It's not clear from the documentation what backend_data_directory0 is.
If I run Postgres on Hosts A and B and PGPool on Host C - how am I supposed to point PGPool on Host C at at a directory on Host A?? Am I supposed to mount my database server data directories on my PGPool Host? If so why and how? Read/Write access?
Related
I have pgAdmin4 and PostgreSQL running inside Docker containers on a GCP virtual machine. I have already ingested data into PostgreSQL and I can access the tables and databases using pgcli. However, I am unable to connect to pgAdmin4. How can I connect to the pgAdmin4?
You will access pgadmin with your browser.
When you start up the pgadmin container, you should have configured a port mapping. Add a firewall rule to your VM's network configuration for this mapped port (for example, I've configured an ingress firewall rule for 15432 because I mapped 15432 to 80 in my docker config).
Example snippet from docker-compose:
ports:
- 15432:80
Assuming you have configured an external IP address, use the external IP address and the port number in your browser to access pgadmin. Like this, where XX.XX.XX.XXX is your external IP and 15432 was mapped to port 80:
http://XX.XX.XX.XXX:15432/login
The PostgreSQL database is just installed directly into the linux host machine (not as docker container).
In a docker container (built with docker compose) I have an application that needs to connect to the database.
The client container needs to be on a docker bridge network and cannot be on the host network directly because it needs to reach other containers on the bridge network.
I connect to the Postgres database using the
host.docker.internal hostname as described here.
From within that container I can reach the database no problem that way. But PostgreSQL needs to allow this connection in pg_hba.conf or else I get the error:
no pg_hba.conf entry for host "172.22.0.3"
Of course I can add that IP address to pg_hba.conf like done here but that won't give me a very stable solution because the IP address will not always be the same.
What would be the best practice?
Allow all connection from 172...* ?
Or...?
I'm pretty sure, docker has some dns service by default, and you can write hostname to pg_hba.conf instead of ip address. postgres tries to resolve those name, but maybe only when readin' the conf, so you may need to run pg_ctlcluster reload frequently, like on replacing the client container.
It's cleaner and more secure, if you open the postgres only for those containers who's actually need to connect. On the other hand, if the open port is ssl only and password protected, and your other containers can be considered as trusted, allowing all of them to connect is not something i would call high risk.
The only good practice is to move postgreSQL in a container as if you follow other good practice ( like running docker rootless-mode ) your container app is not suppose to access to any of you host interface.
For now I have gone with adding a samenet entry in the pg_hba.conf file. I am not sure if this is the best approach so I am happy to receive more suggestions.
# to enable local docker connections:
host all all samenet md5
I am trying to setup a pgpool loadbalancer for a Postgresql streaming replication cluster.
I am using postgresql-12 and pgpool2-4.1.0 from the Postgresql repo https://apt.postgresql.org/pub/repos/apt/ on Debian 10.2 (latest stable).
I have setup Postgresql cluster with streaming replication using physical slots (not WAL shipping) and everything seems to be working properly. The secondaries connect replicate data without any issues.
Then I installed the pgpool2-4.1.0 on the same servers. I have made the proper modifications to pgpool.conf according to the pgpool wiki and I have enabled the watchdog process.
When I start pgpool, on all three nodes, I can see that watchdog is working properly, quorum exists and pgpool elects a master (pgpool node) which also enables the virtual IP from the configuration.
I can connect to the postgres backend via pgpool and issue read and write commands successfully.
The problem appears on the pgpool logs, from syslog, I get:
Jan 13 15:10:30 debian10 pgpool[9826]: 2020-01-13 15:10:30: pid 9870: LOG: failed to connect to PostgreSQL server on "pg1:5433", getsockopt() detected error "Connection refused"
Jan 13 15:10:30 debian10 pgpool[9826]: 2020-01-13 15:10:30: pid 9870: LOCATION: pool_connection_pool.c:680
When checking the PID mentioned above, I get the pgpool healthcheck process. I
pg1, pg2, pg3 are the database servers listening on all addresses on port 5433, pg1 is the primary.
pgpool listens on 5432.
The database user that is used for the healthcheck is "pgpool", I have verified that I can connect to the database using that user from all hosts on the particular subnet.
When I disable the healthcheck the issue goes away, but the defeats the purpose.
Any ideas?
Turns out it was name resolution in the /etc/hosts file and the postgresql.conf.
Specifically, the /etc/hosts was like this:
vagrant#pg1:~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 pg1
....
10.10.20.11 pg1
....
And postgresql.conf like this:
....
listen_addresses = 'localhost,10.10.20.11' # what IP address(es) to listen on;
....
So when healthcheck tried to reach the local node on every machine, it would check via hostname (pg1, pg2, etc). With the hosts file above that leads to 127.0.1.1 that postgresql doesn't listen, so it would fail, hence the error, and then try with the 10.10.20.11 which would be successful. That also explains why there was no error from healthchecks of remote hosts.
I changed the hosts file to the following:
vagrant#pg1:~$ cat /etc/hosts
127.0.0.1 localhost
127.0.1.1 pg1-local
....
10.10.20.11 pg1
....
And the logs are clear.
This is Debian specific, as Red Hat-based distros don't have a
127.0.1.1 hostname
record in their /etc/hosts
Ubuntu 16.04 LTS
I have followed the guides which all say the same thing; to enable remote connection to a postgres server, update the postgresql.conf file, update the pg_hba.conf file and make sure the port (5432) is open and firewall is not blocking.
When I attempt to connect to my server from the remote machine using the following command, I receive no response (for example, 'Connection refused...'). It hangs as if the firewall has DROP policy, but I checked and the host's firewall is ACCEPT all. Here is the command:
psql -h 45.67.82.123 -U postgres -p 5432 -d mydatabase
I have googled extensively and can't find anyone else who's psql request sits with no response from the host server.
Edit: I should mention I have been connecting locally on the host machine. I should also mention that the data directory on the host machine is in a non-default location. I have my cluster on a mounted drive, in case this could affect the remote connection.
Solution:
It is my first AWS instance and I didn't know they have their own firewall rules on the platform. So I was highly confused by the fact all my policies were ACCEPT on my server. Turns out you are behind AWS firewall and you have to go onto the platform to add/change security groups etc. In the past when I've used Digital Ocean droplets or Linodes, the firewall policy on the vps is all I need to change. AWS threw me another curveball there.
First of all: my only experience with SQL is by SQLite which is a server-less engine. I'm new on all this client/server story.
Summarizing my goal: I need to read/write from/into a PosgreSQL database from different computers. Those computers (all with Windows 7 or 10 installed) share the same network but I cannot install any software on them.
My idea was to download the portable PostgreSQL server and save it in a network shared directory (e.g. Y:\PortableProject) so all computers have access to the executable files and to the Data folder containing the databases. Suppose the network IP is 192.170.1.200 (from ipconfig command), here are the steps I tried to do so far:
In order to allow IP 192.170.1.200 being a host, open pg_hba.conf file and add the following line in the EOF
host all all 192.170.1.200/32 trust
In order to give permission to all computers accessing the server, open postgresql.conf and update listen_addresses to *
listen_addresses = '*'
Open the command prompt in one computer (e.g. computer A) and start the server from a prompt with the following command:
"Y:\PortableProject\PostgreSQLPortable\App\PgSQL\bin\pg_ctl.exe" start -D "Y:\PortableProject\PostgreSQLPortable\Data\data"
Proceed with writing and reading in all computers. E.g., on computer B, open its prompt command and read all information on table tabtest from database dbtest (supposing they exist) with the command:
"Y:\PortableProject\PostgreSQLPortable\App\PgSQL\bin\psql.exe" -h 192.170.1.200 -p 5432 -U postgres -d dbtest -c "SELECT * FROM tabtest"
Close the connection on computer A:
"Y:\PortableProject\PostgreSQLPortable\App\PgSQL\bin\pg_ctl.exe" stop -D "Y:\PortableProject\PostgreSQLPortable\Data\data"
The problem occurs on step 4. Even if I run it from computer A, I get the following error
psql: could not connect to server: Connection refused (0x0000274D/10061)
Is the server running on host "192.170.1.200" and accepting
TCP/IP connections on port 5432?
Am I doing it completely wrong? Is it even possible to reach my goal?
Is the server running on host "192.170.1.200" and accepting TCP/IP connections on port 5432?
That mean the server is running in 192.170.1.200, now you are executing from the server pc or from a different pc?
The pg_hba.conf is to list what other address / users are allow to access that sever.
So if you are access from the same pc you use
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 md5
For external address you use something like
host all all 192.170.1.1/24 trust
This will allow access to pc with the following IP address range. IP Calculator
HostMin: 192.170.1.1
HostMax: 192.170.1.254