IBM Security Identity Governance and Intelligence, Version 5.2.3.1

Managing the PostgreSQL database

IBM® Security Identity Governance and Intelligence contains an internal PostgreSQL database that can store you data. If you choose to use the internal PostgreSQL database, use the following procedure to manage the database.

About this task

Important:
  • If you are using the PostgreSQL database in a stand-alone node, ensure that you back up your data.
  • The ID of the database administrator is postgres. Initially, the password is by default set to the same value of the password of the administrator of the virtual appliance. After the first time that the database administrator password is changed, the two administrator passwords follow different paths.
  • The default password of DB Users (the schema users) is ideas.

    The database administrator and the schema users passwords can be changed in the Postgres Management page.

Attention: An embedded PostgreSQL database environment requires higher resource consumption than the standard external DB2 database, making it critical to increase memory and CPU allocation to ensure a stable operation of the environment. When the database is co-resident in the VA, the CPU and memory resources will be taxed additionally to provide services to the Identity Governance processes, as well as the database management processes. In laboratory tests, the CPU requirements on the VA are 2 to 3 times higher when running with PostgreSQL, versus the combined requirements of a VA and DB running with DB2. The additional memory and CPU requirements are most important in the PostgreSQL cluster scenario when data replication is enabled. Despite additional memory and CPU, the performance of this environment also falls behind that of DB2.

At this time, PostgreSQL is not recommended for mission-critical environments, or deployments where performance requirements are high.

Procedure

  1. From the top-level menu of the Appliance Dashboard, click Configure > Postgres Management. The Postgres Management page displays a table with these column names.
    Name
    Specifies the name of the internal database, hostname.
    NFS Enabled
    Indicates whether a network file system mount point is created for the database. A status of true indicates that an NFS mount point exists for the database.
    State
    Indicates whether the instance is started or stopped.
    Database Role
    Specifies whether the database is a master or slave database. The role depends on whether the database is on a primary or secondary node. A PostgreSQL database on a single-server configuration or on the primary node in a cluster configuration is the master database. The PostgreSQL database on a secondary node is a slave database.
    SSL
    Specifies whether the database runs over an SSL connection (True) or not (False). By default, the value is True if the database is configured on a FIPS-enabled virtual appliance.
  2. On the Postgres Management page, do one of these actions. The actions that are available depend on whether you are working on the master or the slave database. The actions also depend on the node you are working from.
    Table 1. PostgreSQL database action items
    Action Button Description
    Start the database Start This option is available on the node for the master database only.
    • Select the database.
    • Click Start.

    A message indicates that the PostgreSQL server is starting. After the server is started, a system notification message is displayed that the PostgreSQL server was started successfully.
    Stop the database Stop This option is available on the node for the master database only.
    • Select the database.
    • Click Stop.

    A message indicates that the PostgreSQL server is stopping. After the server is stopped, a system notification message is displayed that the PostgreSQL server was stopped successfully.
    Restart the database Restart This option is available for the master database only.
    • Select the database.
    • Click Restart.

    A message indicates that the PostgreSQL server is restarting. After the server is restarted, a system notification message is displayed that the PostgreSQL server was restarted successfully.
    Start the slave database Resume replication This option is available on the node for the slave database only.
    • Select the database.
    • Click Resume replication.

    A message indicates that the PostgreSQL server is starting. After the server is started, a system notification message is displayed that the PostgreSQL server was started successfully.
    Stop the slave database Pause replication This option is available on the node for the slave database only.
    • Select the database.
    • Click Pause replication.

    A message indicates that the PostgreSQL server is stopping. After the server is stopped, a system notification message is displayed that the PostgreSQL server was stopped successfully.
    Refresh the database information Refresh Click Refresh to display the most recent version of the data, including changes that were made to the data since it was last refreshed.
    Create a replica of the primary node database on the secondary node Manage This option is available for the slave database on a secondary node only.
    • Select the database.
    • Click Manage.
    • Click Configure replication on the secondary node to create a backup of the master PostgreSQL database and begin replication.
    See Enabling and disabling replication between the primary and secondary nodes.
    Remove a replica of the primary node database from the secondary node Manage This option is available for the slave database on a secondary node only.
    • Select the database.
    • Click Manage.
    • Click Unconfigure replication on the secondary node to stop replication and to remove the backup PostgreSQL database.
    See Enabling and disabling replication between the primary and secondary nodes.
    Clear the data from the PostgreSQL database Manage This option is available for the master database on the primary node only.
    1. Select the database.
    2. Click Manage.
    3. Click Reset to remove the data from the PostgreSQL database and create a new PostgreSQL database.
      Note: If you unconfigure the PostgreSQL database as the identity data store, the data is preserved in the PostgreSQL database. To clear the database, you must use Reset.

      If you reset the master PostgreSQL database on the primary node, the slave database on the secondary node is not reset. You must force synchronization of the slave database from the secondary node to remove the data.
    Change the PostgreSQL database password Manage This option is available for the master database on the primary node only.
    1. Select the database.
    2. Click Manage.
    3. Click Change Password.
    See Changing the Postgres database password.
    Set up more storage for a PostgreSQL database Manage This option is available for the master database on the primary node only.
    1. Select the database.
    2. Click Manage.
    3. Click Move to NFS.
    See Setting up external storage for the Postgres database.
    Promote a slave database to a master database Promote This option is available for the slave database only.
    • Select the database.
    • Click Manage.
    • Click Promote.
    • Click Yes to confirm that you want to promote the database.
    Synchronize the databases Force Synchronization This option is available for the slave database only.
    • Select the database.
    • Click Manage.
    • Click Force synchronization.
    • Click Yes to confirm that you want to force the synchronization of the database.
    Change the SSL settings Manage
    • Select the database.
    • Click Manage.
    • Click Security.

      The Security Setting window is displayed. The Enable SSL field displays the current status, True or False.

    • Click the field and change the current value. Another window confirms that SSL is being enabled or disabled.
Parent topic: Virtual appliance administration