diff --git a/docs/enterprise/install/helm.md b/docs/enterprise/install/helm.md index 4e5e83462..dc3405fd3 100644 --- a/docs/enterprise/install/helm.md +++ b/docs/enterprise/install/helm.md @@ -10,7 +10,7 @@ This document covers installing Pomerium Enterprise Console into your existing h The Pomerium Enterprise Console requires: -- An accessible RDBMS. We support PostgreSQL 9+ and MySQL 5.8+ (Postgres preferred). +- An accessible RDBMS. We support PostgreSQL 9+. - A database and user with full permissions for it. - A certificate management solution. This page will assume a store of certificates in and assume [cert-manager](https://cert-manager.io/docs/) as the solution. If you use another certificate solution, adjust the steps accordingly. - An existing Pomerium installation. If you don't already have the open-source Pomerium installed in your cluster, see [Pomerium using Helm](/docs/quick-start/helm.md) before you continue. @@ -26,7 +26,7 @@ For an production deployment, Pomerium Enterprise requires: - 2 vCPUs - 8G RAM - 100G of disk wherever logs are stored -- Each Postgres / MySQL instance should have at least: +- Each Postgres instance should have at least: - 4 vCPUs - 8G RAM - 20G for data files @@ -120,7 +120,7 @@ For an production deployment, Pomerium Enterprise requires: ```yaml database: - type: pg #For PostgreSQL, set 'my' for MySQL + type: pg username: pomeriumDbUser password: IAMASTRONGPASSWORDLOOKATME host: 198.51.100.53 diff --git a/docs/enterprise/install/quickstart.md b/docs/enterprise/install/quickstart.md index 0ebd7ee9a..f4bdb0d21 100644 --- a/docs/enterprise/install/quickstart.md +++ b/docs/enterprise/install/quickstart.md @@ -14,7 +14,7 @@ This document assumes: - `root` or `sudo` privileges on the host. - You already have the open-source Pomerium base installed. If not, follow [this doc](/docs/quick-start/binary.md) before you continue. - While an existing route is not required, we suggest implementing one test route to validate your identity provider (**IdP**) configuration. -- Pomerium Enterprise requires a relational database. PostgreSQL 9+ and MySQL 5.8+ are supported. +- Pomerium Enterprise requires a relational database. PostgreSQL 9+ is supported. - Securing the database connection with TLS may not be required, especially for a local installation, but is strongly recommended for production deployments. Therefor, this guide will assume a TLS-secured database connection. - A supported data broker backend. Currently we support Redis. - As with the database, TLS encryption is strongly recommended for production deployments. @@ -98,7 +98,7 @@ sudo systemcrt enable --now pomerium-console ## Initial Configuration -Like the open-source Pomerium base, the Pomerium Enterprise Console is configured through a single config file, located at `/etc/pomerium-console/config.yaml`. +Like the open-source Pomerium base, Pomerium Enterprise Console is configured through a single config file, located at `/etc/pomerium-console/config.yaml`. ### External Services @@ -111,11 +111,7 @@ shared_secret: XXXXXXXXXXXXXXXXXXX database_encryption_key: YYYYYYYYYYYYYYYYYYYYYY ``` -For database uri options (especially TLS settings) see the documentation of your particular database driver: - - - [PostgreSQL SSL Support](https://www.postgresql.org/docs/9.1/libpq-ssl.html) - - - [MySQL Connector/ODBC Connection Parameters](https://dev.mysql.com/doc/connector-odbc/en/connector-odbc-configuration-connection-parameters.html) +For database uri options (especially TLS settings) see the [PostgreSQL SSL Support](https://www.postgresql.org/docs/9.1/libpq-ssl.html) documentation. ### Administrators @@ -153,3 +149,7 @@ tls_ca_file: /etc/pomerium-console/ca.pem tls_cert_file: /etc/pomerium-console/cert.pem tls_key_file: /etc/pomerium-console/key.pem ``` + +## Next Steps + +The Pomerium Enterprise Console assumes access to a [Prometheus](https://prometheus.io/) data store for metrics. See [Prometheus Metrics](/enterprise/prometheus.md) to learn how to configure access. \ No newline at end of file