Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
tutorial:adm:server_preparation_tmp [2020/07/24 08:05]
fiserp [Instalation and software configuration] 		tutorial:adm:server_preparation_tmp [2020/07/24 08:41]
fiserp [Java - CentOS8]
Line 46: Line 46:
  
 ===== PostgreSQL  ===== ===== PostgreSQL  =====
-<note tip>If you are install CzechIdM on Sql server, please follow [[tutorial:adm:mssql_database_support|this tutorial]].</note> +<note tip>If you are installing CzechIdM on Microsoft SQL Server, please follow [[tutorial:adm:mssql_database_support|this tutorial]].</note> 
-CentOS8 default repository version of PostgreSQL is 10 but IdM not support that version. In our tutorial, we will install newer version 12. Moreover, we install database data into /data not /var/lib which is the default option.+We install PostgreSQL 12 database binaries and change database data directory from ''/var/lib'' to ''/data''.
 ==== Database server installation - CentOS8 ==== ==== Database server installation - CentOS8 ====
   * Software installation on CentOS8(versions can vary):   * Software installation on CentOS8(versions can vary):
Line 53: Line 53:
 <code bash> <code bash>
 # enable module postgres 12 # enable module postgres 12
-yum module enable postgresql:12 +dnf module enable postgresql:12 
-yum install -y postgresql-server postgresql-contrib postgresql-libs+dnf -y install postgresql-server postgresql-contrib postgresql-libs
 </code> </code>
  
-  * create new system directory:+  * create new directory for database data:
  
 <code bash> <code bash>
-mkdir -p /data/pgsql/12/data/ 
 mkdir -p /data/pgsql/12/data/ mkdir -p /data/pgsql/12/data/
 chown -R postgres:postgres /data/pgsql/ chown -R postgres:postgres /data/pgsql/
Line 66: Line 65:
 </code> </code>
  
-  * Copy of the configuration file for systemd, in which we will make change of directory for data:+  * Copy the PostgreSQL'systemd unit to the /etc:
  
 <code bash> <code bash>
Line 78: Line 77:
 </code> </code>
  
-  * In the file ''~postgres/.bash_profile'' change the variable PGDATA value to:+  * In the file ''/var/lib/pgsql/.bash_profile'' (bash profile for postgres user) change the variable PGDATA to:
  
 <code> <code>
Line 95: Line 94:
  
 <code bash> <code bash>
-/usr/bin/postgresql-setup --initdb --unit postgresql+postgresql-setup --initdb --unit postgresql
 </code> </code>
  
Line 143: Line 142:
  
  
-==== DB server configuration ====+==== Database server configuration and sizing ====
  
-First of all, enable the password authentication.+  * Enable the password authentication.
  
 In the file ''/data/pgsql/12/data/pg_hba.conf'' find lines: In the file ''/data/pgsql/12/data/pg_hba.conf'' find lines:
Line 152: Line 151:
 host    all             all             ::1/128                 ident host    all             all             ::1/128                 ident
 </code> </code>
- +and change the value at the end of each line to ''md5'' like this:
-and change the value at the end of each line into md5 like this:+
 <code> <code>
 host    all             all             127.0.0.1/32            md5 host    all             all             127.0.0.1/32            md5
Line 159: Line 157:
 </code> </code>
  
-Now we can do DB sizing. We presume the system has 3GB dedicated for the db. We can also log the queries logging (those over 200ms). **For particular sizing, use a [[https://pgtune.leopard.in.ua/#/|calculator]]**. +  * Adjust DB instance sizing. 
-In a file ''/data/pgsql/12/data/postgresql.conf'' edit (add those if not exist) lines:+    * In following snippet, we presume the system has 3GB of memory dedicated for the database and about 100 db connections. **For your deployment, adjust the sizing accordingly. Use a [[https://pgtune.leopard.in.ua/#/|calculator]] if in doubt**
 +    * We also log queries running longer than 200ms
 +In a file ''/data/pgsql/12/data/postgresql.conf'' change (or add) following lines: 
 <code> <code>
-max_connections = 100 (change requires restart)+This is an EXAMPLE. Use the calculator to adjust for your deployment!
  
-shared_buffers = 768MB # min 128kB+# DB Version: 12 
 +# OS Type: linux 
 +# DB Type: web 
 +# Total Memory (RAM): 3 GB 
 +# Connections num: 100 
 +# Data Storage: ssd 
 +max_connections = 100 
 +shared_buffers = 768MB
 effective_cache_size = 2304MB effective_cache_size = 2304MB
-work_mem = 7864kB 
 maintenance_work_mem = 192MB maintenance_work_mem = 192MB
- 
-min_wal_size = 1GB 
-max_wal_size = 2GB 
 checkpoint_completion_target = 0.7 checkpoint_completion_target = 0.7
 wal_buffers = 16MB wal_buffers = 16MB
- 
 default_statistics_target = 100 default_statistics_target = 100
 +random_page_cost = 1.1
 +effective_io_concurrency = 200
 +work_mem = 3932kB
 +min_wal_size = 1GB
 +max_wal_size = 4GB
  
 log_min_duration_statement = 200 log_min_duration_statement = 200
 </code> </code>
  
-Restart DB: ''systemctl restart  postgresql.service''+  * Restart the database
  
-<note>If you install the database to a different server than the CzechIdM application itself (Tomcat etc.), don't forget to configure PostgreSQL to allow remote SSL connection from that server.</note>+<code> 
 +systemctl restart  postgresql.service 
 +</code> 
 + 
 +<note>If you install the database to a different server than the CzechIdM application itself, don't forget to configure PostgreSQL with SSL certificates and to enforce remote SSL connections.</note>
  
 ===== Java - CentOS8 ===== ===== Java - CentOS8 =====
  
-Java must be installed before Tomcat startIt is recommended to use OpenJDK (at least 1.11from standard OS repository.+Tomcat application server needs Java installed. We recommend to use OpenJDK 11 from standard OS repository. (OpenJDK 1.8 is also supported, check [[devel:documentation:compatibility|compatibility page]]).
  
 Installation: Installation:
-<code bash+<code> 
-yum install -y java-11-openjdk-headless java-11-openjdk-devel+dnf install -y java-11-openjdk-headless java-11-openjdk-devel
 </code> </code>