4.3. Installation in Containerized Environments #
This section provides an example of installing and setting up PPEM in containerized environments.
4.3.1. Installation Process #
To use PPEM in containerized environments:
Create a container image with the manager.
Create new DBMS container images or modify the existing ones to integrate the agent into the images, so that the DBMS can be monitored and managed by PPEM.
A service manager must be used as the default executable for the image, as the agent and the DBMS server will be simultaneously running inside the container.
Configure container networking for the agents to be reachable by the manager, and vice versa:
If containers with agent and manager services are planned to be placed in the different networks or on the different hosts, then ensure that the containers are not behind NAT and reachable via their IP addresses.
For example, with Docker, the
overlayormacvlannetwork drivers can be used.Adjust network traffic policies, if any, to allow PPEM traffic.
For more information about the PPEM networking requirements, refer to the Security section.
Get an API key for configuring agents:
Start a container with the manager service.
Copy the API key from the displayed agent installation instruction and save this key.
Create the
ppem-agent.ymlagent configuration file:Specify the parameters for connecting the agent to the containerized DBMS.
Specify the previously obtained API key and the URL for connecting the agent to the manager.
Run DBMS containers, passing the previously created agent configuration file into the containers.
4.3.2. Installation Process Example #
The example is organized as follows:
Docker Engine and Docker Compose tools are used.
The
macvlannetwork driver is used for container networking, assuming there are no traffic restrictions.The container images are based on Debian 12 images.
The container images are built using standard object names, for example,
ppemfor the repository database.PostgreSQL is used as sample containerized DBMS. The repository database for the manager runs in a separate container and uses PostgreSQL, too.
When integrating the agent into the DBMS container image, the systemd service manager is used.
The
systemdexecutable will be specified as the default one, therefore the container must be run with elevated privileges.
These instructions will help you to test the installation process and get a minimal working version of PPEM suitable for managing containerized DBMS for demonstration purposes.
Note
The instructions can be adapted to various environments. Correct the commands and object names according to your operating system and other requirements.
Perform the following steps to install PPEM:
Get the manager up and running:
Create a separate directory for the files that are required to install the manager, for example:
mkdir ppem
Create the
ppem/Dockerfilefile with the following content:FROM debian:12 RUN <<EOF set -e apt-get update apt-get -y install curl curl https://repo.postgrespro.com/ppem/ppem/keys/pgpro-repo-add.sh | bash - apt install -y ppem cat <<EOF2 >/etc/ppem-manager.yml http: server: address: "" port: 80 static_files_path: "/usr/share/ppem/web-app" security: enabled: true repo: url: postgres://ppem:ppem@db/ppem EOF2 EOF ENTRYPOINT ["/usr/sbin/ppem-manager", "-config", "/etc/ppem-manager.yml"] EXPOSE 80Create the
ppem/docker-compose.ymlfile with the following content:--- services: db: image: postgres:17 environment: POSTGRES_PASSWORD: ppem POSTGRES_USER: ppem POSTGRES_DB: ppem volumes: - db_data:/var/lib/postgresql/data manager: build: manager depends_on: - db ports: - 8080:80 volumes: db_data:Build the image and start the containers required for the manager service to operate:
docker compose up -f ppem/ -d --build
Get an API key for configuring agents:
Copy the API key from the displayed agent installation instruction and save this key.
Get containerized DBMS up and running:
Create a separate directory for the files that are required to install the DBMS, for example:
mkdir dbms
Create the
dbms/Dockerfilefile with the following content:FROM debian:12 COPY start.sh /usr/local/bin/ COPY start.service /etc/systemd/system/ # Systemd and Postgres RUN <<EOF apt-get update && \ apt-get install -y \ systemd \ postgresql \ postgresql-contrib \ sudo \ curl \ gnupg \ lsb-release apt-get clean rm -rf /var/lib/apt/lists/ find /etc/systemd/system \ /lib/systemd/system \ -path '*.wants/*' \ -not -name '*journald*' \ -not -name '*systemd-tmpfiles*' \ -not -name '*systemd-user-sessions*' \ -delete systemctl enable start.service /etc/init.d/postgresql stop rm -rf /var/lib/postgresql/15/main/* EOF # PPEM Agent RUN <<EOF set -e curl https://repo.postgrespro.com/ppem/ppem/keys/pgpro-repo-add.sh | bash - apt install -y ppem-agent systemctl enable ppem-agent EOF EXPOSE 5432 VOLUME /var/lib/postgresql/15/main VOLUME [ "/sys/fs/cgroup" ] CMD [ "/lib/systemd/systemd" ]The above
Dockerfileuses thesystemdexecutable as the default one.Create the
dbms/start.servicesystemdunit file with the following content:[Unit] Description=Systemd-oriented wrapper for database init [Service] Type=oneshot ExecStart=/bin/bash /usr/local/bin/start.sh RemainAfterExit=yes [Install] WantedBy=multi-user.target
The above unit file uses the
start.shscript to manage the DBMS.Create the
dbms/start.shscript file with the following content:#!/bin/bash set -eo pipefail PGDATA=/var/lib/postgresql/15/main init_db() { chown postgres:postgres ${PGDATA} su -l postgres -c "/usr/lib/postgresql/15/bin/initdb -A trust -D ${PGDATA}" sed -i "s/#listen_addresses = 'localhost'/listen_addresses = '*'/g" /etc/postgresql/15/main/postgresql.conf mv ${PGDATA}/pg_hba.conf /etc/postgresql/15/main/pg_hba.conf echo "host all all al md5" >> /etc/postgresql/15/main/pg_hba.conf systemctl start postgresql psql -U postgres -c "ALTER USER postgres WITH PASSWORD 'postgres';" } if [ "$(ls -1 ${PGDATA} | wc -l)" -eq 0 ]; then init_db else systemctl start postgresql fiCreate the
dbms/docker-compose.ymlfile with the following content:--- services: agent: build: agent hostname: agent privileged: true volumes: - postgres_data:/var/lib/postgresql/15/main - /sys/fs/cgroup:/sys/fs/cgroup:rw - ./ppem-agent.yml:/etc/ppem-agent.yml networks: companynetwork: volumes: postgres_data: networks: companynetwork: driver: macvlan driver_opts: parent: eth0 ipam: config: - subnet: 10.5.1.0/24 gateway: 10.5.1.1Create the
dbms/ppem-agent.ymlagent configuration file.Specify the following values in the file:
agent.manager.api_key: The previously obtained API key for connecting the agent to the manager.agent.manager.url: The URL for connecting the agent to the manager.Example:
http://ppem.example.com:8080/v1
The file must be filled in with the following content:
agent: name: agent instance: connection_defaults: host: localhost database: postgres port: 5432 user: postgres password: postgres manager: api_key:URL_for_connecting_to_managerurl:API_key_for_connecting_to_managerhttp: server: address: "" port: 8081
Build the image and start the DBMS container with the integrated agent:
docker compose up -f dbms/ -d --build
PPEM will be installed. You can update the browser page with the web application and start working.