Table of Contents Previous Next


4 Managing a Monitored Server : 4.1 Manually Registering a Server

You can use the Create - Server dialog to provide registration information for a server, bind a PEM agent, and display the server in PEM client tree control. To open the Create - Server dialog, navigate through the Create option on the Object menu (or the context menu of a server group) and select Server… (see Figure 4.1).
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\8fabd9ce\Screen Shot 2018-06-13 at 12.07.46 PM.png
Please note: you must ensure the pg_hba.conf file of the Postgres server that you are registering allows connections from the host of the PEM client before attempting to connect.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\c05642ae\connect_general.png
Use the fields on the General tab (shown in Figure 4.2) to describe the general properties of the server:
Use the Name field to specify a user-friendly name for the server. The name specified will identify the server in the PEM Browser tree control.
Use the Team field to specify a Postgres role name. Only PEM users who are members of this role, who created the server initially, or have superuser privileges on the PEM server will see this server when they logon to PEM. If this field is left blank, all PEM users will see the server.
Use the Background color selector to select the color that will be displayed in the PEM tree control behind database objects that are stored on the server.
Use the Foreground color selector to select the font color of labels in the PEM tree control for objects stored on the server.
Check the box next to Connect now? to instruct PEM to attempt a server connection when you click the Save button. Leave Connect now? unchecked if you do not want the PEM client to validate the specified connection parameters until a later connection attempt.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\d05672ef\connect_connection.png
Use fields on the Connection tab (shown in Figure 4.3) to specify connection details for the server:
Specify the IP address of the server host, or the fully qualified domain name in the Host name/address field. On Unix based systems, the address field may be left blank to use the default PostgreSQL Unix Domain Socket on the local machine, or may be set to an alternate path containing a PostgreSQL socket. If you enter a path, the path must begin with a "/".
Use the Maintenance database field to specify the name of the initial database that PEM will connect to, and that will be expected to contain pgAgent schema and adminpack objects installed (both optional). On PostgreSQL 8.1 and above, the maintenance DB is normally called postgres; on earlier versions template1 is often used, though it is preferrable to create a postgres database to avoid cluttering the template database.
Check the box next to Save password? to instruct PEM to store passwords in the ~/.pgpass file (on Linux) or %APPDATA%\\postgresql\\pgpass.conf (on Windows) for later reuse. For details, see the pgpass documentation. Stored passwords will be used for all libpq based tools. To remove a password, disconnect from the server, open the server's Properties dialog and uncheck the selection.
Use the Role field to specify the name of the role that is assigned the privileges that the client should use after connecting to the server. This allows you to connect as one role, and then assume the permissions of another role when the connection is established (the one you specified in this field). The connecting role must be a member of the role specified.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\d05672ce\connect_connection_ssl.png
Use the fields on the SSL tab (see Figure 4.4) to configure SSL:
Use the drop-down list box in the SSL mode field to select the type of SSL connection the server should use. For more information about using SSL encryption, see the PostgreSQL documentation at:
You can use the platform-specific File manager dialog to upload files that support SSL encryption to the server. To access the File manager, click the icon that is located to the right of each of the following fields:
Use the Client certificate field to specify the file containing the client SSL certificate. This file will replace the default ~/.postgresql/postgresql.crt file if PEM is installed in Desktop mode, and <STORAGE_DIR>/<USERNAME>/.postgresql/postgresql.crt if PEM is installed in Web mode. This parameter is ignored if an SSL connection is not made.
Use the Client certificate key field to specify the file containing the secret key used for the client certificate. This file will replace the default ~/.postgresql/postgresql.key if PEM is installed in Desktop mode, and <STORAGE_DIR>/<USERNAME>/.postgresql/postgresql.key if PEM is installed in Web mode. This parameter is ignored if an SSL connection is not made.
Use the Root certificate field to specify the file containing the SSL certificate authority. This file will replace the default ~/.postgresql/root.crt file. This parameter is ignored if an SSL connection is not made.
Use the Certificate revocation list field to specify the file containing the SSL certificate revocation list. This list will replace the default list, found in ~/.postgresql/root.crl. This parameter is ignored if an SSL connection is not made.
When SSL compression? is set to True, data sent over SSL connections will be compressed. The default value is False (compression is disabled). This parameter is ignored if an SSL connection is not made.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\53d6f645\connect_ssh_tunnel.png
Use the fields on the SSH Tunnel tab (see Figure 4.5) to configure SSH Tunneling. You can use a tunnel to connect a database server (through an intermediary proxy host) to a server that resides on a network to which the client may not be able to connect directly.
Set Use SSH tunneling to Yes to specify that PEM should use an SSH tunnel when connecting to the specified server.
Select Password to specify that PEM will use a password for authentication to the SSH host. This is the default.
Select Identity file to specify that PEM will use a private key file when connecting.
If the SSH host is expecting a private key file for authentication, use the Identity file field to specify the location of the key file.
If the SSH host is expecting a password, use the Password field to specify the password, or if an identity file is being used, the passphrase.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\51def055\connect_advanced.png
Use fields on the Advanced tab (shown in Figure 4.6) to specify details that are used to manage the server:
Use the DB restriction field to specify a SQL restriction that will be used against the pg_database table to limit the databases displayed in the tree control. For example, you might enter: 'live_db', 'test_db' to instruct the PEM browser to display only the live_db and test_db databases. Note that you can also limit the schemas shown in the database from the database properties dialog by entering a restriction against `pg_namespace.
Use the Password file field to specify the location of a password file (.pgpass). The .pgpass file allows a user to login without providing a password when they connect. For more information, see the Postgres documentation at:
Use the Service ID field to specify parameters to control the database service process. For servers that are stored in the Enterprise Manager directory, enter the service ID. On Windows machines, this is the identifier for the Windows service. On Linux machines, this is the name of the init script used to start the server in /etc/init.d. For example, the name of the Advanced Server 10 service is edb-as-10. For local servers, the setting is operating system dependent:
If the server is a member of a Failover Manager cluster, you can use PEM to monitor the health of the cluster and to replace the master node if necessary. To enable PEM to monitor Failover Manager, use the EFM cluster name field to specify the cluster name. The cluster name is the prefix of the name of the Failover Manager cluster properties file. For example, if the cluster properties file is named efm.properties, the cluster name is efm.
If you are using PEM to monitor the status of a Failover Manager cluster, use the EFM installation path field to specify the location of the Failover Manager binary file. By default, the Failover Manager binary file is installed in /usr/efm-2.x/bin, where x specifies the Failover Manager version.
C:\Users\susan\AppData\Local\Temp\vmware-susan\VMwareDnD\1c296da3\connect_pem_agent.png
Use fields on the PEM Agent tab (shown in Figure 4.7) to specify connection details for the PEM agent:
Move the Remote monitoring? slider to Yes to indicate that the PEM agent does not reside on the same host as the monitored server. When remote monitoring is enabled, agent level statistics for the monitored server will not be available for custom charts and dashboards, and the remote server will not be accessible by some PEM utilities (such as Audit Manager, Capacity Manager, Log Manager, Postgres Expert and Tuning Wizard).
Select an Enterprise Manager agent using the drop-down listbox to the right of the Bound agent label. One agent can monitor multiple Postgres servers.
Enter the IP address or socket path that the agent should use when connecting to the database server in the Host field. By default, the agent will use the host address shown on the General tab. On a Unix server, you may wish to specify a socket path, e.g. /tmp.
Enter the Port number that the agent will use when connecting to the server. By default, the agent will use the port defined on the Properties tab.
Use the drop-down listbox in the SSL field to specify an SSL operational mode; specify require, prefer, allow, disable, verify-ca or verify-full. For more information about using SSL encryption, see the PostgreSQL documentation at:
Use the Database field to specify the name of the database to which the agent will initially connect.
Specify the password that the agent should use when connecting to the server in the Password field, and verify it by typing it again in the Confirm password field. If you do not specify a password, you will need to configure the authentication for the agent manually; for example, you can use a .pgpass file.
Set the Allow takeover? slider to Yes to specify that the server may be taken over by another agent. This feature allows an agent to take responsibility for the monitoring of the database server if, for example, the server has been moved to another host as part of a high availability failover process.
To view the properties of a server, right-click on the server name in the PEM client tree control, and select the Properties… option from the context menu. To modify a server's properties, disconnect from the server before opening the Properties dialog.

4 Managing a Monitored Server : 4.1 Manually Registering a Server

Table of Contents Previous Next