Monitor with Percona Monitoring and Management (PMM)

In this section you will learn how to monitor the health of Percona Distribution for PostgreSQL with Percona Monitoring and Management (PMM) .

Note

Only PMM 2.x versions are supported by the Operator.

PMM is a client/server application. It includes the PMM Server and the number of PMM Clients running on each node with the database you wish to monitor.

A PMM Client collects needed metrics and sends gathered data to the PMM Server. As a user, you connect to the PMM Server to see database metrics on a number of dashboards. PMM Server and PMM Client are installed separately.

Install PMM Server

You must have PMM server up and running. You can run PMM Server as a Docker image, a virtual appliance, or on an AWS instance. Please refer to the official PMM documentation for the installation instructions.

Install PMM Client

To install PMM Client as a side-car container in your Kubernetes-based environment, do the following:

1. Get the PMM API key from PMM Server . The API key must have the role “Admin”. You need this key to authorize PMM Client within PMM Server.

   From PMM UI From command line

   Generate the PMM API key

   You can query your PMM Server installation for the API Key using curl and jq utilities. Replace <login>:<password>@<server_host> placeholders with your real PMM Server login, password, and hostname in the following command:

   $ API_KEY=$(curl --insecure -X POST -H "Content-Type: application/json" -d '{"name":"operator", "role": "Admin"}' "https://<login>:<password>@<server_host>/graph/api/auth/keys" | jq .key)
   

   Note

   The API key is not rotated.

2. Specify the API key as the PMM_SERVER_KEY value in the deploy/secrets.yaml secrets file.

   apiVersion: v1
   kind: Secret
   metadata:
     name: cluster1-pmm-secret
   type: Opaque
   stringData:
     PMM_SERVER_KEY: ""
   

3. Create the Secrets object using the deploy/secrets.yaml file.

   $ kubectl apply -f deploy/secrets.yaml -n postgres-operator
   

4. Update the pmm section in the deploy/cr.yaml file.

   • Set pmm.enabled=true.
   • Specify your PMM Server hostname / an IP address for the pmm.serverHost option. The PMM Server IP address should be resolvable and reachable from within your cluster.

     pmm:
       enabled: true
       image: percona/pmm-client:2.44.0
   #    imagePullPolicy: IfNotPresent
       secret: cluster1-pmm-secret
       serverHost: monitoring-service
   

5. Update the cluster

   $ kubectl apply -f deploy/cr.yaml -n postgres-operator
   

6. Check that corresponding Pods are not in a cycle of stopping and restarting. This cycle occurs if there are errors on the previous steps:

   $ kubectl get pods -n postgres-operator
   $ kubectl logs <pod_name> -c pmm-client
   

Update the secrets file

The deploy/secrets.yaml file contains all values for each key/value pair in a convenient plain text format. But the resulting Secrets Objects contains passwords stored as base64-encoded strings. If you want to update the password field, you need to encode the new password into the base64 format and pass it to the Secrets Object.

To encode a password or any other parameter, run the following command:

Linux macOS

$ echo -n "password" | base64 --wrap=0

$ echo -n "password" | base64

For example, to set the new PMM API key in the my-cluster-name-secrets object, do the following:

Linux macOS

$ kubectl patch secret/cluster1-pmm-secret -p '{"data":{"PMM_SERVER_KEY": '$(echo -n new_key | base64 --wrap=0)'}}'

$ kubectl patch secret/cluster1-pmm-secret -p '{"data":{"PMM_SERVER_KEY": '$(echo -n new_key | base64)'}}'

Check the metrics

Let’s see how the collected data is visualized in PMM.

1. Log in to PMM server.

2. Click PostgreSQL from the left-hand navigation menu. You land on the Instances Overview page.

3. Click PostgreSQL → Other dashboards to see the list of available dashboards that allow you to drill down to the metrics you are interested in.

---

Last update: 2025-07-10