Installing Pivotal Greenplum Command Center
The Pivotal Greenplum Command Center installation utility installs the Command Center files on all hosts in the Greenplum Database cluster.
The Greenplum Command Center installer installs the Command Center software on every host in the Greenplum Database cluster. You can run the installer on the master host. The list of hosts to install is retrieved from the Greenplum Database
gp_segment_configuration system table.
Before installing Greenplum Command Center, ensure following requirements are met:
- Greenplum Database must be installed and running. See the Pivotal Greenplum Command Center release notes for compatible Greenplum Database versions.
- The Greenplum Database
MASTER_DATA_DIRECTORYenvironment variable must be set.
PGPORTenvironment variable must be set to the Greenplum Database master port.
- The gpperfmon database and gpmon role must be created and the gpperfmon agents must be running. See Creating the gpperfmon Database.
- The directory where Greenplum Command Center will be installed,
/usr/local/by default, must be writable by the gpadmin user on all Greenplum Database hosts. Alternatively, you can install Command Center as root and, when done, change ownership of all files in the installation directory to the gpadmin user.
Important! If you upgraded to Pivotal Greenplum Database release 5.8 or later from an earlier Greenplum Database 5.x release, you must follow steps at Set Up the Metrics Collection and Workload Management Extensions before you start Greenplum Command Center.
After the Command Center software is installed, you start the Command Center web server and backend on the standby master host or, if you have no standby, on the master host. Some preparation is required to allow Command Center to run on the standby master host.
On the master host, edit the
$MASTER_DATA_DIRECTORY/pg_hba.conffile and add the following entry to allow the gpmon user to authenticate from any host in the Greenplum Database cluster.
host all gpmon <IP_of_host>/32 md5
gpstop -uto have Greenplum Database reload the file.
.pgpassfile from the master host to the standby master host. Run these commands from the master:
$ ssh gpadmin@<standby_host> $ scp gpadmin@<master_host>:~/.pgpass ~ $ chmod 600 ~/.pgpass
NOTE There are two alternative methods you can use to supply the gpmon user’s password so that you do not have to put the
.pgpassfile on the host. Command Center only requires the gpmon password when you run
gpcc stop, or
- Set the
PGPASSWORDenvironment variable before you run
$ PGPASSWORD=changeme gpcc status
- Add the
gpcccommands to have the command prompt you for the password. Example:
$ gpcc start -W
- Set the
If the Greenplum Command Center web server is to support TLS/SSL, a server certificate must be obtained and installed on the Command Center host in a location readable by the gpadmin user. The default path is
If Greenplum Command Center is to support Kerberos authentication, Greenplum Database must have Kerberos authentication set up and the required principals and keytabs must be installed on the Command Center host. See Enabling Authentication with Kerberos for Kerberos setup instructions. You can install Command Center without Kerberos authentication initially and then enable Kerberos later by running the
You can install Greenplum Command Center from any host in the Greenplum Database cluster. The software will be copied to all other hosts in the cluster. The following steps assume you are performing the installation on the master host.
Download Greenplum Command Center 4.x from Pivotal Network.
Extract the installer from the zip file.
$ gunzip greenplum-cc-web-<version>-LINUX-x86_64.zip
Extracting the installer creates a
greenplum-cc-web-<version>directory containing the
greenplum_path.shscript in the Greenplum Database installation directory to ensure the
GPHOMEenvironment variable is set.
$ source /usr/local/greenplum-db/greenplum_path.sh
Run the Greenplum Command Center installer.
$ cd greenplum-cc-web-<version> $ ./gpccinstall-<version> -W
The installer has three options.
-c <config-file>option specifies the path to an installation configuration file to use for a non-interactive installation. See Install with a Configuration File.
-Woption instructs the installer to prompt for the gpmon user’s password. The installer attempts to retrieve the gpmon password from the
PGPASSWORDenvironment variable, if set, or from the
~gpadmin/.pgpassfile, if present. If neither of these options is available, include the
-Woption to instruct the installer to prompt for the password. Note: to authenticate the gpmon user with the password in the
.pgpassfile, make sure the
PGPORTenvironment variable has been set to the Greenplum Database master port.
--ssh_pathoption allows you to specify the full path to a custom ssh program. If you do not supply this option, the installer uses the ssh command on the path.
$ ./gpccinstall-<version> --ssh_path /usr/local/bin/ssh -W
Read through the license agreement and enter
Where would you like to install Greenplum Command Center?
The default installation directory is
/usr/local. Press Enter to accept the default or enter the desired path. The directory must exist on all hosts in the Greenplum Database cluster and must be writable by gpadmin.
What would you like to name this installation of Greenplum Command Center?
Enter a name to display on Command Center web pages to identify this Greenplum Database system.
On which port would you like to install the Greenplum Command Center web server?
The default Command Center listen port is 28080. Press Enter to accept the default or enter another port number.
Would you like to enable SSL?
yif you want to enable SSL/TLS (HTTPS) encryption for client connections to the Command Center web server. The installation utility prompts for the location of the SSL certificate.
Provide the file path for the SSL certificate
Enter the path to the certificate installed on the Command Center host. The default is
/etc/ssl/certs/cert.pem. The certificate must be readable by the gpadmin user.
Would you like to enable Kerberos?
yif you want to enable client authentication with Kerberos. Kerberos must already be enabled for Greenplum Database. (If you enter
n, you can set up Kerberos authentication later using the
gpcc krbenablecommand.) The installer prompts for information about your Kerberos installation.
Choose Kerberos mode (1.normal/2.strict/3.gpmon_only)
Greenplum Command Center supports three different Kerberos authentication schemes.
1 - normal mode (default) – The Command Center Kerberos keytab file contains the Command Center principal and may contain principals for Command Center users. If the principal in the client’s connection request is in the Command Center’s keytab file, Command Center uses the client’s principal for database connections. Otherwise, Command Center uses the
gpmonuser for database connections.
2 - strict mode – Command Center has a Kerberos keytab file containing the Command Center service principal and a principal for every Command Center user. If the principal in the client’s connection request is in the keytab file, the web server grants the client access and the web server connects to Greenplum Database using the client’s principal name. If the principal is not in the keytab file, the connection request fails.
3 - gpmon_only mode – Command Center uses the
gpmondatabase role for all Greenplum Database connections. No client principals are needed in the Command Center’s keytab file.
Provide the path to the keytab file
Enter the path to the keytab file containing the Kerberos principal for the Command Center web server and, optionally, Command Center user principals.
What is the name of the GPDB Kerberos service?
The default service name for Greenplum Database is
postgres. You can check the value of the service name for your Greenplum Database cluster with the
$ gpconfig -s krb_srvname
What is the URL of the Command Center web server?
The Kerberos keytab file must contain a principal for the Command Center web server. The principal name is of the format
<gpcc-host>is the host name clients use in URLs when connecting to the Command Center web server.
You can provide a configuration file to the Greenplum Command Center installer to perform a non-interactive Command Center installation. Note that you must still view and accept the license agreement.
$ cd greenplum-cc-web-<version> $ ./gpccinstall-<version> -c <config-file> -W
The following table contains the names of the parameters corresponding to the interactive installation prompts and their default values. Define parameters in a configuration file for any parameters that have no default value or to override default values.
|Where would you like to install Greenplum Command Center?||/usr/local||path|
|What would you like to name this installation of Greenplum Command Center?||gpcc||display_name|
|On which port would you like to install the Greenplum Command Center web server?||28080||web_port|
|Would you like to enable SSL?||false||enable_ssl|
|Please provide the file path for the SSL certificate:||/etc/ssl/certs/cert.pem||ssl_cert_file|
|Would you like to enable Kerberos?||false||enable_kerberos|
|Choose Kerberos mode (1.normal/2.strict/3.gpmon_only):||1||krb_mode|
|Please provide the path to the keytab file:||keytab|
|What is the name of the GPDB Kerberos service?||postgres||krb_service_name|
|What is the URL of the Command Center web server?||gpcc||webserver_url|
enable_ssl parameter is true, the
ssl_cert_file parameter is required.
enable_kerberos parameter is true, the
keytab parameter is required and the
krb_service_name must be set to values from your Kerberos installation.
The following installation configuration file example sets all parameters to their default values.
path = /usr/local # Set the display_name param to the string to display in the GPCC UI. # The default is the hostname of the Greenplum master host # display_name = localhost master_port = 5432 web_port = 28080 rpc_port = 8899 enable_ssl = false # Uncomment and set the ssl_cert_file if you set enable_ssl to true. # ssl_cert_file = /etc/certs/mycert enable_kerberos = false # Uncomment and set the following parameters if you set enable_kerberos to true. # webserver_url = <webserver_service_url> # krb_mode = 1 # keytab = <path_to_keytab> # krb_service_name = postgres
You must follow the steps in this section only if you have upgraded your Pivotal Greenplum Database system from a 5.x release earlier than 5.8.0.
The Greenplum Database metrics collection and workload management extensions are installed when you upgrade to Pivotal Greenplum Database 5.8.0 or later. However, the upgrade procedure preserves your previous
postgresql.conf configuration file, so you must manually set the server configuration parameters that enable the extensions. You must restart Greenplum Database if you change any configuration parameters.
To set up the Command Center and workload management extensions, log in to the master host as gpadmin and follow these steps.
Add the metrics collector and workload management shared libraries to the
Check the current value of the
$ gpconfig -s shared_preload_libraries Values on all segments are consistent GUC : shared_preload_libraries Master value: Segment value:
Add the Command Center and workload management libraries to the parameter. (If there were existing libraries in the parameter, append the new libraries, separated with a comma.)
$ gpconfig -c shared_preload_libraries -v '\$libdir/metrics_collector,\$libdir/gp_wlm'
Make sure the
gp_enable_query_metricsconfiguration parameter is on.
gpconfig -s gp_enable_query_metrics gpconfig -c gp_enable_query_metrics -v on
If you changed any configuration parameters, restart Greenplum Database.