Connecting GCP Compute engine to GCP Cloud SQL with PostgreSQL - postgresql

I'm trying to get my GCP Compute Engine instance, Ubuntu 16.04, connected to a GCP Cloud SQL PostgreSQL database.
I've followed all the instructions in the documentation, but when I enter the command to connect to the database:
psql -h [CLOUD_SQL_PUBLIC_IP_ADDR] -U postgres
The result is:
psql: FATAL: Peer authentication failed for user "postgres"
I've done the authentication on both the CloudSQL side and the ComputeEngine side, so I'm not sure why this is going wrong.
The database I'm trying to connect to is in the same project, and the command
gcloud sql instances list
shows the database in the listings. However, the command
sudo -u postgres psql my-db
returns
psql: FATAL: database "my-db" does not exist
The expected result is that a psql connection opens, but instead I get a psql: FATAL: Peer authentication failed for user "postgres".

I've followed the instructions from the documentation you posted and I was able to connect successfully from my Compute Engine instance (Ubuntu 16.04) using a public IP address.
The steps I've followed are documented in "Connecting using a public IP address":
1- Added a static IPv4 IP address to the Compute Engine instance. To do this, navigate to the Cloud console > VPC Network > External IP addresses and click in the button "Reserve static address".
2- Authorize the static IP address of the Compute Engine instance as a network that can connect to the Cloud SQL instance.
3- Connect via SSH button to your Compute Engine instance.
4- Install the psql client:
$ sudo apt-get update
$ sudo apt-get install postgresql-client
5- find the CLOUD_SQL_PUBLIC_IP_ADDR
$ gcloud sql instances list:
6- And connect to the Cloud SQL instance with the psql client making sure both user and database do exist:
$ psql -h [CLOUD_SQL_PUBLIC_IP_ADDR] -U [USER] -d [DATABASE]
Also, the command below worked fine for me:
$ psql [USER] -h [CLOUD_SQL_PUBLIC_IP_ADDR] -d [DATABASE]
Then you will be asked for the user's password and voilà.
Could you please try following the instructions above to verify if it works fine for you?
Did you configure an encrypted connection before using SSL?

Related

psql: FATAL: PAM authentication failed for user " " aws rds Postgresql

I want to connect to aws rds POSTGRESQL in dev from my own computer.
I followed all the steps on how to do it from bunch of articles:
https://aws.amazon.com/premiumsupport/knowledge-center/rds-postgresql-connect-using-iam/
https://aws.amazon.com/blogs/database/using-iam-authentication-to-connect-with-pgadmin-amazon-aurora-postgresql-or-amazon-rds-for-postgresql/.
The problem is if I create the database in aws console interface, I am able to log in ONLY once.
psql -h database.xxxxxxxx.us-west-2.rds.amazonaws.com -U user_name -d database
Other times I try to log in with the same any other command, I get
psql: FATAL: PAM authentication failed for user "user_name"
First and only time I login, I create a user
CREATE USER user_name WITH LOGIN;
GRANT rds_iam TO user_name;
All other attempts including the other steps logging with the iam token etc, I get an error:
psql: FATAL: PAM authentication failed for user "user_name"
If I delete the database from aws console interface and then create a brand new one, I am able to log in only ONCE and and then get the error no matter what I do.
nc Command gives me Connection succeeded at all times I run it:
nc -zv DB-instance-endpoint port
The commands I am using :
export RDSHOST="database.xxxxxxxx.us-west-2.rds.amazonaws.com"
export PGPASSWORD="$(aws rds generate-db-auth-token --hostname $RDSHOST --port 5432 --region us-west-2 --username user_name)"
I get the error if I use the PGPASSWORD in pgAdmin window.
Also, I am trying to connect from the the terminal either mine or ssh into ec2, I use this command:
psql "host=$RDSHOST port=5432 sslmode=verify-full sslrootcert=./rds-combined-ca-bundle.pem dbname=database user=user_name"
and I still get the same error
psql: FATAL: PAM authentication failed for user "user_name"
or
If I use another command, without the .pem certificate
psql --host=database.xxxxxxxx.us-west-2.rds.amazonaws.com --port=5432 --username=user_name --password --dbname=database
Then it asks me for a password and Then I get this error
psql: error: FATAL: PAM authentication failed for user "user_name"
FATAL: pg_hba.conf rejects connection for host "222.22.22.22", user "user_name", database "database", SSL off
"222.22.22.22" is My Ip, I changed it of course.
I attached all the required and all the RDS access Policies to my user and still getting this error.
I am just no sure what to do at this point as I went through every single article and cannot find a solution.
I had a similar problem and after some playing around with psql utility I found the reason for these errors. You shall export your temporary database password/token to shell of the machine/service etc where the connection will be initiated from.
So, if psql connection is initiated from Bastion, the below command should also be run on the same Bastion server.
export PGPASSWORD="$(aws rds generate-db-auth-token --hostname $RDSHOST --port 5432 --region us-west-2 --username user_name)"
or generate it elsewhere and export its value as
export PGPASSWORD="temporary_token_generated_for_user_name"
With this exported $PGPASSWORD variable, it psql should connect straight away, without promting for any additional passwords
I found the solution finally. So if anyone has the same issue and goes nuts about it, here is the solution:
If everything is working as I described above and the only error you get is PAM.. then:
your config file is not properly set up. It does not have the username you are trying to connect, the region, and the keys.
~/.aws/config
[profile PROFILE_NAME]
output=json
region=us-west-1
aws_access_key_id=foo
aws_secret_access_key=bar
Here is the link to the question on how to set it up:
AWS : The config profile (MyName) could not be found

Cannot connect to Cloud SQL Proxy

I'm trying to use Cloud SQL Proxy for my Kubernetes project.
I follow the guide of Elixir and Phoenix. Under Connect to your Cloud SQL instance, that guide says that running cloud_sql_proxy -dir=/tmp/cloudsql and psql -h /tmp/cloudsql/[CONNECTION-NAME] -U postgres will open the proxy.
So I tried to make a new directory with these commands below.
mkdir -p /tmp/cloudsql
chmod +x /tmp/cloudsql
and then I tried to connect to Cloud SQL Proxy.
cloud_sql_proxy -dir=/tmp/cloudsql/ 16:47
2020/10/30 16:47:50 Rlimits for file descriptors set to {&{xxxx xxxxxxxxxxxxxxxxxxx}}
2020/10/30 16:47:51 Using gcloud's active project: [instance-id]
2020/10/30 16:47:54 Listening on /tmp/cloudsql/instance-id:region:instance-name for instance-id:region:instance-name
2020/10/30 16:47:54 Ready for new connections
To connect the proxy, I opened another terminal and entered this psql command but failed.
psql -U postgres -h /tmp/cloudsql/instance-id:region:instance-name
psql: error: could not connect to server: could not connect to server: Not a directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/cloudsql/instance-id:region:instance-name/.s.PGSQL.5432"?
What should I do additionally for connecting to the proxy?
from what I see you are passing a wrong connection name
wrong --> instance-id:region:instance-name
correct --> PROJECT_ID:region:instance-name
You can find the connection name from the
console --> Cloud SQL --> INSTANCE --> Connect to this instance --> Connection name

psql server ssh tunneling authentication failure

I'm trying to connect to a psql database on a remote server.
So I ssh tunnel into the remote server with port forwarding as below
ssh -L 7777:psqlServerHost.com:5432 me#remoteServerHost.com
Unfortunately using this method I'm unable to authenticate properly when I try the below command on separate terminal on my local
psql -h localhost -p 7777 -U user database
I would get
FATAL: password authentication failed for user
However if I were to directly ssh into me#remoteServerHost.com I would be able to connect to the database with the same credentials using the below command
psql -h psqlServerHost.com -U user database
I imagine this is probably a configuration file somewhere that I've missed, but I can't seem to find any similar queries that are helpful on the internet.

pgAdmin4: Unable to connect to Amazon EC2 via SSH Tunnel

I have Amazon EC2 instance running Ubuntu. I have installed and configured PostgreSQL.
Contents of the file /etc/postgresql/9.3/main/pg_hba.conf:
local all all md5
host all all 0.0.0.0/0 md5
Also in postgresql.conf
I have set listen_addresses='*'.
The test command below is successfully starting psql console.
psql -U postgres testdb
Now I am trying to connect pgAdmin4 from MacOS.
I have created a SSH tunnel with following command:
ssh -i ~/.ssh/test.pem -fN -L 5433:localhost:5432 ubuntu#mytestdomain.com
Now I have following details in pgAdmin:
When I save, I get this output:
Unable to connect to server: server closed the connection unexpectedly. This probably means the server terminated abnormally before or while processing the request.
What am I doing wrong ?
Here is the solution,
install pgadmin 4 into your system. and configure the below-added configurations. if the below configurations do not work then please check that DB user permissions on AWS. because of the restriction on IP level so it may not be able to access.

Openbravo postgres installation

I am trying to get a copy of Openbravo on Ubuntu for development. I am following the official guide and I get stuck by a Postgres error.
I have successfully downloaded the source code through the mercurial commands. ant setup also worked for me.
When I run the Wizard I write this information.
The problem comes when I run ant install.source:
BUILD FAILED
/home/User/openbravo/build.xml:734: The following error occurred while executing this line:
/home/User/openbravo/src-db/database/build-create.xml:50: The following error occurred while executing this line:
/home/marcguilera/openbravo/src-db/database/build-create.xml:77: org.postgresql.util.PSQLException: Connection refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:136)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:66)
at org.postgresql.jdbc2.AbstractJdbc2Connection.<init>(AbstractJdbc2Connection.java:125)
at org.postgresql.jdbc3.AbstractJdbc3Connection.<init>(AbstractJdbc3Connection.java:30)
The stacktrace is longer.
I)
First we need to change the PostgreSQL postgres user password else we will not be able to access the server. As the “postgres” Linux user, we will execute the psql commands below.
In a terminal, type:
$ sudo -u postgres psql postgres
Set a password for the "postgres" database role using the command:
\password postgres
II) Create database
To create the first database, which we will call leo, simply type:
sudo -u postgres createdb leo
III) install Server Instrumentation (for PgAdmin) for Postgresql 9.1
PgAdmin requires the installation of an add-on for full functionality. The "adminpack" addon, which it calls Server Instrumentation, is part of postgresql-contrib, so you must install that package.
Then to activate the extension,
For "Postgresql 9.1"+ install the adminpack "extension" in the "postgres" database:
$ sudo -u postgres psql
then
CREATE EXTENSION adminpack;
IV) Using pgAdmin III GUI
To get an idea of what PostgreSQL can do, you may start by firing up a graphical client. In a terminal type :
pgadmin3
You will be presented with the pgAdmin III interface.
* Click on the "Add a connection to a server" button (top left).
In the new dialog:
enter the address **127.0.0.1**
host is **jdbc:postgresql://localhost:5432/postgres**
the default database ("leo" in the example above)
your username ("postgres") and your password.
One more step is required in order to allow pgAdmin III to connect to the server, and that is to edit pg_hba.conf file and change the authentication method from peer to md5 (Will not work if you have not set the password.):
sudo nano /etc/postgresql/9.1/main/pg_hba.conf
and change the line
# Database administrative login by Unix domain socket
local all postgres peer
to
# Database administrative login by Unix domain socket
local all postgres md5
Now you should reload the server configuration changes and connect pgAdmin III to your PostgreSQL database server.
sudo /etc/init.d/postgresql reload
With this GUI you may start creating and managing databases, query the database, execute SQl etc.
https://help.ubuntu.com/community/PostgreSQL
v) Run openbravo with postgres
Just adjust the db name, user name and the passwords.
Hope that helps.