I'm using Docker on Windows to use in local a postgres database. I made two docker container: one for the database called pg and another called pgadmin with pgadmin4.
After inspected pg, I connected pgadmin4 in 172.17.0.3:5432 and it works.
Now time to code but...
psycopg2.OperationalError: could not connect to server: Connection timed out (0x0000274C/10060)
Is the server running on host "172.17.0.3" and accepting
TCP/IP connections on port 5432?
I read a lot of questions like that, but i can't figure it out. Doesn't seem, to me, like a problem generated in pg_hba.conf for the denied connection, because in this case pgadmin should not work, right?
(But if is a problem with pg_hba.conf where I can find it? In the docker installation folder I did't find it)
I put my python code here but don't seems the problem:
conn = psycopg2.connect(
database = 'example',
user = 'username',
password = 'secretpassword',
host = '172.17.0.3', # default port is 5432 so it's not necessary
)
Upgrade edit:
I found the configurations
In postgresql.conf the listen_addresses = '*', that is correct.
In pg_hba.conf:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
You could use docker run and the --expose parameter to expose your ports, on each container.
Another command you can run is docker network connect which allows you to connect a container to a network, so if two containers are on the same network, they should be able to communicate with each other.
The usage is docker network connect [OPTIONS] NETWORK CONTAINER
One advantage of using the docker network create command is to be able to create an --ip-range so to specify ip addresses to be used on the network.
Afterwards you can assign a container to have a specific ip address, docker network connect. If the container was not on the network for example, the ip address would not be reassigned to another container on the network.
More information in the docker documentation,
https://docs.docker.com/engine/reference/commandline/network_connect/
Related
I created a postgres docker image on top of the official image to copy my own pg_hba.conf into it, because I need to disable listening on IPv6 :
FROM postgres:13
COPY pg_hba.conf /etc/
Afterwards I run the container using the following docker-compose.yaml:
postgres:
image: custom-postgres
command: postgres -c hba_file="/etc/pg_hba.conf"
But postgres still tries listening on the none existent IPv6 socket. What am I doing wrong? This is my pg_hba.conf:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
But I get the feeling it is not beeing used as I can see that the default pg_hba.conf is still created in /var/lib/postgresql/data
If you want to shape what interface(s) the Postgres server listens on you need to use the listen_addresses in postgresql.conf. To restrict to IPv4 then set to 0.0.0.0. See documentation link for more options. pg_hba.conf is used to control client access to a server. It does not control what interface the server listens on.
PostgreSQL 13 is running on a remote machine in a docker container. I can't get access to it remotely in any way, the error is
no pg_hba.conf entry for host,
ssl is disabled.
Connect from the local machine by the host name localhost or 127.0.0.1 is excellent. But if I set a own IP of the current server 192.168.1.102 - I am getting the error. And from any remote machine it is the same
postgresql.conf
listen_addresses = '*'
pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
#host all all 127.0.0.1/32 trust
host all all all trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all ::1/128 trust
host all all all md5
I did a container restart and the postgres user has a password
Thanks
Try use
docker run --publish=192.168.1.102:<exposed-port>:<container-port> postgresql-image
Also make sure you can ping to IP from other PC. Firewalls, Virus guards etc should check.
There are a great number of solutions described here
I am running postgresql 11.2 inside docker containers.
While preparing the master and standBy PostgreSQL instances for streaming replication, I have enabled archiving on the master server. After this I need to run the pg_basebackup command on the standBy server to take a backup from master to standBy.
No matter what I do, I am facing the same error:
pg_basebackup: could not connect to server: FATAL: no pg_hba.conf entry for replication connection from host "10.244.0.1", user "repluser", SSL off
Commands I am running using postgres user, inside the docker container running standBy server, are:
pg_basebackup -h 10.0.0.1 -D /data/postgres -U repluser -v -P --wal-method=stream
OR
pg_basebackup -h 10.0.0.1 -U repluser -Ft -D /data/postgres
(Please assume 10.0.0.1 is my master server's IP and 10.0.0.2 is my standBy server's IP. They are in same subnet)
The pg_hba.conf file on the master server looks like this:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
host all all all md5
# TYPE DATABASE USER ADDRESS METHOD
host replication repluser 10.0.0.2/32 trust
Postgresql has told you what the problem is. Add "10.244.0.1" to the pg_hba for replication (unless you think that that is the IP address of an MITM attacker).
Maybe you think the IP address is 10.0.0.2, but PostgreSQL does not. If the host machine is NATing the outside world for the virtual machine inside it, then the connection will look like it is coming from the host machine so that is what IP address you need to use. But of course, this means IP restriction implemented in pg_hhba doesn't provide much security since all connections might appear to come from the same place, you have to implement the restriction at the host level instead, or use a different method of authentication than just IP restriction. You might also be able to change your VM set up so it has the network bridge rather than NAT.
I followed this tutorial.
I managed to set up everything and do exactly as it was mentioned in the tutorial.
But when I tried to connect to it using PGADMIN 4, i get connection time and out and I was never able to fix it.
then I found this link, which has the following command:
sudo -i -u postgres
psql
\conninfo
then I cans see the following message:
You are connected to database "postgres" as user "postgres" via socket in "/var/run/postgresql" at port "5432".
So I dont understand what is wrong now and when I type:
sudo nano ../../etc/postgresql/9.3/main/pg_hba.conf
to see the content of the file and I put my password, its not being accepted.
Then I restart everything by closing the window and open it again, then I can check out the file:
# If you change this first entry you will need to make sure that the
# database superuser can access the database using some other method.
# Noninteractive access to all databases is required during automatic
# maintenance (custom daily cronjobs, replication, and similar tasks).
#
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
# IPv4 remote connections for the tutorial:
#host all all 127.0.0.1/32 md5
#host all all 35.196.55.208/32 md5
host all all all md5
The last 4 lines I've added to fix the problem, but nothing yet.
What am I doing wrong? I'm looking at many tutorials, and also several pages from Stack Overflow but still nothing!
You have not provided permission to connect remotely.
In the given tutorial, Connecting remotely section it is clearly mentioned that you need to provide your IP address in the pg_hba.conf file.
Replace [YOUR_IPV4_ADDRESS] with the address of your local computer.
Also, In the Instances page in the Google Cloud Platform Console, click the
instance to open its Overview page. Select the Authorization tab.
Under Authorized networks, click Add network and enter the IP address
of the client machine where your client is installed. Click Done, then
click Save at the bottom of your page to save your changes. Connect to
your instance, either with SSL or without SSL.
Provide your IP address in the pg_hba.conf file, Restart Postgres service and try again.
In postgresql.conf I have:
listen_addresses = "*"
My pg_hba.conf looks like:
local all postgres md5
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
#host all all myIPADDRESS md5
If I uncomment the last line
pgadmin says it cannot access and to make sure whether the port is accessible. I have flushed the iptables to have no rules, so the firewall is not stopping it.
local access to the database from my scripts is not working
With the last line commented:
pgadmin says that no pg_hba.con entry for my IP address
I am able to access the database locally on the server from my scripts
What am I missing to make the configuration right?
Thanks.
Looking at this post. After adding to pg_hba.conf:
host all all ::/0 trust
host all all my.ipv4.IP/32 trust
It works now.
Not sure if order is important in pg_hba.conf but, I put mine at top and also tried with and without IP and both worked.
Had same problem with psql via command line connecting and pgAdmin not connecting on RDS with AWS. I did have my RDS set to Publicly Accessible. I made sure my ACL and security groups were wide open and still problem so, I did the following:
sudo find . -name *.conf
then sudo nano ./data/pg_hba.conf
then added to top of directives in pg_hba.conf file host all all 0.0.0.0/0 md5
and pgAdmin automatically logged me in.
This also worked in pg_hba.conf file
host all all md5 without any IP address and this also worked with my IP address host all all <myip>/32 md5
As a side note, my RDS was in my default VPC. I had an identical RDS instance in my non-default VPC with identical security group, ACL and security group settings to my default VPC and I could not get it to work. Not sure why but, that's for another day.