Follow the instructions in your PostgreSQL Administration Guide to create your database. In addition, please note the following recommendations:
- The PostgreSQL data directory should be initialized using the initdb utility, specifying the –D <data dir> option. The initdb command must be run as the PostgreSQL Operating System User.
- The PostgreSQL instance data directory must reside on a shared file system.
- The PostgreSQL transaction log directory must reside on a shared file system.
- The PostgreSQL database name should contain alphanumeric characters only.
- After creating your database, you should disable automatic startup of the PostgreSQL database instance. Once under LifeKeeper protection, LifeKeeper will handle the start and stop of the database.
- The PostgreSQL instance must be started manually prior to hierarchy creation. It is required that the instance be started with the backend option -o “–p <port>” specified to the pg_ctl utility.
No Password Protection (Instance is not Password Protected)
- If the PostgreSQL database instance will not be password protected or will not require a password for local client connections from the PostgreSQL Database Administrator User, then an entry must exist allowing local trust connections. The following is an example of a pg_hba.conf entry to enable local client connects for the PostgreSQL Database Administrator User:
==================== . . Local all postgres trust . . ======================
Enabling Password Protected (Instance requires a Password for Connections)
- Password Protected database instances require a password entry for the PostgreSQL Database Administrator User to exist in the .pgpass credentials file on each server in the cluster where the resource will be protected. The .pgpass file must contain a valid and tested entry for each PostgreSQL Database Administrator User requiring a password.
- The .pgpass file must be located in the home directory of the PostgreSQL Operating System User. Please set the appropriate file permissions to restrict access to the file.
- The following is an example of a valid .pgpass file with the format
<hostname>:<port>:<database>:<user>:<password>
=================== *:5443:*:lifekeeper:jh43tmp2009 ====================
Note: The .pgpass file is required for the utility psql for unattended (non-terminal or scripted) connections. The .pgpass file must exist on each server where the password protected instance will be protected.
When using Transparent Data Encryption (TDE) with PowerGres Plus
With transparent data encryption, the keystore must be opened in order to access the encrypted data. Enable keystore auto-open on each server in the cluster for monitoring by quickCheck.
Post your comment on this topic.