passphrase field to specify a word or phrase that will be provided to the tunnel host for authentication.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\5466ae76\Advanced.png
Use the fields on the Advanced tab (shown in Figure 3.8) to specify connection information for the new server:
Check the box next to Connect now to instruct the PEM client to negotiate a connection for the new server after you have completed the New Server Registration form and clicked OK.
Check the box next to Restore env? to instruct PEM to restore the browser environment when you reconnect to this server. If you regularly use different databases on the same server you may want to deselect this option.
If you specify a role name in the Rolename field, PEM will connect to the server using the identity specified on the Properties tab; after establishing a connection with the server, the client will assume the identity and permissions of the role specified in the Rolename field.  The role specified on the Properties tab must be a member of the role specified on the Advanced tab.
Specify an SQL restriction in the DB restriction field to limit the databases displayed in the PEM client. For example, enter: 'live_db', 'test_db' to display only live_db and test_db in the PEM browser.
Specify the name of the PostgreSQL or Advanced Server service in the Service ID field on the Advanced tab. This allows the PEM server to stop and start the service.
The Advanced Server installer uses a default service ID of ppas‑9.x, where x specifies the version number of the server. For example, the service ID of Advanced Server 9.5 is ppas-9.5
The EnterpriseDB one-click installer (for PostgreSQL) uses a default service ID of postgresql-9.x, where x specifies the version number of the server. For example, the service ID of PostgreSQL 9.5 is postgresql-9.5
If the server is a member of a Failover Manager cluster, you can use PEM to monitor the health of the cluster and to replace the master node if necessary. To enable PEM to monitor Failover Manager, use the EFM Cluster Name field to specify the cluster name. The cluster name is the prefix of the name of the Failover Manager cluster properties file. For example, if the cluster properties file is named efm.properties, the cluster name is efm.
If you are using PEM to monitor the status of a Failover Manager cluster, use the EFM Installation Path field to specify the location of the Failover Manager binary file. By default, the Failover Manager binary file is installed in /usr/efm-2.0/bin.

C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\56e5a1f6\pemagenttab.png
Use fields on the PEM Agent tab (shown in Figure 3.9) to create a binding between the new server and a PEM agent. A binding provides the link between the PEM server and the PEM agent that allows the PEM server to monitor and manage that agent. The binding also provides the connection parameters that the agent uses when connecting to the PEM server.
Check the box next to Remote monitoring ? to indicate that the PEM agent does not reside on the same host as the monitored server. When remote monitoring is enabled, agent level statistics for the monitored server will not be available for custom charts and dashboards, and the remote server will not be accessible by some PEM utilities (such as Audit Manager, Capacity Manager, Log Manager, Postgres Expert, and Tuning Wizard).
Enter the IP address that the agent should use when connecting to the Advanced Server host in the Host field. You may wish to specify a different Host address on the PEM agent tab than the address used on the Properties tab. For example, you can configure the PEM agent to connect via a Unix socket to the monitored server, while the client connects using an SSL connection to a forwarded port on an external firewall (that is not appropriate for the agent).
Enter the port number that the server is monitoring for connections in the Port field. By default, the agent will use the port defined on the Properties tab.
Use the SSL field to specify an SSL operational mode; specify require, prefer, allow, disable, verify-ca or verify-full.
Use the Database field to specify the name of the database to which the agent will initially connect.
Verify the password by re-entering it in the Confirm Password field. If you do not specify a password, you must configure the authentication for the agent manually (for example, by using a .pgpass file).
Use the Allow takeover option to specify whether or not the monitoring of the server may be taken over by another agent in a High Availability environment.
The PEM client will connect directly to the managed server, so the pg_hba.conf file must contain the appropriate entries to allow those connections. For information about modifying the pg_hba.conf file, see
When you've completed the New Server Registration dialog, click OK. The name of the new server will be included under the PEM Server Directory node in the tree control.

3 Installing Postgres Enterprise Manager : 3.6 Adding a Managed Server

Table of Contents Previous Next