Feedback
Contents
- External database installation and setup
- External database setup requirements
- Additional documentation
- External database setup prerequisites
- Hardware and performance recommendations
- About security recommendations
- External database connection security
- User access restriction recommendations
- Maximum connection limit setup
- Default listener port setup
External database installation and setup
This chapter provides information about how to configure an external database to store information synchronized from the Cisco Unified Communications Manager IM and Presence Service. The following IM and Presence features require an external database:
- Permanent Group Chat feature - IM and Presence supports two types of group chat, temporary (ad-hoc) chat and permanent chat. You do not require an external database for temporary chat to work. However, if you require permanent chat rooms on IM and Presence, you must configure an external database.
- Instant Messaging Compliance - If you deploy the native Message Archiver (MA) component on IM and Presence for compliance logging, you require an external database.
- External database setup requirements
- Additional documentation
- External database setup prerequisites
- Hardware and performance recommendations
- About security recommendations
External database setup requirements
- Hardware requirements: A remote server on which you install the PostgreSQL database(s).
- Software requirements:
Note
You can also use version 8.1.x of the PostgreSQL database, but the configuration of these versions may be different to the PostgreSQL database configuration described in this module. See the PostgreSQL documentation for details on how to configure these PostgreSQL database versions. If you use version 8.1.x of the PostgreSQL database, the database configuration on IM and Presence will be the same as described in this module.
- External Database requirements for IM and Presence features: The external database requirements differ depending on the features you wish to deploy on IM and Presence:
- Permanent Group Chat feature: You require one unique external database for each IM and Presence server in an IM and Presence cluster. Each node requires its own logical database, but nodes can share the same physical database installation.
- Compliance feature: We highly recommend that you configure at least one external database for an IM and Presence cluster; however you may require more than one external database for a cluster depending on your server capacity.
Note
If you deploy both the Permanent Group Chat and Compliance features on an IM and Presence server you can assign the same external database to both features.
Related Information
Additional documentation
This procedure only describes how to configure the external database on IM and Presence. It does not describe how to fully configure the features that require the external database, specifically the Permanent Group Chat and Compliance features. See the documentation specific to the feature you are deploying for the complete configuration:
- For information on configuring the Compliance feature on IM and Presence, see the Instant Messaging Compliance for IM and Presence Service on Cisco Unified Communications Manager
- For information on configuring the Permanent Group Chat feature on IM and Presence, see the Deployment Guide for IM and Presence Service on Cisco Unified Communications Manager
External database setup prerequisites
Hardware and performance recommendations
When you configure an external database with IM and Presence, you need to consider the following recommendations:
- We recommend that you use similar hardware for both the external database and the IM and Presence nodes.
- We recommend that you maintain the external database according to the best practice guidelines described in the product documentation. If you do not properly maintain the external database, and you allow the external database to fill up, this causes performance problems in the IM and Presence cluster.
Related Information
About security recommendations
- External database connection security
- User access restriction recommendations (Recommended)
- Maximum connection limit setup (Optional)
- Default listener port setup (Optional)
- External database connection security
- User access restriction recommendations
- Maximum connection limit setup
- Default listener port setup
User access restriction recommendations
We strongly recommend that you restrict user access to the external database to only the particular user and database instance that IM and Presence uses. You can restrict user access to the PostgreSQL database in the pg_hba.conf file located in the <install_dir>/data directory.
Caution
Do not configure 'all' for the user and database entries because potentially this could allow any user access to any database.
When you configure user access to the external database, we also recommend that you configure password protection for the database access using the 'password' method.
Note
You are required to enter a password for the database user when you configure a database entry on IM and Presence.
The following are examples of a secure user access configuration, and a less secure user access configuration, in the pg_hba.conf file.
Example of a secure configuration:
# TYPE
DATABASE
USER
CIDR-ADDRESS
METHOD
host
dbinst1
tcuser1
10.89.99.0/24
password
host
dbinst2
mauser1
10.89.99.0/24
password
Example of a less secure configuration:
# TYPE
DATABASE
USER
CIDR-ADDRESS
METHOD
host
dbinst1
tcuser1
10.89.99.0/24
trust
host
dbinst2
all
10.89.99.0/24
password
Notes on the example of a less secure configuration:
Related Tasks
Related Information
Maximum connection limit setup
Note
Use this section as a guideline if you wish to limit the number of connections to the database. This section is optional configuration.
For additional security, you can limit the maximum number of permitted connections to the external database. Use the guideline we provide here to calculate the number of database connections that are appropriate for your deployment.
You must modify this guideline to suit your IM and Presence deployment and configuration. The guideline we provide here assumes that:
- You are running both the Compliance and Permanent Group Chat features on IM and Presence. and
- You configure the default number of connections to the database for the Permanent Group Chat feature on IM and Presence administration interface.
To limit the number of database connections, configure the max_connections value in the postgresql.conf file located in the <install_dir>/data directory. We recommend that you set the value of the max_connections parameter equal to this guideline:
max_connections = N*10 + Additional Connections
- N is the number of nodes in your IM and Presence cluster.
- 10 is the default number of connections to the database on IM and Presence, that is, five connections for the Compliance feature and five connections for the Permanent Group Chat feature. You can configure the number of database connections for the Permanent Group Chat feature on IM and Presence Administration interface.
- Additional Connections represents any independent administration or database administrator (DBA) connections to the database server. For example, if you have an IM and Presence cluster containing six nodes, and you require an additional three DBA connections, using the guideline above, you should set the max_connections value to 63.
Related Information
