Storing user settings in the backend, accessible to all web application instances v10

Suggest edits

When deploying more than one instance of the PEM web application, configure PEM to store user settings in the backend database to ensure they are synchronized across all instances.

Configure the PEM backends

In the PEM backend Postgres instance, connect as a superuser and create a new database.

Grant the new user the right to connect to this database and revoke the right to connect to the PEM database.

CREATE DATABASE pem_user_settings;
CREATE USER pem_user_settings WITH PASSWORD 'choose-a-password';
GRANT CONNECT ON DATABASE pem_user_settings FROM PUBLIC;
REVOKE CONNECT ON DATABASE pem FROM PUBLIC;

You should also revoke rights to connect to any other database on this instance, for example postgres or edb.

You should also ensure that the user pem_user_settings is permitted to connect to each Postgres instance from any web application instances. This may require adding a rule to pg_hba.conf of the following form:

hostssl  pem_user_settings  pem_user_settings  <web-application-subnet>  scram-sha-256

Connect to the new database as a superuser and grant the new user all necessary permissions on the new database.

ALTER DEFAULT PRIVILEGES FOR ROLE pem_user_settings GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO pem_user;
ALTER DEFAULT PRIVILEGES FOR ROLE pem_user_settings GRANT SELECT, UPDATE ON SEQUENCES TO pem_user;

Configure the PEM web applications

On each instance of the PEM web application, locate the config_local.py file or create one if it does not exist (see Managing configuration settings).

Add the following line, replacing <password> with the password of the pem_user_settings user.

  • If you are using a single endpoint to route traffic to the primary PEM backend instance, then <host-ip> and <host-port> should be the IP address and port of that endpoint.
CONFIG_DATABASE_URI="postgres://pem_user_settings:<password>@<host-ip>:<host-port>/pem_user_settings"
  • If you are using multi-host connection strings to route traffic to the PEM primary, you may use the following format, specifying the details of each PEM backend.
CONFIG_DATABASE_URI="postgres://pem_user_settings:<password>@<host-1-ip>:<host-1-port>,<host-2-ip>:<host-2-port>,<host-3-ip>:<host-3-port>/pem_user_settings"
← Prev

HA PEM using the S1 architecture with EFM and a Virtual IP

↑ Up

Installing Postgres Enterprise Manager in HA Patterns

Next →

Installing Postgres Enterprise Manager agent