Knowledge Base Academy Community My Tickets
Fabric 7.0
Fabric 7.0

Setup for PGSQL 13.3

When using TDM, you need to have a PostgreSQL database; this document describes how to install it.

TDM 7.xx is certified to be used with PGSQL 9.6 & 13.

  • You can provide access to a PostgreSQL database if you have one. If you do not, one is provided with the TDM application.
  • TDM requires login details with full create, delete and update privileges.
  • It is also possibile to install a PostgreSQL database from the K2View predefined tarball file.
  • The tarball provided by K2view is PGSQL 13.3 with the TLS mode enabled.
  • The login details (user and password) are postgres, port is the default port (5432).

Important file locations are:

  • Certification files: /opt/apps/pgsql/bin/.crt
  • Configuration files: /opt/apps/pgsql/data

Hardware and OS Requirements

  • RedHat/CentOs 7 and up, AWS Linux 2
  • 2 vCPU
  • 8G RAM
  • 100G free disk space, ensure it is assigned to /opt/apps/pgsql

Preliminary Steps

Add the following users:

mkdir -p /opt/apps
chmod 755 /opt/apps
useradd -m -d /opt/apps/pgsql pgsql

#### add the following packges for RHEL/CentOs 8
dnf install -y compat-openssl10 readline* glibc-locale-source glibc-langpack-en
ln -s /usr/lib64/libreadline.so /usr/lib64/libreadline.so.6

Setup

  • Connect as the pgsql user on the server console

  • Download or copy the tarball file from this link: pg13.3_tls_enabled.tar.gz.

  • Download the cert file from this link: pg13.3_tls_cert.zip

  • Copy the files to the Fabric instance that runs TDM, and place them here: $K2_HOME/.pg_cert/ (you will need to create this directory)

  • Untar the pg13.3_tls_enabled.tar.gz as follows: 

  tar -zxvf pg13.3_tls_enabled.tar.gz && bash -l
  • Start the pgsql using the following commands: 
  cd bin/
  ./pg_ctl -D /opt/apps/pgsql/data -l logfile start
  • You can stop the pgsql using the following commands:
  ./bin/pg_ctl -D /opt/apps/pgsql/data -l logfile stop

How to Connect From pgAdmin 4 in TLS Mode

Connect via a pgadmin and set this up as shown in the below example:

Check that the Connection is Secure

  • From the server side, run the following command from the console:
echo "SELECT datname,usename, ssl, client_addr FROM pg_stat_ssl JOIN pg_stat_activity ON pg_stat_ssl.pid = pg_stat_activity.pid;" | psql
  • The output should look like the following:
datname  | usename  | ssl |  client_addr
----------+----------+-----+---------------
 postgres | postgres | t   | 10.212.134.59
 postgres | postgres | t   | 10.212.134.59
 postgres | postgres | t   | 10.212.134.59
 postgres | postgres | t   | 10.212.134.59
 pgsql    | pgsql    | f   |
(5 rows)
  • As a pgadmin, run the following script:
  SELECT datname,usename, ssl, client_addr
  FROM pg_stat_ssl
  JOIN pg_stat_activity
  ON pg_stat_ssl.pid = pg_stat_activity.pid;

Fabric Implementation Guidelines

Edit the TDM Interface

  • Set the Custom Connection String setting to true and add &ssl=true to the connection string.

    Example:

    Verify that the TDM interface is defined using the Generic DB format (Database Type is genericdb).

  • Redeploy the project to Fabric.

Edit the Environments

  • Open and edit all Environments: check the Custom Connection String checkbox of the TDM interface and add &ssl=true to the TDM’s connection string.
  • Redeploy the Environments to Fabric.

Setup for PGSQL 13.3

When using TDM, you need to have a PostgreSQL database; this document describes how to install it.

TDM 7.xx is certified to be used with PGSQL 9.6 & 13.

  • You can provide access to a PostgreSQL database if you have one. If you do not, one is provided with the TDM application.
  • TDM requires login details with full create, delete and update privileges.
  • It is also possibile to install a PostgreSQL database from the K2View predefined tarball file.
  • The tarball provided by K2view is PGSQL 13.3 with the TLS mode enabled.
  • The login details (user and password) are postgres, port is the default port (5432).

Important file locations are:

  • Certification files: /opt/apps/pgsql/bin/.crt
  • Configuration files: /opt/apps/pgsql/data

Hardware and OS Requirements

  • RedHat/CentOs 7 and up, AWS Linux 2
  • 2 vCPU
  • 8G RAM
  • 100G free disk space, ensure it is assigned to /opt/apps/pgsql

Preliminary Steps

Add the following users:

mkdir -p /opt/apps
chmod 755 /opt/apps
useradd -m -d /opt/apps/pgsql pgsql

#### add the following packges for RHEL/CentOs 8
dnf install -y compat-openssl10 readline* glibc-locale-source glibc-langpack-en
ln -s /usr/lib64/libreadline.so /usr/lib64/libreadline.so.6

Setup

  • Connect as the pgsql user on the server console

  • Download or copy the tarball file from this link: pg13.3_tls_enabled.tar.gz.

  • Download the cert file from this link: pg13.3_tls_cert.zip

  • Copy the files to the Fabric instance that runs TDM, and place them here: $K2_HOME/.pg_cert/ (you will need to create this directory)

  • Untar the pg13.3_tls_enabled.tar.gz as follows: 

  tar -zxvf pg13.3_tls_enabled.tar.gz && bash -l
  • Start the pgsql using the following commands: 
  cd bin/
  ./pg_ctl -D /opt/apps/pgsql/data -l logfile start
  • You can stop the pgsql using the following commands:
  ./bin/pg_ctl -D /opt/apps/pgsql/data -l logfile stop

How to Connect From pgAdmin 4 in TLS Mode

Connect via a pgadmin and set this up as shown in the below example:

Check that the Connection is Secure

  • From the server side, run the following command from the console:
echo "SELECT datname,usename, ssl, client_addr FROM pg_stat_ssl JOIN pg_stat_activity ON pg_stat_ssl.pid = pg_stat_activity.pid;" | psql
  • The output should look like the following:
datname  | usename  | ssl |  client_addr
----------+----------+-----+---------------
 postgres | postgres | t   | 10.212.134.59
 postgres | postgres | t   | 10.212.134.59
 postgres | postgres | t   | 10.212.134.59
 postgres | postgres | t   | 10.212.134.59
 pgsql    | pgsql    | f   |
(5 rows)
  • As a pgadmin, run the following script:
  SELECT datname,usename, ssl, client_addr
  FROM pg_stat_ssl
  JOIN pg_stat_activity
  ON pg_stat_ssl.pid = pg_stat_activity.pid;

Fabric Implementation Guidelines

Edit the TDM Interface

  • Set the Custom Connection String setting to true and add &ssl=true to the connection string.

    Example:

    Verify that the TDM interface is defined using the Generic DB format (Database Type is genericdb).

  • Redeploy the project to Fabric.

Edit the Environments

  • Open and edit all Environments: check the Custom Connection String checkbox of the TDM interface and add &ssl=true to the TDM’s connection string.
  • Redeploy the Environments to Fabric.

© Copyright 2024 K2VIEW