Installing the PEM Server on Linux Platforms

Before following the detailed instructions that install the PEM server on your specific platform, you must perform the prerequisite steps detailed in Section 3.1.1.

Prerequisites for installing the PEM Server on Linux Platforms

  1. Install a backing database.

    When installing a PEM server on a Linux host, you must first install a backing database cluster which will hold the pem database. The PEM server’s backing database may be installed via package for Linux. The backing database must be one of the following versions:

    • EDB Postgres Advanced Server version 9.6 or above

    • PostgreSQL version 9.6 or above

    For detailed information about installing an Advanced Server or PostgreSQL database, please see the product documentation at the EnterpriseDB website.

  2. Configure Postgres authentication on the backing database.

    The pg_hba.conf file on the backing database can be configured to use any supported authentication methods (for example: md5, trust,…) for connections. For information about modifying the pg_hba.conf file, see the PostgreSQL core documentation.

  3. Install the hstore contrib module (PostgreSQL users only).

    • If you are using a PostgreSQL database, use the following command to install the hstore contrib module:

      yum install postgresql<x>-contrib
      

    Where, x is the server version.

  4. Ensure that the sslutils extension is installed.

    • On an Advanced Server backing database, the sslutils extension is installed by default.

    • If you are using a PostgreSQL backing database, ensure you have access to the PostgreSQL community repository, and use the command:

      yum install sslutils_<x>
      

    Where, x is the server version.

  5. Adjust your firewall restrictions.

    If you are using a firewall, you must allow access to port 8443 on the PEM backing database:

    firewall-cmd --permanent --zone=public --add-port=8443/tcp
    
    firewall-cmd --reload
    
  6. Request credentials that allow you to access the EnterpriseDB repositories:

    To install the PEM Server, you must have credentials that allow access to the EnterpriseDB repository. To request credentials for the repository, contact EnterpriseDB . When using commands in the sections that follow, replace the username and password placeholders with the credentials provided by EnterpriseDB.

Installing PEM-HTTPD

During the PEM server installation, you can specify your hosting preferences for the PEM-HTTPD server:

To install the PEM Server and PEM-HTTPD on the same host

Follow the installation steps; while running the configuration script, select the Web Services and Database option.

To install the PEM Server and PEM-HTTPD on separate hosts

Follow the installation steps on both the hosts. While running the configuration script, first configure PEM Server host by selecting the Database option on first host and then configure PEM-HTTPD host by selecting the Web Services option on the second host.

For detailed information regarding Configuration of the PEM Server, see Configuring the PEM Server on Linux Platforms.

Installing the PEM Server on a CentOS or RHEL Host

In addition to the above considerations, the following prerequisites are applicable if you are using a CentOS or RHEL 7.x or 8.x host:

  1. Install the epel-release package and prepare the host.

    1. You must install the epel-release package on the host by running one of the following commands:

      yum install epel-release
      
      yum -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
      

      Note

      You may need to enable the [extras] repository definition in the CentOS-Base.repo file (located in /etc/yum.repos.d).

      If you are a Red Hat Network user:

      • You must also enable the rhel-<x>-server-optional-rpms repository to use EPEL packages, where x specifies the version of RHEL on the host. You can make the repository accessible by enabling the RHEL optional subchannel for RHN-Classic. If you have a certificate-based subscription, then you must also enable rhel-<x>-server-eus-optional-rpms repository to use EPEL packages or please see the Red Hat Subscription Management Guide for the required repository.

      • You must also enable the rhel-<x>-server-extras-rpms repository, where x specifies the version of the RHEL on the host.

  2. Install and configure the edb.repo file.

    1. To create a repository configuration file, assume superuser privileges and invoke the following command:

      yum -y install https://yum.enterprisedb.com/edb-repo-rpms/edb-repo-latest.noarch.rpm
      

      The repository configuration file is named edb.repo. The file resides in /etc/yum.repos.d.

    2. After creating the edb.repo file, invoke the following command to replace the username and password placeholders in the baseurl specification with the name and password of a registered EnterpriseDB user:

      sed -i "s@<username>:<password>@USERNAME:PASSWORD@" /etc/yum.repos.d/edb.repo
      
  3. Install the PEM Server.

  • You can use yum to install the PEM server on CentOS or RHEL 7.x or 8.x:

    yum install edb-pem
    
  • You can use dnf to install PEM Server on CentOS or RHEL 8.x:

    dnf install edb-pem
    

When you install an RPM package that is signed by a source that is not recognized by your system, yum may ask for your permission to import the key to your local server. If prompted, and you are satisfied that the packages come from a trustworthy source, enter y, and press Return to continue.

During the installation, yum may encounter a dependency that it cannot resolve. If it does, it will provide a list of the required dependencies that you must manually resolve.

If you want to install PEM server on a machine that is in isolated network, you must first create PEM repository on that machine. For more information about creating PEM repository on an isolated network, see Creating a PEM repository in an Isolated Network.

After installing PEM Server using yum or dnf, you need to configure the PEM Server. For more detailed information see Configuring the PEM Server on Linux platforms.

Installing the PEM Server on a Debian or Ubuntu Host

The following steps will walk you through using the EnterpriseDB apt repository to install a Debian package.

Note

You can also visit https://repos.enterprisedb.com/ and select the platform and product to view the steps for installation.

  1. Log in as root on your Debian or Ubuntu host:

    sudo su -
    
  2. Configure the EnterpriseDB repository:

    sh -c 'echo "deb https://username:password@apt.enterprisedb.com $(lsb_release - cs)-edb/ $(lsb_release -cs) main" > /etc/apt/sources.list.d/edb-$(lsb_release -cs).list'
    

    Where username:password is to be replaced by the credentials provided by EnterpriseDB.

  3. Add support to your system for secure APT repositories:

    apt-get install apt-transport-https
    
  4. Add the EBD signing key:

    wget -q -O -https://username:password@apt.enterprisedb.com/edb-deb.gpg.key | apt-key add –``
    
  5. Update the repository metadata:

    apt-get update
    
  6. Use the following command to install the Debian package for the PEM server:

    apt-get install edb-pem
    

When the installation completes, you must configure the PEM Server. For detailed information see Configuring the PEM Server on Linux Platforms.

Installing the PEM Server on a SLES Host

Use the following command to add the EnterpriseDB repository configuration files to your SLES host:

zypper addrepo https://zypp.enterprisedb.com/suse/edb-sles.repo

The command creates a repository configuration file named edb.repo in the /etc/zypp/repos.d directory. Modify the repository configuration file, adding the username and password of a registered EnterpriseDB user.

Before installing PEM, you must install prerequisite packages. Invoke the following commands, replacing sp_no with the service pack that you are using (i.e. SP4):

SUSEConnect -p sle-module-legacy/12/x86_64

SUSEConnect -p sle-sdk/12/x86_64

zypper addrepo  https://download.opensuse.org/repositories/Apache:Modules/SLE_12_<sp_no>/Apache:Modules.repo

zypper addrepo http://download.opensuse.org/repositories/Cloud:/OpenStack:/Newton:/cisco-apic:/2.3.1/SLE_12_<sp_no>/ pem_opensuse_boost

Then, refresh the repository and install the PEM server:

zypper refresh

zypper install edb-pem

After installing PEM Server using zypper, you must configure the PEM Server. For detailed information see Configuring the PEM Server on Linux Platforms.