I use VM with Ubuntu Server 20.04 LTS where I set up the next Docker network:
[
{
"Name": "my-net",
"Id": "d06d15cbc443df8565b76e30aa13da05e26cd3bfc8d33551020d2ce3fe94a118",
"Created": "2022-05-29T22:08:12.618759894Z",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"119b4767f4ec8fc7b5d8adcaab1a71999df2f79b32a02f8ba1a66270c7531a70": {
"Name": "server",
"EndpointID": "4c8cb2a54a82b0092dd677cdf8ce9264812b4f3e31bef59c723a085928cb0441",
"MacAddress": "02:42:ac:12:00:03",
"IPv4Address": "172.18.0.3/16",
"IPv6Address": ""
},
"c55c205642ebe8f5eb511af071a6f3183277d871ed4b66df9e00fe53e6eb9c54": {
"Name": "sso",
"EndpointID": "aff4f8ddfea45d718d73ba609f035ac871d3633ee7c47d318cb84a757f92e9ed",
"MacAddress": "02:42:ac:12:00:02",
"IPv4Address": "172.18.0.2/16",
"IPv6Address": ""
},
"cf80d38ab854f9d8fdb66129632a38fce575fc47de1044088871ff8a6e67016a": {
"Name": "gateway",
"EndpointID": "c98bd162d5383ff3e46753c0c9c4101a87dd189af8c0144bf999b64cf63691be",
"MacAddress": "02:42:ac:12:00:04",
"IPv4Address": "172.18.0.4/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
I need to connect from the sso container to PostgreSQL instance on the host machine localhost:5432 (just default).
Below is pg_hba.conf:
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
NB! PostgreSQL is not available from outer network (it was so by default), if I will connect to my VM by IP address, the connection will be refused (I need it, I don't want to my database was visible for the Internet).
I run sso container by the next command:
docker run --name sso \
--network my-net \
--add-host host.docker.internal:host-gateway \
-e DB_URL=jdbc:postgresql://host.docker.internal:5432/sso?user=my_user&password=my_password \
-d sso:latest
Also I've tested a connection to my database from DBeaver using SSH tunnel, everything works.
However, when I send a request to sso it crashes with error:
com.zaxxer.hikari.pool.HikariPool$PoolInitializationException: Failed to initialize pool: Connection to host.docker.internal:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at com.zaxxer.hikari.pool.HikariPool.throwPoolInitializationException(HikariPool.java:596)
at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:582)
at com.zaxxer.hikari.pool.HikariPool.<init>(HikariPool.java:100)
at com.zaxxer.hikari.HikariDataSource.<init>(HikariDataSource.java:81)
at com.kleinstein.sso.data.gateways.db.DatabaseGateway.<init>(DatabaseGateway.kt:27)
at com.kleinstein.sso.DependencyInjectionKt.initDatabase(DependencyInjection.kt:47)
at com.kleinstein.sso.DependencyInjectionKt$installDi$1$2$1.invoke(DependencyInjection.kt:20)
at com.kleinstein.sso.DependencyInjectionKt$installDi$1$2$1.invoke(DependencyInjection.kt:20)
at org.kodein.di.bindings.Singleton$getFactory$1$1$1.invoke(standardBindings.kt:134)
at org.kodein.di.bindings.SingletonReference.make(references.kt:34)
at org.kodein.di.bindings.Singleton$getFactory$1$1.invoke(standardBindings.kt:134)
at org.kodein.di.bindings.Singleton$getFactory$1$1.invoke(standardBindings.kt:134)
at org.kodein.di.bindings.StandardScopeRegistry.getOrCreate(scopes.kt:66)
at org.kodein.di.bindings.Singleton$getFactory$1.invoke(standardBindings.kt:134)
at org.kodein.di.bindings.Singleton$getFactory$1.invoke(standardBindings.kt:131)
at org.kodein.di.DIContainer$DefaultImpls$provider$$inlined$toProvider$1.invoke(curry.kt:14)
at org.kodein.di.internal.DirectDIBaseImpl.Instance(DirectDIImpl.kt:30)
at com.kleinstein.sso.DependencyInjectionKt$installDi$1$5$1.invoke(DependencyInjection.kt:67)
at com.kleinstein.sso.DependencyInjectionKt$installDi$1$5$1.invoke(DependencyInjection.kt:23)
at org.kodein.di.bindings.Provider$getFactory$1.invoke(standardBindings.kt:89)
at org.kodein.di.bindings.Provider$getFactory$1.invoke(standardBindings.kt:89)
at org.kodein.di.DIContainer$DefaultImpls$provider$$inlined$toProvider$1.invoke(curry.kt:14)
at org.kodein.di.DIAwareKt$Instance$1.invoke(DIAware.kt:209)
at org.kodein.di.DIAwareKt$Instance$1.invoke(DIAware.kt:207)
at org.kodein.di.DIProperty$provideDelegate$1.invoke(properties.kt:57)
at kotlin.SynchronizedLazyImpl.getValue(LazyJVM.kt:74)
at com.kleinstein.sso.presentation.handlers.AuthenticationHandlersKt.installAuthHandlers$lambda-1(AuthenticationHandlers.kt:18)
at com.kleinstein.sso.presentation.handlers.AuthenticationHandlersKt.access$installAuthHandlers$lambda-1(AuthenticationHandlers.kt:1)
at com.kleinstein.sso.presentation.handlers.AuthenticationHandlersKt$installAuthHandlers$1$1$1.invokeSuspend(AuthenticationHandlers.kt:26)
at com.kleinstein.sso.presentation.handlers.AuthenticationHandlersKt$installAuthHandlers$1$1$1.invoke(AuthenticationHandlers.kt)
at com.kleinstein.sso.presentation.handlers.AuthenticationHandlersKt$installAuthHandlers$1$1$1.invoke(AuthenticationHandlers.kt)
at io.ktor.auth.BasicAuthKt$basic$1.invokeSuspend(BasicAuth.kt:81)
at io.ktor.auth.BasicAuthKt$basic$1.invoke(BasicAuth.kt)
at io.ktor.auth.BasicAuthKt$basic$1.invoke(BasicAuth.kt)
at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:248)
at io.ktor.util.pipeline.SuspendFunctionGun.proceed(SuspendFunctionGun.kt:116)
at io.ktor.util.pipeline.SuspendFunctionGun.execute(SuspendFunctionGun.kt:136)
at io.ktor.util.pipeline.Pipeline.execute(Pipeline.kt:78)
at io.ktor.auth.Authentication.processAuthentication(Authentication.kt:235)
at io.ktor.auth.Authentication.access$processAuthentication(Authentication.kt:19)
at io.ktor.auth.Authentication$interceptPipeline$2.invokeSuspend(Authentication.kt:125)
at io.ktor.auth.Authentication$interceptPipeline$2.invoke(Authentication.kt)
at io.ktor.auth.Authentication$interceptPipeline$2.invoke(Authentication.kt)
at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:248)
at io.ktor.util.pipeline.SuspendFunctionGun.proceed(SuspendFunctionGun.kt:116)
at io.ktor.util.pipeline.SuspendFunctionGun.execute(SuspendFunctionGun.kt:136)
at io.ktor.util.pipeline.Pipeline.execute(Pipeline.kt:78)
at io.ktor.routing.Routing.executeResult(Routing.kt:155)
at io.ktor.routing.Routing.interceptor(Routing.kt:39)
at io.ktor.routing.Routing$Feature$install$1.invokeSuspend(Routing.kt:107)
at io.ktor.routing.Routing$Feature$install$1.invoke(Routing.kt)
at io.ktor.routing.Routing$Feature$install$1.invoke(Routing.kt)
at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:248)
at io.ktor.util.pipeline.SuspendFunctionGun.proceed(SuspendFunctionGun.kt:116)
at io.ktor.features.ContentNegotiation$Feature$install$1.invokeSuspend(ContentNegotiation.kt:145)
at io.ktor.features.ContentNegotiation$Feature$install$1.invoke(ContentNegotiation.kt)
at io.ktor.features.ContentNegotiation$Feature$install$1.invoke(ContentNegotiation.kt)
at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:248)
at io.ktor.util.pipeline.SuspendFunctionGun.proceed(SuspendFunctionGun.kt:116)
at io.ktor.util.pipeline.SuspendFunctionGun.execute(SuspendFunctionGun.kt:136)
at io.ktor.util.pipeline.Pipeline.execute(Pipeline.kt:78)
at io.ktor.server.engine.DefaultEnginePipelineKt$defaultEnginePipeline$2.invokeSuspend(DefaultEnginePipeline.kt:127)
at io.ktor.server.engine.DefaultEnginePipelineKt$defaultEnginePipeline$2.invoke(DefaultEnginePipeline.kt)
at io.ktor.server.engine.DefaultEnginePipelineKt$defaultEnginePipeline$2.invoke(DefaultEnginePipeline.kt)
at io.ktor.util.pipeline.SuspendFunctionGun.loop(SuspendFunctionGun.kt:248)
at io.ktor.util.pipeline.SuspendFunctionGun.proceed(SuspendFunctionGun.kt:116)
at io.ktor.util.pipeline.SuspendFunctionGun.execute(SuspendFunctionGun.kt:136)
at io.ktor.util.pipeline.Pipeline.execute(Pipeline.kt:78)
at io.ktor.server.netty.NettyApplicationCallHandler$handleRequest$1.invokeSuspend(NettyApplicationCallHandler.kt:123)
at io.ktor.server.netty.NettyApplicationCallHandler$handleRequest$1.invoke(NettyApplicationCallHandler.kt)
at io.ktor.server.netty.NettyApplicationCallHandler$handleRequest$1.invoke(NettyApplicationCallHandler.kt)
at kotlinx.coroutines.intrinsics.UndispatchedKt.startCoroutineUndispatched(Undispatched.kt:55)
at kotlinx.coroutines.CoroutineStart.invoke(CoroutineStart.kt:112)
at kotlinx.coroutines.AbstractCoroutine.start(AbstractCoroutine.kt:126)
at kotlinx.coroutines.BuildersKt__Builders_commonKt.launch(Builders.common.kt:56)
at kotlinx.coroutines.BuildersKt.launch(Unknown Source)
at io.ktor.server.netty.NettyApplicationCallHandler.handleRequest(NettyApplicationCallHandler.kt:43)
at io.ktor.server.netty.NettyApplicationCallHandler.channelRead(NettyApplicationCallHandler.kt:34)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379)
at io.netty.channel.AbstractChannelHandlerContext.access$600(AbstractChannelHandlerContext.java:61)
at io.netty.channel.AbstractChannelHandlerContext$7.run(AbstractChannelHandlerContext.java:370)
at io.netty.util.concurrent.AbstractEventExecutor.safeExecute(AbstractEventExecutor.java:164)
at io.netty.util.concurrent.SingleThreadEventExecutor.runAllTasks(SingleThreadEventExecutor.java:469)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:503)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:986)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.ktor.server.netty.EventLoopGroupProxy$Companion.create$lambda-1$lambda-0(NettyApplicationEngine.kt:251)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:833)
Caused by: org.postgresql.util.PSQLException: Connection to host.docker.internal:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:319)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:223)
at org.postgresql.Driver.makeConnection(Driver.java:400)
at org.postgresql.Driver.connect(Driver.java:259)
at com.zaxxer.hikari.util.DriverDataSource.getConnection(DriverDataSource.java:121)
at com.zaxxer.hikari.pool.PoolBase.newConnection(PoolBase.java:359)
at com.zaxxer.hikari.pool.PoolBase.newPoolEntry(PoolBase.java:201)
at com.zaxxer.hikari.pool.HikariPool.createPoolEntry(HikariPool.java:470)
at com.zaxxer.hikari.pool.HikariPool.checkFailFast(HikariPool.java:561)
... 87 common frames omitted
Caused by: java.net.ConnectException: Connection refused
at java.base/sun.nio.ch.Net.pollConnect(Native Method)
at java.base/sun.nio.ch.Net.pollConnectNow(Net.java:672)
at java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:542)
at java.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:597)
at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:327)
at java.base/java.net.Socket.connect(Socket.java:633)
at org.postgresql.core.PGStream.createSocket(PGStream.java:241)
at org.postgresql.core.PGStream.<init>(PGStream.java:98)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:109)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:235)
... 96 common frames omitted
Where can the problem be? Unfortunately, I am bad in networking.
P.S. If PostgreSQL is yet one Docker container, all works, also everything works on my local machine (without Docker).
Finally I realised how to fix my problem.
First, I had a look at my Docker network... At these strings:
"Subnet": "172.18.0.0/16",
"Gateway": "172.18.0.1"
It means Docker must define a new network interface on my host machine. Let's check by command ip address show:
98: br-d06d15cbc443: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:78:ab:0f:d2 brd ff:ff:ff:ff:ff:ff
inet 172.18.0.1/16 brd 172.18.255.255 scope global br-d06d15cbc443
valid_lft forever preferred_lft forever
inet6 fe80::42:78ff:feab:fd2/64 scope link
valid_lft forever preferred_lft forever
Really, there is our interface. Well, it means we need to allow PostgreSQL to accept connections from this subnet.
There are two variants (/etc/postgresql/12/main/postgresql.conf file):
Set listen_address to my-net gateway IP but I won't be able to connect using DBeaver with SSH Tunnel (it's convenient)
Set listen_address to all * addresses but everyone will be able to connect to our PostgreSQL from outer network.
Fortunately, PostgreSQL has yet one configuration file: /etc/postgresql/12/main/pg_hba.conf where we can restrict allowed subnets. Great! Then set listen_address to * and edit pg_hba.conf as below:
# IPv4 local connections:
# my-net subnet
host all all 172.18.0.1/16 md5
# localhost to use SSH Tunnel in DBeaver
host all all 127.0.0.1/32 md5
Send a request to sso and Whoalya! It works!
Last step, check a direct connection to database from outer network:
FATAL: no pg_hba.conf entry for host "xx.xx.xx.xx", user "my_user", database "sso", SSL on
Profit!
P.S. I am not sure if it's secure and optimal solution but it's better than to open DBMS for all Internet. I hope this answer will help a someone who is the same noobie in networking as me.
Related
I use flink cdc 2.0.0 to connect to postgresql in vmware.
I can connect to mysql in VM and do the SELECT in my code. But I can't do the same to postgres. And it throw an exception 'FATAL: no pg_hba.conf entry for host "192.168.42.1", user "postgres", database "mydb", SSL off error'
Caused by: org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry for host "192.168.42.1", user "postgres", database "mydb", SSL off error
at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:525)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:146)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:197)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:49)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:217)
at org.postgresql.Driver.makeConnection(Driver.java:458)
at org.postgresql.Driver.connect(Driver.java:260)
at io.debezium.jdbc.JdbcConnection.lambda$patternBasedFactory$1(JdbcConnection.java:231)
at io.debezium.jdbc.JdbcConnection.connection(JdbcConnection.java:872)
at io.debezium.jdbc.JdbcConnection.connection(JdbcConnection.java:867)
at io.debezium.connector.postgresql.TypeRegistry.<init>(TypeRegistry.java:122)
... 8 more
Suppressed: org.postgresql.util.PSQLException: FATAL: no pg_hba.conf entry for host "192.168.42.1", user "postgres", database "mydb", SSL off error
at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:525)
at org.postgresql.core.v3.ConnectionFactoryImpl.tryConnect(ConnectionFactoryImpl.java:146)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:206)
... 16 more
I have modified the settings in pg_hba.conf and postgresql.conf:
host all all all trust # at the bottom of the file
listen_addresses = '*'
And it's weird that there's no problem using the database tool DBeaver, this can create and select...
Here's my code:
DebeziumSourceFunction<String> source = PostgreSQLSource.<String>builder()
.hostname("192.168.42.130")
.port(5432)
.username("postgres")
.password("123456")
.database("mydb")
.schemaList("public")
.tableList("big_data_public.public.user")
.deserializer(new StringDebeziumDeserializationSchema())
.build();
The ip '192.168.42.130' is the ip of my VM.
The ip '192.168.42.1' is the ip of VMware Network Adapter VMnet8.(I don't understand why the code throw an exception with this IP)
I have 2 ubuntu-20.04 VM on VMWARE with Postgres 12 installed on each
pgprimary on ip 192.168.1.131
pgbackup on ip 192.168.1.130
barman CLI tools are installed on pgprimary
barman is installed on pgbackup
I want to backup data from pgprimary on pgbackupsame 2 users as Postgress users
on each machine I created
2 Linux sudoist users
useradd barman
useradd streaming_barman
also created the same two user as Postgress users
createuser --superuser --replication -P barman
createuser --superuser --replication -P streaming_barman
here are relevant parts on the configuration files
On pgprimary
postgressql.conf
listen_addresses = '*' # what IP address(es) to listen on;
port = 5432
archive_mode = on
archive_command = 'cp %p /var/lib/postgresql/12/arc/%f'
wal_level = replica
restore_command = 'cp /var/lib/postgresql/12/arc/%f %p'
recovery_target_time = '2021-03-24 16:18:11.319298+05:30'
recovery_target_inclusive = false
pg_hba.conf
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
#local replication all peer
#host replication all 127.0.0.1/32 md5
#host replication all ::1/128 md5
# FOR TESTING
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
also did
firewall-cmd --permanent --add-port=5432/tcp
firewall-cmd --reload
========================
con
On pgbackup
sudo cat <<'EOF' >> /etc/barman.d/pgprimary.conf
[pgprimary]
description = "Example of PostgreSQL Database (Streaming-Only)"
conninfo = host=192.168.1.131 user=barman dbname=training
streaming_conninfo = host=192.168.1.131 user=streaming_barman dbname=training
backup_method = postgres
streaming_archiver = on
slot_name = barman
create_slot = auto
EOF
pg_hba.conf
cat <<'EOF' >>~/.pgpass
pgprimary:*:*:barman:barman
pgprimary:*:*:streaming_barman:barman
EOF
Then I did
barman cron
Output
Starting WAL archiving for server pgprimary
Starting streaming archiver for server pgprimary
barman check pgprimary
Then I get this error
[13643] barman.utils WARNING: Failed opening the requested log file. Using standard error instead.
Server pgprimary:
2021-10-30 21:39:15,982 [13643] barman.server ERROR: Check 'WAL archive' failed for server 'pgprimary'
WAL archive: FAILED (please make sure WAL shipping is setup)
2021-10-30 21:39:37,006 [13643] barman.postgres WARNING: Error retrieving PostgreSQL status: connection to server at "192.168.131" (192.168.0.131), port 5432 failed: Connection refused
2021-10-30 21:39:58,021 [13643] barman.server ERROR: Check 'check timeout' failed for server 'pgprimary'
check timeout: FAILED (barman check command timed out)
Why cannot connect barman to the server ?
UPDATE:
psql -h 192.168.1.131 -U barman -d training
Password for user barman:
psql (12.8 (Ubuntu 12.8-0ubuntu0.20.04.1))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.
I also can connect to server via netstat
I've got a mongos router running on amazon ECS in an EC2 machine, and also hosted on a route53 hosted zone.
The thing is that I can reach the mongos service via HTTP with the record name:
https://mongos-router.awsqa.xxx.net/
With the response:
It looks like you are trying to access MongoDB over HTTP on the native
driver port.
Which means that mongos is running correctly.
The ecs logs I get shows its running correctly also.
But trying to connect to it via mongo command:
$ mongo --host mongos-router.awsqa.xxx.net
MongoDB shell version v4.4.4
connecting to: mongodb://mongos-router.awsqa.xxx.net:27017/?compressors=disabled&gssapiServiceName=mongodb
Error: couldn't connect to server mongos-router.awsqa.xxx.net:27017, connection attempt failed: NetworkTimeout: Error connecting to mongos-router.awsqa.xxx.net:27017 (xx.xxx.xx.xx:27017) :: caused by :: Socket operation timed out :
connect#src/mongo/shell/mongo.js:374:17
#(connect):2:6
exception: connect failed
exiting with code 1
I've confirmed that the container port is correct also:
"portMappings": [
{
"hostPort": 0,
"protocol": "tcp",
"containerPort": 27017
}
],
a part of mongos.conf file:
net:
bindIp: 0.0.0.0
port: 27017
Dockerfile final command:
CMD [ "mongos", "--config", "/etc/mongos.conf" ]
Any idea at all to what is causing this network timeout error will be helpful
I am trying to create master slave replication physically with postgresql11 in debian10. I got same errors from different linux dists so is it something related making the replication in same computer? Or something related with master-slave accounts ?
root#dlp:~# vi /etc/postgresql/11/main/postgresql.conf
listen_addresses = '*'
wal_level = replica
synchronous_standby_names = '*'
wal_keep_segments = 10
I configured the pg_hba.conf as follows:
#host replication all 127.0.0.1/32 md5
#host replication all ::1/128 md5
host replication rep_user 127.0.0.1/32 trust
host replication rep_user 10.0.0.30/32 trust
host replication rep_user 10.0.0.51/32 trust
After this segment:
#i didnt create new user as node1 i just used my root/postgres account for all the processes
root#node01:~# systemctl stop postgresql
root#node01:~# rm -rf /var/lib/postgresql/11/main/*
root#node01:~# su - postgres
postgres#node01:~$ pg_basebackup -R -h dlp.srv.world -U rep_user -D /var/lib/postgresql/11/main -P
I got the following error:
pg_basebackup: could not connect to server: could not connect to server: Connection refused
Is the server running on host "dlp.srv.world" (180.43.145.38) and accepting
TCP/IP connections on port 5432?
also in the root account postgres is working fine but i doest show that port 5432 listening?
netstat -nlt
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN
tcp6 0 0 ::1:631 :::* LISTEN
when i check the status of "postgresql" is says active but when i type :
systemctl status postgresql#11-main
Dec 14 06:20:52 debian postgresql#11-main[6260]: Error: /usr/lib/postgresql/11/bin/pg_ctl /
Dec 14 06:20:52 debian postgresql#11-main[6260]: pg_ctl: directory "/var/lib/postgresql/11/
Dec 14 06:20:52 debian systemd[1]: postgresql#11-main.service: Can't open PID file /run/pos
Dec 14 06:20:52 debian systemd[1]: postgresql#11-main.service: Failed with result 'protocol
Dec 14 06:20:52 debian systemd[1]: Failed to start PostgreSQL Cluster 11-main.
i got that error.
I have setup mongodb on a Google cloud compute instance and am trying to connect to it remotely. My mongod.conf file looks like this:
# mongod.conf
# for documentation of all options, see:
# http://docs.mongodb.org/manual/reference/configuration-options/
# Where and how to store data.
storage:
dbPath: /var/lib/mongodb
journal:
enabled: true
# engine:
# mmapv1:
# wiredTiger:
# where to write logging data.
systemLog:
destination: file
logAppend: true
path: /var/log/mongodb/mongod.log
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0
#processManagement:
security:
authorization: 'enabled'
I have setup a firewall rule in my Google Cloud console that tags the instance and opens tcp:27017 for ip ranges 0.0.0.0/0.
Checking on the port 27017 it looks like mongo is listening:
sudo netstat -tulpn | grep 27017
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN 3781/mongod
Overall it also seems like port 27017 is open:
netstat --listen
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:27017 *:* LISTEN
...
On the instance I setup an admin database with admin user:
>use admin
>db.createUser(
{
user: 'admin',
pwd: 'somepass',
roles: [{ role: "userAdminAnyDatabase", db: "admin" }]
}
)
I also setup a user for a test database:
>use test
>db.createUser(
{
user: 'tester',
pwd: 'apassword',
roles: [{ role: "readWrite", db: "test" },
{ role: "read", db: "reporting" }]
}
)
This user works locally:
>use test
>db.auth('tester', 'apassword')
1
However when I try to connect remotely it fails:
$ mongo -u tester -p apassword 12.345.67.890/test
MongoDB shell version v3.4.1
connecting to: mongodb://12.345.67.890/test
2017-11-14T12:47:07.369-0700 W NETWORK [main] Failed to connect to 12.345.67.890:27017 after 5000ms milliseconds, giving up.
2017-11-14T12:47:07.370-0700 E QUERY [main] Error: couldn't connect to server 12.345.67.890:27017, connection attempt failed :
connect#src/mongo/shell/mongo.js:234:13
#(connect):1:6
exception: connect failed
I'm not a networking expert so I've pretty much exhausted my knowledge at this point and don't know how to proceed.
Am I missing something in mongod.conf? Did i setup the firewall incorrectly? Any help is appreciated.
I came up with a solution for this, but I'm unclear why it works and not my original approach.
My instance has http/https enabled. This uses the firewall rules default-allow-http and default-allow-https. These rules enable connections from anywhere (0.0.0.0/0) through tcp ports 80 and 443 respectively. I edited the http rule and added tcp port 27017.
Now I can connect to the server.
As a test, I reset the http rule and added another rule applied to all instances opening up tcp:27017 to 0.0.0.0/0. Essentially everything is the same as the http rule save for the name and the target tags. With this change I cannot connect to the server.
It seems rather strange and it doesn't feel like an intended behavior, unless my understanding of the firewall rules in incomplete.
In the end it looks like either setting up mongo to use one of the http/https ports or adding port 27017 to those rules is the way to go.