Installing the PEM Server on Linux¶
Prerequisites for installing the PEM server on a Linux host¶
When installing a PEM server on a RHEL, CentOS, SLES, Debian, or Ubuntu host, you must ensure the following:
When using an RPM package to install the PEM server, you must first manually install a backing database and create the database cluster. The server’s backing database must be installed via an RPM package or via BitRock. The database must be one of the following versions:
EDB Postgres Advanced Server version 9.6 or above
PostgreSQL version 9.6 or above
For detailed information about installing an Advanced Server or PostgreSQL database, please see the product documentation.
pg_hba.conffile on the backing database must be configured to use trust authentication for connections. For information about modifying the pg_hba.conf file, visit:
If you are using a PostgreSQL database, you must also install the
hstore contribmodule; for more information, visit:
If you are using a firewall, you must allow access to port
8443; use the commands:
firewall-cmd --permanent --zone=public --add-port=8443/tcp
Additional Prerequisites for RHEL, CentOS, or SLES Hosts¶
In addition to the above listed prerequisites, the following prerequisites are applicable if you are using a RHEL, CentOS, or SLES host:
Before installing the PEM server, you must install the repository configuration file (
edb.repo). The repository configuration file contains connection and authentication information for the EnterpriseDB repository. To prepare your system to perform an RPM installation, assume superuser privileges and use yum to create the repository configuration file:
yum install http://yum.enterprisedb.com/edbrepos/edb-repo-latest.noarch.rpm
After creating the repository configuration file, use your choice of editor to enable the repository entries from which you will install packages. The repository configuration file is named
edb.repo, and resides in
To enable a repository, change the value of the
1and replace the
passwordplaceholders in the baseurl specification with your user name and the repository password. Contact EnterpriseDB for repository credentials.
Enable the following repositories:
You must also install the
On a CentOS host, use the command:
yum install epel-release
On a RHEL host, use the command:
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-<x>.noarch.rpm
If you are a Red Hat Network user you must also enable the
rhel-<x>-server-optional-rpmsrepository to use EPEL packages, where x specifies the version of RHEL on the host. You can make the repository accessible by enabling the
RHEL optional subchannelfor
RHN-Classic. If you have a certificate-based subscription, please see the
Red Hat Subscription Management Guide.
You must also enable the
rhel-<x>-server-extras-rpmsrepository, where x specifies the version of the RHEL on the host.
Installing the PEM Server on a CentOS or RHEL Host¶
You can use yum to install the PEM server:
yum install edb-pem-server
When you install an RPM package that is signed by a source that is not recognized by your system, yum may ask for your permission to import the key to your local server. If prompted, and you are satisfied that the packages come from a trustworthy source, enter
y, and press
Return to continue.
During the installation, yum may encounter a dependency that it cannot resolve. If it does, it will provide a list of the required dependencies that you must manually resolve.
If you want to install PEM server on a machine that is in isolated network, you must first create PEM repository on that machine. For more information about creating PEM repository on an isolated network, see Creating a PEM repository in an Isolated Network.
Installing the PEM Server on a Debian or Ubuntu Host¶
To install PEM on a Debian or Ubuntu host, you must have credentials that allow access to the EnterpriseDB repository. To request credentials for the repository, contact EnterpriseDB .
The following steps will walk you through using the EnterpriseDB apt repository to install a Debian package. When using the commands, replace the username and password with the credentials provided by EnterpriseDB.
Go to https://apt.enterprisedb.com/ and log in as root:
sudo su -
Configure the EnterpriseDB repository:
sh -c 'echo "deb https://username:firstname.lastname@example.org $(lsb_release - cs)-edb/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/edb-$(lsb_release -cs).list'
Add support to your system for secure APT repositories:
apt-get install apt-transport-https
Add the EBD signing key:
wget -q -O -https://username:email@example.com/edb-deb.gpg.key | apt-key add –
Update the repository metadata:
Use the following command to install the Debian package for the PEM server:
apt-get install edb-pem-server
Installing PEM Server on a SLES Host¶
For detailed information about installing Advanced Server and supporting components on a SLES host, please consult the EDB Postgres Advanced Server Installation Guide,available at:
- SLES packages are available from:
Before installing PEM, you must install prerequisite packages. Invoke the following commands, replacing sp_no with the service pack that you are using (i.e. SP2 or SP3):
SUSEConnect -p sle-module-legacy/12/x86_64
SUSEConnect -p sle-sdk/12/x86_64
zypper addrepo https://download.opensuse.org/repositories/Apache:Modules/SLE_12_<sp_no>/Apache:Modules.repo
zypper addrepo http://download.opensuse.org/repositories/Cloud:/OpenStack:/Newton:/cisco-apic:/2.3.1/SLE_12_<sp_no>/ pem_opensuse_boost
zypper install edb-pem-server
Configuring the PEM Server¶
Before configuring the PEM server, ensure that the
sslutils extension is installed for your backing database.
For an Advanced Server backing database, enable the repository that corresponds to your server version, and use the command:
yum install edb-as<x>-server-sslutils
If you are using a PostgreSQL backing database, ensure you have access to the PostgreSQL community repository, and use the command:
yum install sslutils_<x> postgresql<X>-contrib
Where, x is the server version.
The PEM server installer includes a script (
configure-pem-server.sh) to help automate the configuration process for RPM installations. The script is installed in the
/usr/edb/pem/bin directory. To invoke the script, use the command:
When invoking the script, you can include command line options to specify configuration properties; the script will prompt you for values that you omit on the command line. The accepted options are:
Defines PEM Agent certificate path. The default is
CIDR formatted network address range that agents will connect to the server from, to be added to the server’s
The directory for the database server installation. For example,
The unit file name of the PEM database server. For Advanced Server, the default file name is
The host address of the PEM database server.
The port number of the PEM database server.
The service name of the pemagent; the default value is
The superuser password of the PEM database server. This value is required.
The superuser name of the PEM database server.
The installation type: Specify 1 if the configuration is for web services and backing database, 2 if you are configuring web services, or 3 if you are configuring the backing database. If you specify 3, please note that the database must reside on the local host.
If you do not provide configuration properties on the command line, you will be prompted for values by the script. When you invoke the script, choose from:
1. Web Services and Database- Select this option if the web server and database both reside on the same host as the PEM server.
2. Web Services- Select this option if the web server resides on a different host than the PEM server.
3. Database- Select this option to configure the PEM backing database for use by the PEM server. Please note that the specified database must reside on the local host.
If the web server and the backing database reside on separate hosts, configure the database server first (option 3), and then web services (option 2). The script will exit if the backing database is not configured before web services.
After selecting a configuration option, the script will proceed to prompt you for configuration properties. When the script completes, it will create the objects required by the PEM server, or perform the configuration steps required.
To view script-related help, use the command:
After configuring the PEM server, you can access the PEM web interface in your browser. Navigate to: