Configuring the PEM server on Linux v9

The PEM server package includes a script (configure-pem-server.sh) to help automate the configuration process for Linux platform installations. The script is installed in the /usr/edb/pem/bin directory. To invoke the script, use the command:

/usr/edb/pem/bin/configure-pem-server.sh
Note

If you're using the SSL certificates, then make sure that all the SSL certificates are in the data directory in the backend database server. If the certificates aren't in the data directory, then the PEM server's configure script might fail because it looks into the data directory while configuring the PEM server.

When invoking the script, you can include command line options to specify configuration properties. The script prompts you for values that you omit on the command line. The accepted options are:

OptionDescription
-acp or --pemagent-certificate-pathDefines PEM agent certificate path. The default is /root/.pem.
-ci or --cidr-addressCIDR-formatted network address range that agents connect to the server from, to be added to the server's pg_hba.conf file, for example, 192.168.1.0/24. The default is 0.0.0.0/0.
-dbi or --db-install-pathThe directory for the database server installation, for example, /usr/edb/as12 for EDB Postgres Advanced Server or /usr/pgsql-12 for PostgreSQL.
-ds or --db-unitfileThe unit file name of the PEM database server. For EDB Postgres Advanced Server, the default file name is edb-as-12. For PostgreSQL, it's postgresql-12.
-ho or --hostThe host address of the PEM database server.
-p or --portThe port number of the PEM database server.
-ps or --pemagent-servicenameThe service name of the pemagent. The default value is pemagent.
-sp or --superpasswordThe superuser password of the PEM database server. This value is required.
-su or --superuserThe superuser name of the PEM database server.
-au or --use-agent-userThe option to provide the PEM agent user name.
-t or --typeThe installation type: Specify 1 if the configuration is for web services and backend database, 2 if you're configuring web services, or 3 if you're configuring the backend database. If you specify 3, the database must reside on the local host.
-un or --uninstall-pem-serverThe option to uninstall the PEM server.
-nhc or --no-hba-changeThe option to skip the changes done to pg_hba.conf and pg_config files.
-uac or --use-agent-sslcertThe option to reuse the existing agent SSL certificate while configuring the PEM server.
-uak or --use-agent-sslkeyThe option to reuse the existing agent SSL key while configuring the PEM server.
-h or --helpThe option to list all the available options while configuring the PEM server.

If you don't provide configuration properties on the command line, the script prompts you for values. When you invoke the script, choose from:

  1. Web Services and Database Select this option if the web server and database both reside on the same host as the PEM server.

  2. Web Services Select this option if the web server resides on a different host from the PEM server.

  3. Database Select this option to configure the PEM backend database for use by the PEM server. The specified database must reside on the local host.

Note

If the web server and the backend database (PEM server) reside on separate hosts, configure the database server first (option 3) and then web services (option 2). The script proceeds only if the backend database is configured before web services.

After selecting a configuration option, the script prompts you for configuration properties. When the script completes, it creates the objects required by the PEM server or performs the configuration steps required. To view help for the script, use the command:

/usr/edb/pem/bin/configure-pem-server.sh -help

After configuring the PEM server, you can access the PEM web interface in your browser. Navigate to:

https://<ip_address_of_PEM_server>:8443/pem

By default, the web services listen on port 8443. To change the port, see Changing the default port.