When you enable and configure Orchestration Server auditing, you create a small custom database and a simple schema that persists all of the Orchestration Server jobs that have been run, along with their parameters. The database also maintains the login or logout activity of the Orchestration Server users and resources and includes an “actions” table that records provisioning actions and their status (started, failed, completed successfully, etc.).
NOTE:We recommend that you install the PostgreSQL packages on a SLES 10 SP3 server (or SLES 11 SP1 server) that is different from the server where you install the Orchestration Server. This ensures an adequate amount of space for running the server as the database is used.
We also recommend that you open TCP port 5432 (or whatever port you configure PostgreSQL to use—5432 is the PostgreSQL default) in the firewall of the RDBMS host. Without an open port in the host firewall, a remote Orchestration Server cannot access the audit database.
For high availability Orchestration Server configurations, you need to install the database outside of the high availability cluster.
If you want to run the database on the same host with the Orchestration Server, see Section 5.6, Installing and Configuring the Orchestration Server for Use with a Local PostgreSQL Audit Database.
If the SLES 10 SP3 machine (or the SLES 11 SP1 machine) does not have PostgreSQL packages installed and running, use YaST to search for postgresql-server, then install the package and its dependencies.
You can also run the following command from the bash prompt:
yast2 -i postgresql-server
When PostgreSQL is installed, you need to create the default database and start it. Use the following commands:
su - postgres
These commands create or update the PostgreSQL privilege database and installs the prepared tables. For more detail about what you will see when you run these commands, see Detail.
NOTE:You cannot run the pg_ctl command as root. You must first change to the superuser for PostgreSQL (su - postgres). Failure to issue this command first results in the following messages:
# pg_ctl start pg_ctl: cannot be run as root Please log in (using, e.g., "su") as the (unprivileged) user that will own the server process.
postgres> initdb The files belonging to this database system will be owned by user "postgres". This user must also own the server process. The database cluster will be initialized with locale en_US.UTF-8. The default database encoding has accordingly been set to UTF8. creating directory /var/lib/pgsql/data ... ok creating directory /var/lib/pgsql/data/global ... ok creating directory /var/lib/pgsql/data/pg_xlog ... ok creating directory /var/lib/pgsql/data/pg_xlog/archive_status ... ok creating directory /var/lib/pgsql/data/pg_clog ... ok creating directory /var/lib/pgsql/data/pg_subtrans ... ok creating directory /var/lib/pgsql/data/pg_twophase ... ok creating directory /var/lib/pgsql/data/pg_multixact/members ... ok creating directory /var/lib/pgsql/data/pg_multixact/offsets ... ok creating directory /var/lib/pgsql/data/base ... ok creating directory /var/lib/pgsql/data/base/1 ... ok creating directory /var/lib/pgsql/data/pg_tblspc ... ok selecting default max_connections ... 100 selecting default shared_buffers ... 1000 creating configuration files ... ok creating template1 database in /var/lib/pgsql/data/base/1 ... ok initializing pg_authid ... ok enabling unlimited row size for system tables ... ok initializing dependencies ... ok creating system views ... ok loading pg_description ... ok creating conversions ... ok setting privileges on built-in objects ... ok creating information schema ... ok vacuuming database template1 ... ok copying template1 to template0 ... ok copying template1 to postgres ... ok WARNING: Enabling "trust" authentication for local connections You can change this by editing pg_hba.conf or using the -A option the next time you run initdb. Success. You can now start the database server using: postmaster -D /var/lib/pgsql/data or pg_ctl -D /var/lib/pgsql/data -l logfile start postgres> postmaster -i