Configuring the PEM agent v9

You can use an RPM package to install a PEM agent. For detailed installation information, see Installating the PEM agent.

Don't configure the PEM agent responsible for sending SNMP notifications with pgBouncer. For example, if the default PEM agent installed with PEM server is used for SNMP notifications, don't configure it with pgBouncer.

Configuring a new PEM agent (installed via RPM)

After using an RPM package to install the PEM agent, you must configure it to work against a particular PEM database server. Use the following command:

$ PGSSLMODE=require PEM_SERVER_PASSWORD=pem_admin1_password /usr/edb/pem/agent/bin/pemworker --register-agent --pem-server 172.16.254.22 --pem-port 6432 --pem-user pem_admin1 --pem-agent-user pem_agent_user1 --display-name *Agent_Name*
Postgres Enterprise Manager Agent registered successfully!

In this command, the --pem-agent-user argument instructs the agent to create an SSL certificate and key pair for the pem_agent_user1 database user in the /root/.pem directory.

For example:

/root/.pem/pem_agent_user1.crt

/root/.pem/pem_agent_user1.key

The PEM agent uses the keys to connect to the PEM database server as pem_agent_user1. It also creates an agent configuration file named /usr/edb/pem/agent/etc/agent.cfg.

A line mentioning the agent-user to use appears in the agent.cfg configuration file. For example:

$ cat /usr/edb/pem/agent/etc/agent.cfg
[PEM/agent]
pem_host=172.16.254.22
pem_port=6432
agent_id=12
agent_user=pem_agent_user1
agent_ssl_key=/root/.pem/pem_agent_user1.key
agent_ssl_crt=/root/.pem/pem_agent_user1.crt
log_level=warning
log_location=/var/log/pem/worker.log
agent_log_location=/var/log/pem/agent.log
long_wait=30
short_wait=10
alert_threads=0
enable_smtp=false
enable_snmp=false
enable_webhook=false
max_webhook_retries=3
allow_server_restart=true
allow_package_management=false
allow_streaming_replication=false
max_connections=0
connect_timeout=-1
connection_lifetime=0
allow_batch_probes=false
heartbeat_connection=false

Configuring an existing PEM agent (installed via RPM)

If you're using an existing PEM agent, you can copy the SSL certificate and key files to the target machine and reuse the files. You must modify the files, adding a new parameter and replacing some parameters in the existing agent.cfg file.

Add a line to use agent_user as the agent:

agent_user=pem_agent_user1

Update the port to specify the pgBouncer port:

pem_port=6432

Update the certificate and key path locations:

agent_ssl_key=/root/.pem/pem_agent_user1.key
agent_ssl_crt=/root/.pem/pem_agent_user1.crt

As an alternative, you can run the agent self-registration script. However, that process creates a new agent id. If run the agent self-registration script, you must replace the new agent id with the existing id and disable the entry for the new agent id in the pem.agent table. For example:

pem=# UPDATE pem.agent SET active = false WHERE id = <new_agent_id>;
Output
UPDATE 1
Note

Keep a backup of the existing SSL certificate, key file, and agent configuration file.