Install PMM Client manually using binaries¶
This method allows you to install PMM Client using pre-compiled binary packages on a wide range of Linux distributions, for both x86_64 and ARM64 architectures.
Installing from binaries offers these advantages:
- supports Linux distributions not covered by package managers
- doesn’t require package managers
- allows installation without root permissions (unique to this method)
- provides complete control over the installation location
Tip for quick installation
For a quick installation:
- Download the PMM Client tar.gz file
- Extract it
- Run
./install_tarball
(or with-u
flag to preserve existing config during upgrades)
Prerequisites¶
Complete these essential steps before installation:
-
Check system requirements to ensure your environment meets the minimum criteria.
-
Install and configure PMM Server as you’ll its IP address or hostname to configure the Client.
-
Set up firewall rules to allow communication between PMM Client and PMM Server.
-
Create database monitoring users with appropriate permissions for the databases you plan to monitor.
-
Check that you have root or sudo privileges to install PMM Client. Alternatively, use binary installation for non-root environments.
Version information
The commands below are for the latest PMM release. If you want to install a different release, make sure to update the commands with your required version number.
Installation and setup¶
Binary installation adapts to your environment’s permission model. Complete the installation first, then register your node for monitoring.
Install PMM Client¶
Select the appropriate instructions based on your access level:
To install with root/administrator privileges:
-
Download the PMM Client package for your architecture:
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-x86_64.tar.gz
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-aarch64.tar.gz
-
Download the corresponding checksum file to verify integrity:
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-x86_64.tar.gz.sha256sum
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-aarch64.tar.gz.sha256sum
-
Verify the download:
sha256sum -c pmm-client-3.3.1-x86_64.tar.gz.sha256sum
sha256sum -c pmm-client-3.3.1-aarch64.tar.gz.sha256sum
-
Unpack the package and move into the directory:
tar xfz pmm-client-3.3.1-x86_64.tar.gz && cd pmm-client-3.3.1
tar xfz pmm-client-3.3.1-aarch64.tar.gz && cd pmm-client-3.3.1
-
Set the installation directory:
export PMM_DIR=/usr/local/percona/pmm
-
Run the installer:
sudo ./install_tarball
-
Update your PATH:
PATH=$PATH:$PMM_DIR/bin
-
Create symbolic links to make PMM commands available system-wide:
sudo ln -s /usr/local/percona/pmm/bin/pmm-agent /usr/local/bin/pmm-agent sudo ln -s /usr/local/percona/pmm/bin/pmm-admin /usr/local/bin/pmm-admin
-
Set up the agent:
sudo pmm-agent setup --config-file=/usr/local/percona/pmm/config/pmm-agent.yaml --server-address=192.168.1.123 --server-insecure-tls --server-username=admin --server-password=admin
-
Run the agent:
sudo pmm-agent --config-file=${PMM_DIR}/config/pmm-agent.yaml
Follow these steps for environments where you don’t have root access:
-
Download the PMM Client package for your architecture:
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-x86_64.tar.gz
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-aarch64.tar.gz
-
Download the corresponding checksum file to verify integrity:
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-x86_64.tar.gz.sha256sum
wget https://downloads.percona.com/downloads/pmm3/3.3.1/binary/tarball/pmm-client-3.3.1-aarch64.tar.gz.sha256sum
-
Verify the download:
sha256sum -c pmm-client-3.3.1-x86_64.tar.gz.sha256sum
sha256sum -c pmm-client-3.3.1-aarch64.tar.gz.sha256sum
-
Unpack the package and move into the directory:
tar xfz pmm-client-3.3.1-x86_64.tar.gz && cd pmm-client-3.3.1
tar xfz pmm-client-3.3.1-aarch64.tar.gz && cd pmm-client-3.3.1
-
Set the installation directory:
export PMM_DIR=YOURPATH
Replace YOURPATH with a path where you have required access.
-
Run the installer:
./install_tarball
-
Update your PATH:
PATH=$PATH:$PMM_DIR/bin
-
Set up the agent:
pmm-agent setup --config-file=${PMM_DIR}/config/pmm-agent.yaml --server-address=192.168.1.123 --server-insecure-tls --server-username=admin --server-password=admin --paths-tempdir=${PMM_DIR}/tmp --paths-base=${PMM_DIR}
-
Run the agent:
pmm-agent --config-file=${PMM_DIR}/config/pmm-agent.yaml
Register the node¶
After installing PMM Client, register your node with PMM Server to begin monitoring. This enables PMM Server to collect metrics and provide monitoring dashboards for your database infrastructure.
Registration requires authentication to verify that your PMM Client has permission to connect and send data to the PMM Server. PMM supports two authentication methods for registering the node: secure service account tokens and standard username/password credentials.
Service accounts provide secure, token-based authentication for registering nodes with PMM Server. Unlike standard user credentials, service account tokens can be easily rotated, revoked, or scoped to specific permissions without affecting user access to PMM.
To register with service accounts, create a service account then generate an authentication token that you can use to register the PMM Client:
- Log into PMM web interface.
- Navigate to Administration > Users and access > Service Accounts.
- Click Add Service account.
- Enter a descriptive name (e.g.:
pmm-client-prod-db01
). Keep in mind that PMM automatically shortens names exceeding 200 characters using a{prefix}_{hash}
pattern. - Select the Editor role from the drop-down. For detailed information about what each role can do, see Role types in PMM.
- Click Create > Add service account token.
- (Optional) Name your token or leave blank for auto-generated name.
- (Optional) Set expiration date for enhanced security. Expired tokens require manual rotation. Permanent tokens remain valid until revoked.
- Click Generate Token.
- Save your token immediately. It starts with
glsa_
and won’t be shown again! -
Register using the token:
pmm-admin config --server-insecure-tls \ --server-url=https://YOUR_PMM_SERVER:443 \ --server-username=service_token \ --server-password=YOUR_GLSA_TOKEN \ [NODE_ADDRESS] [NODE_TYPE] [NODE_NAME]
Parameters explained:
--server-insecure-tls
- Skip certificate validation (remove for production with valid certificates)YOUR_PMM_SERVER
- Your PMM Server’s IP address or hostnameservice_token
- Use this exact string as the username (not a placeholder!)YOUR_GLSA_TOKEN
- The token you copied (starts withglsa_
)[NODE_ADDRESS]
- (Optional) IP address of the node being registered[NODE_TYPE]
- (Optional) Node type:generic
,container
, etc.[NODE_NAME]
- (Optional) Descriptive name for the node.
Full example with node details
This registers nodepmm-admin config --server-insecure-tls \ --server-url=https://192.168.33.14:443 \ --server-username=service_token \ --server-password=glsa_aBc123XyZ456... \ 192.168.33.23 generic prod-db01
192.168.33.23
with typegeneric
and nameprod-db01
.
This method exposes credentials in command history, process lists, and logs. Use only for testing or migration scenarios.
pmm-admin config --server-insecure-tls \
--server-url=https://admin:admin@YOUR_PMM_SERVER:443
Parameters explained:
YOUR_PMM_SERVER
- Your PMM Server’s IP address or hostname443
- Default HTTPS portadmin
/admin
- Default PMM username and password (change this immediately after first login)
Registration with node details
Register a node with IP address 192.168.33.23
, type generic
, and name mynode
:
pmm-admin config --server-insecure-tls \
--server-url=https://admin:[email protected]:443 \
192.168.33.23 generic mynode
To migrate to service accounts:
- Create service accounts while still using standard authentication.
- Test service account tokens on non-critical nodes.
- Gradually migrate all nodes to token authentication.
- Change the admin password from default.
- Consider restricting or disabling direct admin account usage for node registration.
HTTPS requirement
PMM requires HTTPS connections (port 443
by default). HTTP URLs automatically redirect to HTTPS. For connection errors, verify:
- Port
443
is accessible - Firewall rules allow HTTPS traffic
- TLS certificates are valid (or use
--server-insecure-tls
)
Verify the connection¶
Check that PMM Client is properly connected and registered:
pmm-admin status