I am setting up the Hortonworks Hadoop stack on a single instance RHEL 7 node. I am stuck in the part where I am setting up my ambari-server, using my PostgreSQL 9.2.15 database (not default, not embedded).
I also intend to use this same PostgreSQL instance for Hive and Oozie.
After following the instructions from here:
https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.2.0/bk_ambari_reference_guide/content/_using_ambari_with_postgresql.html
https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.2.0/bk_ambari_reference_guide/content/_using_hive_with_postgresql.html
https://docs.hortonworks.com/HDPDocuments/Ambari-2.2.2.0/bk_ambari_reference_guide/content/_using_oozie_with_postgresql.html
Here's how I named my database, user and schema:
ambari, ambari, ambari
hive, hive
oozie, oozie
This is how I configured my /var/lib/pgsql/data/pg_hba.conf file:
# Default
local all all peer
host all all 127.0.0.1/32 ident
# added settings
local all ambari md5
host all ambari 0.0.0.0/0 md5
host all ambari ::/0 md5
host oozie oozie <my-host-ip>/0 md5
host hive hive <my-host-ip>/0 md5
I run this, for Hive and Oozie:
$ ambari-server setup --jdbc-db=postgres --jdbc-driver=/usr/share/java/postgresql-jdbc.jar
Then for the actual Ambari setup
$ ambari-server setup
Enter advanced database configuration [y/n]? y
...
Enter choice (1): 4
Hostname (localhost): <my-fqdn-host-name>
Port (5432):
Database name (ambari):
Postgres schema (ambari):
Username (ambari):
Enter Database Password (bigdata) : <my-ambari-password>
However, I can't start the ambari-server, as I get this from /var/log/ambari-server/ambari-server.log on a number of lines:
Internal Exception: org.postgresql.util.PSQLException: FATAL: Ident authentication failed for user "ambari"
Although I am sure that my password is correct, and I can even connect using
$ psql -h <my-fqdn-host-name> -U ambari -d ambari -W
password: <my-ambari-password>
$ psql -h <my-host-ip> -U ambari -d ambari -W
password: <my-ambari-password>
However, I can't connect with
$ psql -h localhost -U ambari -d ambari -W
password: <my-ambari-password>
psql: FATAL: Ident authentication failed for user "ambari"
$ psql -h 127.0.0.1 -U ambari -d ambari -W
password: <my-ambari-password>
psql: FATAL: Ident authentication failed for user "ambari"
And I get the same error as what I get from /var/log/ambari-server/ambari-server.log. I suspect that ambari-server setup is connecting via localhost, that's why I get the same error.
Can you tell what's wrong with my configuration with Ambari and/or Postgres?
The problem is your pg_hba.conf file.
It is parsed from top to bottom, and the first matching line is used.
In your case, the line chosen is
host all all 127.0.0.1/32 ident
(you seem to connect from localhost) which is not what you want.
Either remove that line or move it to the end of the file.
Related
I use postgres 11, I just try to connect with one of my user to psql and pgadmin4
my pg_hba.conf file
# "local" is for Unix domain socket connections only
local all all peer
host sito lcm_admin 127.0.0.1/32 md5
host sito sito_lcm 127.0.0.1/32 md5
My postgres user have a password.
I tried my posgres user, sito_lcm and lcm_admin to connect to pgAdmin4, alway get
Invalid username or password
I know there are good because It's the one I use to connect to posgres db in a java program
for psql i tried
su - postgres
typed my password
authentication fail
tried with one of my db user
psql -U lcm_admin sito
psql: FATAL: Peer authentication failed for user "lcm_admin"
Edit
With Daniel Vérité tips, I can connect to psql but not to pgAdmin4
First time i see this screen, my last connection was a few month ago, don't know if some updated had created this issue
Because of this rule in pg_hba.conf
host sito lcm_admin 127.0.0.1/32 md5
You probably want to invoke psql that way:
psql -U lcm_admin -h 127.0.0.1 sito
Then it will ask for a password instead of failing with "Peer authentication failed".
Note that rules in pg_hba.conf are tested in their order in the file (top to bottom), and it stops at the first one that matches.
About connectiong with pgAdmin4:
As mentioned in https://www.pgadmin.org/docs/pgadmin4/latest/getting_started.html there is an additional step to access pgAdmin4 itself, as an application.
In a server deployment, an email address and password are asked at installation time. If you don't remember the password but you gave a valid email address, the link "Forgotten your password" might work for you.
Otherwise I guess reinstalling pgAdmin4 from scratch might work too.
Personally, I launch pgAdmin4 as a docker container without a persistent volume:
$ docker run -p8080:80 -e PGADMIN_DEFAULT_EMAIL=foo#example.com -e PGADMIN_DEFAULT_PASSWORD=bar dpage/pgadmin4
Then I connect to http://localhost:8080 and the email/password to enter on the first page are those environment variables passed on the command line.
In Ubuntu 16.04 I created second postgres database cluster, called cmg, with a local user as the admin user:
pg_create -u "local_username" -g "local_usergroup" -d /path/to/data/dir 9.5 cmg
The cluster was started with:
pg_ctrlcluster 9.5 cmg start
which ran successfully (pg_lsclusters show both are online)
The problem is I cannot connect to the cluster using psql as is normally done.
I tried using:
psql -h 127.0.0.1 -w -p5433 -U local_username
which fails with:
psql: fe_sendauth: no password supplied"
Is there any way to connect to the specific cluster?
use psql -h your_socket_dir -p5433 -U postgres to connect locally (uses peer auth by default - thus high chahce to login wothout password)
once logged in - set up password (create user if needed) and use it connecting remotely
psql -h 127.0.0.1 -p5433 -U local_username
in your connect string you had -w which is never ask for a password https://www.postgresql.org/docs/current/static/app-psql.html which would by default work only for local connections
I think the default pg_hba.conf when you start up a new cluster expects you to authenticate with peer connections, so you need to change user to your local user before connecting
[root#server~]# su - local_username
>> Enter password:
> password
[local_username#server~]# psql -h 127.0.0.1 -p 5433
You can check your pg_hba.conf file in /path/to/data/dir/pg_hba.conf to see how it expects you to authenticate.
Alternatively, if you cannot get access as your 'local_username' then instead su to postgres user in the instructions above and it should work
I have the following lines in my pg_hba.conf file:
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
host all all localhost trust
and I've restarted Postgres. When I connect at the command line everything works as expected:
$ psql -U me -W
Password for user me: # I can type any password and it will work
psql (9.5.7)
Type "help" for help.
me=#
However, when I connect through a software library (the Node library pg, through the library knex) I get an error:
password authentication failed for user "me"
I'm not specifically looking for a fix, I'm just trying to understand how this is even possible. If I just told Postgres to trust anyone, how can I still be getting errors about authentication failing? Was there something wrong with my pg_hba.conf entries, or does Postgres just choose to ignore them under certain circumstances, or ....
EDIT
In case it helps the database connection URL my program is using to connect is:postgres://localhost:5432/mydb.
When you did psql -U me -h localhost, psql failed to connect because it doesn't know what database to connect to.
Solution is psql -U me -h localhost -d database_name
Hope this helps.
I created a phoenix project from the hello example using digital ocean. I entered the username and password from the etc/motd.tail file. I keep getting the error message below. I am a beginner and for some reason I just cannot get ecto to install correctly.
** (Mix) The database for Hello.Repo couldn't be created, reason given: psql: FATAL: password authentication failed for user "elixir"
FATAL: password authentication failed for user "elixir"
You can use the following Postgress database credentials:
* User: elixir
* Pass: ***
install. Any help would be appreciated.
I get the same error using Ubuntu 14.04 and I corrected resetting the 'postgres' password:
$ sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';"
and restart postgres service:
sudo service postgresql restart
I assume this error is happening on the mix ecto.create task?
This happens because Ecto uses psql to create the database, however this is no longer the case in the upcoming Ecto 2.0.
The following GitHub issue shows the same issue https://github.com/elixir-lang/ecto/issues/1207
The relevant comment with the fix is https://github.com/elixir-lang/ecto/issues/1207#issuecomment-172570064:
My database config (pg_hba.conf) was apparently wrong.
For anyone else encountering this:
host all my_user 127.0.0.1/32 trust will not work
host all my_user localhost trust will work
Please check your pg_hba.conf (likely in /etc/postsgresql/9.x/pg_hba.conf).
We just need to create a new postgresql username and password according to the files inside config folder using this db method
$ sudo -u postgres createuser <username>
$ sudo -u postgres createdb <dbname>
$ sudo -u postgres psql
psql=# alter user <username> with encrypted password '<password>';
psql=# grant all privileges on database <dbname> to <username> ;
I needed to update the pg_hba.conf to make this work.
I am using Fedora, so get to /var/lib/pgsql/data
# "local" is for Unix domain socket connections only
local all postgres peer
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 ident
Then I created an elixir user in postgres with databse creation capabilities and configured it in dev.exs (user/password/database)
I just installed PostgreSQL 9.2 server on an EC2 AMI instance. However I am not able to connect to it from the command prompt.
Moreover I see two directories in /var/lib: pgsql9 and pgsql92. The data directory in pgsql92 is empty and hence it looks like pgsql9 is the one that is getting used.
[root#ip-172-31-56-103 etc]# psql
Password:
psql: FATAL: password authentication failed for user "root"
[root#ip-172-31-56-103 etc]# sudo su - postgres
-bash-4.2$ psql
Password:
psql: FATAL: password authentication failed for user "postgres"
-bash-4.2$ psql -U postgres
Password for user postgres:
psql: FATAL: password authentication failed for user "postgres"
-bash-4.2$
pg_hba.conf
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 ident
#host replication postgres ::1/128 ident
postgresql.conf
listen_addresses = '*'
To work out which PG install you are using: ps -ef | grep pgsql. You will see for sure which binary, data directory and conf file is being used to give you some comfort.
Have you changed the pg_hba.conf from the default? If so, did you reload it? Something like sudo service postgresql reload should do it, depending upon your OS.
You might want to change the IPv6 local connection to use md5 as well.
Try adding -h localhost or -h 127.0.0.1 to your psql command: e.g. psql -h localhost -U postgres.
Check your postgres password to be doubly / triply sure.
Otherwise, check out the specific docs for your OSs installation. Sometimes apt or yum repos do some additional security configuration for you.
Finally, worst case, change all the pg_hba.conf auth methods to trust, then restart the database, logon, change the postgres password, logout, change the auth methods to md5, reload and try to logon again.