AWS instance connection refused restored db instance - postgresql

I cannot connect to a restored rds instance.
I create a new rds instance by restoring_from_snapshot.
It copies all settings except the security group so I modify it after boot.
Now I cannot get psql to connect to 5432 on the endpoint.
Despite identical settings
old working instance (can be access is in live usage)
new test instance based on snapshot
I have the exact same settings on both instances. The new instance starts with the default vpc sec group but I modified it to have the same.
The Instance also had many hours trying to propagate dns info. I have been trying the whole day to fix this.
What could I have possibly missed here.
The difference between the old(live) and new(test) is that the latter has no Multi AZ, no Backups, no Minor Version Upgrade. Ports are all default postgres 5432
psql response is that it asks for password with the new it says
psql: could not connect to server: Connection refused
Is the server running on host "**********.eu-central-1.rds.amazonaws.com" (**.**.**.**) and accepting
TCP/IP connections on port 5432?

It seems our company firewall won't let me out on port 5432.

Related

Apache Superset remote connection to PostgreSQL database: Can't determine Superset IP

I'm running a Superset instance via Docker on a MacBook Air (2019, v11.5.2, Intel i5). I'm trying to set up a remote connection to a PostgreSQL database via an AWS endpoint. I entered the credentials via the dynamic form, as such:
HOST: {dbalias}.{xyz}.us-east-1.rds.amazonaws.com
PORT: 5432
DATABASE: {dbname}
USERNAME: {username}
PASSWORD: {password}
I'm sure that my credentials are valid because I used them to connect from both Databox and DBeaver. But when I try to connect here, Superset tells me that port 5432 is closed. A little digging tells me that this is likely a firewall issue.
I know that our database is set up to only allow connections from allowed IPs, and of course my machine's IP is whitelisted, so I assume I need to whitelist the IP that is sending the connection request (i.e., Superset). However, I cannot seem to find that information. Indeed, even Superset's PostgreSQL connection instructions seem to be incomplete vis-a-vis connecting to an AWS endpoint.
Assuming I've diagnosed the problem correctly (which is by no means a guarantee), the key question is: Where can I find my Superset instance's IP to add to my PostgreSQL IP whitelist? Relatedly, would this IP change next time I launch Superset from Docker, or will it persist?
Many thanks for any consideration.

RDS Postgresql DB connection timeout from Heroku

I'm unable to connect to a new PostgreSQL in AWS RDS.
I have a Heroku app and I would like to use Amazon RDS for my database instead of Heroku. For that I've been following this guide: https://www.reinteractive.net/posts/128-heroku-app-backed-by-an-aws-rds-postgres-database
I've made a backup from my current Heroku DB and want to load it on the new database.
My security group for the database allows all inbound connections for port 5432 (0.0.0.0/0) and I've made a new VPC to have my DB set as Publicly Accesible (DNS hostnames and DNS resolution enabled). I created the database on postgres version 9.4.9.
However when I do:
-f latest.sql --host=xxx.xxx.us-west-2.rds.amazonaws.com --port=5432 --username=awsuser --password --dbname=mydatabase
from my computer, I only get a connection time out error:
psql: could not connect to server: Connection timed out
Is the server running on host xxx.xxx.us-west-2.rds.amazonaws.com" (1.2.3.4) and accepting
TCP/IP connections on port 5432?
The server is indeed running. In this case latest.sql is the backup I did. After this I edited the Database security groups to accept all connections (0.0.0.0/0) too.
Database Rules
(from what I've read this should not be necessary because I already have the VPC Security Group), but the result is the same.
Is there any way to trace what's going on / why is my connection getting blocked?

PG::CONNECTION BAD connecting to pgAdminIII cloud 9 IDE

New to web development. Trying to connect and register new server for pgAdminIII. (using cloud 9 ide)..
I get this error when viewing in the browser..
_PG::CONNECTION BAD _
could not connect to server: Connection refused Is the server running on
"localhost" (::1) and accepting TCP/IP connections on port 5432?
could not connect to server: Connection
refused Is the server running on host "localhost"
(127.0.0.1) and accepting TCP/IP connections on port 5432
PS. trying to access via new user "ubuntu" SUPERUSER created..
How can I fix this?
PPS. On cloud 9's community forum, an employee says..
"Only ports 8080, 8081 and 8082 are open for workspaces so if you want to access the DB externally you'll need to run it on one of these ports. Make sure you can access it with curl from a local terminal and ensure it's listening on 0.0.0.0 not 127.0.0.1, as the latter only allows local connections."
Lastly, their ide comes with postgres installed, all I needed to do, was set it up..
How do I use the above info while trying to register the new server in order to use the gui?
Let me know if I need to include anything else.
Thanks.
You should enable postgresql service by performing sudo service postgresql start.
After enabling, you can access the console using sudo sudo -u postgres psql and CREATE ROLE ubuntu LOGIN REPLICATION CREATEDB CREATEROLE SUPERUSER; to allow Rails take advantage of your database.
Rails also complains about template read error after creating ubuntu role.
To fix the template error, read up on this.
You should get PostgreSQL server up and running in no time. Happy coding!
Edit:
You should only use localhost for local and system resources (i.e. psql, etc.) while 0.0.0.0 is for everything else like running Rails or Apache server.

HEROKU POSTGRES error: Connection refused Is the server running on host "..compute-1.amazonaws.com..." and accepting TCP/IP connections on port 5432?

I have been trying for weeks to figure out what's the issue, but I cannot seem to fix this.
I am developing a web app, and I have deployed to production using Heroku. I'm using Heroku Postgres for my database, and I'd like to psql into that hosted database from my local machine to make changes to it. I have tried from both Mac OS X and Linux Mint.
However, no matter what I try, I keep getting the following error:
---> Connecting to HEROKU_POSTGRESQL_ORANGE_URL (DATABASE_URL)
psql: could not connect to server: Connection refused
Is the server running on host "ec2-***-**-***-**.compute-1.amazonaws.com" (***.**.***.**) and accepting
TCP/IP connections on port 5432?
I'm starting to think that I may have to SSH into the Amazon EC2 instance and change the Postgres configuration? Would that even be possible?
You can't connect directly to the EC2 instance where the Heroku Postgres instance is running; it is managed by Heroku and normal users aren't allowed to connect to it.
If your application is running fine in Heroku, and you're running heroku pg:psql to attempt to connect to the DB, then most likely there is some issue with your local network that is preventing you from connecting to the Postgres database, like a firewall blocking outbound connections. Heroku Postgres databases are open to the public without any restriction on IP ranges.
It could be a problem with the proxy or firewall of the internet connection you are using.
Try to connect your PC to your mobile phone tethering and then launch the command again, just to verify if the problem lies there.
I was getting this kind of error when my pg_hba.conf or AWS security groups have not been configured properly. There are plenty of docs about how to resolve this. For example, you can check this list link
You can directly connect to EC2 Heroku Postgress instance by adding this attributes to the end of your DB connection url:
jdbc:postgresql://<host>/<dbname>?ssl=true&sslfactory=org.postgresql.ssl.NonValidatingFactory

Connecting to RDS Postgres from remote machine

I have configured an RDS Postgres micro instance for testing but am having problem connecting. I have created a security group and allow all hosts (0.0.0.0/0) by default to port 5432 but for some reason I am not able to connect. I tried connecting to the port 5432 on the machine but it appears to be closed. Any ideas? I have verified that the security group is using the correct security group.
This is my configuration
TCP
Port (Service) Source Action
5432 0.0.0.0/0 Delete
Here is how I am trying to connect to the rds service
psql -p 5432 -h example.cs945smhrv09.us-west-2.rds.amazonaws.com -U example example
UPDATE
OK feel a little silly after figuring out that rds starts up on a private 172 subnet. I was able to connect from my ec2 instance.
Question now is there a way to put that on a public address that I can connect to? I would like to configure it with a security group that limits the source ip but then be able to connect to it with psql from my desktop.
Update 2
I don't remember all the details when I originally posted this question but it is no longer an issue. We now have a management vpc that we connect to using a vpn server. The management vpc network is trusted by the prod and devel security groups for the rds instances. We have no problem communicating with them without adding any public ips.
Step 4 of the RDS setup wizard ("Additional Config") lets you select whether the DB is Publicly Accessible or not (if it's not, access is limited to within your VPC, regardless of your security group settings). I'd imagine that determines whether the hostname resolves to 54.* vs 172.* .
Your first instance may have been set to private - as far as I can tell this can't be changed after initialization. I had a similar issue and creating a new instance set to be publicly accessible solved it for me.
My company's firewall had blocked outgoing traffic to the default postgres port, 5432. I didn't realise this until I tested the port using netcat in a terminal window, as follows:
nc -zv portquiz.net 5432
Hopefully this saves someone half a day of messing around with AWS security groups.
Absolutely there is. I have pgadmin loaded on my local machine connected to my RDS instance. |
I just confirmed that I can connect using the same syntax you used for psql, although the -U was not necessary for me (I still included both "example" parameters though)
I did edit the "default" security group and added my IP (Ip of the machine I'm connecting from)/32 to be allowed, although I'm sure you could get less restrictive than that, but I'd start there and see if it helps.
This is likely caused by your outbound firewall rules. If you're behind a corporate firewall, they will often block outbound ports above a certain number. You need to setup an SSH tunnel of some kind to avoid this.
http://conoroneill.net/accessing-amazon-rds-instances-from-your-desktop/
I had this problem. This isn't a direct solution but might work for some. I set the Postgres security group to accept connections coming from the server that will be using it (same VPC). I then set up my Postgres client to use ssh tunneling. If I need to use the command line, I simply SSH into that server and then psql from there.
You can simply use workbench recommended by aws but make sure your all postgres availibily is set to everywhere..while adding PostgrSQL 5432
https://aws.amazon.com/getting-started/tutorials/create-connect-postgresql-db/