Open a terminal window on the designated node to be the database server (begin with the primary database server). 

Note that steps 1-6 below must be performed on both DB nodes before continuing to step 7.

  1. Access the RPM files required for installation from the same directory where you download the files using the following command. For example, if you create a Chronicle SOAR user and RPMS are downloaded in the home directory of the user:
    cd /home/siemplify

    You may need to access the RPM files from a different folder if they are not located in the home folder.

  2. Use the root user for the installation process. Change to root user using the command:
    sudo su -
  3. Open the HA DB rpms.zip file using the command:
    unzip HA DB rpms.zip

    Make sure you have an unzip package on your machine using the command: 

    sudo yum install unzip
  4. Install the PostgreSQL with Repmgr using the command:
    yum install postgresql10*.rpm repmgr*.rpm unixODBC*.rpm libicu*.rpm tcl*.rpm -y
    You are notified when the installation is complete.
  5. Enable postgresql using the command:
    systemctl enable postgresql-10
  6. Create a PostgreSQL password using the command
    passwd postgres
    You will be asked to enter a new password as shown in the screenshot below.
  7. Access the postgresql shell to generate SSH keys. This ensures remote communication between the DB machines. Open the postgresql shell, using the command:
    su - postgres
  8. On the shell, generate SSH keys using the command:
    ssh-keygen -t rsa
  9. After you generate the SSH keys, add them to the other DB machine using the command: 
    ssh-copy-id postgres@OTHER_IP (IP of the other DB machine)
  10. Once the keys are copied, exit the postgres shell and return to the root using the command:
    exit
  11. Install the policycoreutils-python package using the command:
    yum install -y policycoreutils-python
    This contains the management tools for the SELinux environment. SELinux is an access control system built into the Linux kernel. It enforces resource policies that defines the level of access that users, programs, and services have for a system.
  12. Next, check for the operations that SELinux denied permission to run during the installation and the reason for this using the command:
    audit2allow -w -a
    If all the operations ran smoothly, you can ignore the next step and continue to the Configure PosgreSQL procedure in the next article.
  13. If the operations were denied permissions, you will see this in the screenshot below. If this happens run the following commands to allow SSH key sharing:
    audit2allow -a -M sshd_read_postgres_ssh_authorized_keys
    semodule -i sshd_read_postgres_ssh_authorized_keys.pp