I'm trying to configure pgpool to use load balance between two servers (Both running Debian 8.2 and Postgresql 9.4).
I already have Streaming Replication working between the two (Master in 153 and Slave in 155). Now I installed PgPool and configured with the two servers:
backend_hostname0 = '10.0.0.153'
backend_port0 = 5432
backend_weight0 = 1
backend_data_directory0 = '/var/lib/postgresq/9.4/main'
backend_hostname1 = '10.0.0.155'
backend_port1 = 5432
backend_weight1 = 1
backend_data_directory1 = '/var/lib/postgresq/9.4/main'
and configure pool_hba, pool_passwd, and load_balance_mode is on.
My problem is: When i try to use psql via pgpool it displays an error:
"psql: FATAL: password authentication failed for user 'postgres'"
BUT if I comment all the section of backend1, changing nothing more, and restart the pgpool2 service, I can connect without problem, in the same machine, using the exact same user and password. I don't know if there's another parameter that I should set in order to use two servers and load balance between them.
I can connect to each backend server from each client with psql just fine, so credentials shouldn't be the problem.
PS: Don't know if that helps. But in pgpool.conf, the replication_mode is off, because I'm using the Streaming Replication, and as far as I heard, it's possible to use load_balance without making replication via pgpool.
Thanks.
Try to login to pgppol server and run the command:
pg_md5 -m -u postgres your_password_for_postgres_user
Now see the content of pool_passwd. It should contain something like:
postgres:md55ebe2294ecd0e0f08eab7690d2a6ee69
Now restart your pgpool and try to connect again. Hopefully your problem will be resolved.
pgpool's load balancing can be used with streaming replication, for that you need to set master_slave_mode and load_balance_mode to true and also set master_slave_sub_mode to stream.
For the authentication error you are getting, check the pg_hba.conf settings for pgpool host. And depending on the type of authentication method specified see the respective client authentication section in the pgpool documentation.
http://www.pgpool.net/docs/latest/pgpool-en.html#hba
Related
I have a postgres database called salephone_test with 3 tables (smartphones, listings, phone_listings) on my windows pc which I want to replicate to at least one ubuntu droplet on digitalocean. I attempted the following setup to replicate the smartphones table:
On my local machine (pc) in postgresql.conf I set the listen_addresses = '*' and wal_level = logical
in pg_hba.conf, I added the following lines
host salephone_test rep 0.0.0.0/0 md5
host salephone_test all 104.248.54.230/0 md5
host all all 0.0.0.0/0 md5
host all all 0.0.0.0/0 md5
where 104.248.54.230 is the IP of my digitalocean droplet
I also set up a replication user and publication by the following commands
CREATE ROLE rep REPLICATION LOGIN PASSWORD 'fakepass';
GRANT SELECT on smartphones to rep;
CREATE PUBLICATION test_phones FOR TABLE smartphones;
on my remote droplet, after installing postgres on the ubuntu, I created a database called salephone with a table called smartphones
in psql, I then used the following command to subscribe for logical replication
// 50.71.125.50 is my pc ip according to google
CREATE SUBSCRIPTION phone_sub CONNECTION 'dbname = salephone_test host = 50.71.125.50 user = rep password = fakepass port = 5432' PUBLICATION test_phones;
after a minute of waiting, I received the following
ERROR: could not connect to the publisher: connection to server at "50.71.125.50", port 5432 failed: Connection timed out
Is the server running on that host and accepting TCP/IP connections?
Note: i tried restarting postgres on my pc multiple times already via services.msc
Your home modem/router is surely blocking the connection. You will need to configure it to accept the connection and do 'port forwarding' to your pc. How you do that (or if it is even possible) would depend on the make and model of the router.
Also, your pg_hba doesn't make much sense. The reason to have a more specific entry above a more general entry is to give it a different auth method (or configuration). Since all your entries have the same method, you might as well just have the last line and not have the preceding 3.
Ubuntu 16.04 LTS
I have followed the guides which all say the same thing; to enable remote connection to a postgres server, update the postgresql.conf file, update the pg_hba.conf file and make sure the port (5432) is open and firewall is not blocking.
When I attempt to connect to my server from the remote machine using the following command, I receive no response (for example, 'Connection refused...'). It hangs as if the firewall has DROP policy, but I checked and the host's firewall is ACCEPT all. Here is the command:
psql -h 45.67.82.123 -U postgres -p 5432 -d mydatabase
I have googled extensively and can't find anyone else who's psql request sits with no response from the host server.
Edit: I should mention I have been connecting locally on the host machine. I should also mention that the data directory on the host machine is in a non-default location. I have my cluster on a mounted drive, in case this could affect the remote connection.
Solution:
It is my first AWS instance and I didn't know they have their own firewall rules on the platform. So I was highly confused by the fact all my policies were ACCEPT on my server. Turns out you are behind AWS firewall and you have to go onto the platform to add/change security groups etc. In the past when I've used Digital Ocean droplets or Linodes, the firewall policy on the vps is all I need to change. AWS threw me another curveball there.
I am trying to connect AWS RDS PostgreSql from PgAdmin 3. I followed the below link
http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ConnectToPostgreSQLInstance.html
In Security Group, I also added PostgreSQL and All traffic as below
The "publicly accessible" flag was enabled (updated after Mark B's comment)
I got the error from PGAdmin3
Very appreciate for any suggestion
******UPDATE*******
I can connect pgAdminIII to AWS RDS successfully using home wifi, but cannot connect using office wifi.
My concern is:
Was the port 5432 blocked by office wifi?
How can I configure/update the port without impacting to current API?
Note: My current API is working well (CRUD)
Can you can test your connection to a DB instance using common Linux or Windows tools first?
From a Linux or Unix terminal, you can test the connection by typing the following (replace with the endpoint and with the port of your DB instance):
$nc -zv DB-instance-endpoint port
For example, the following shows a sample command and the return value:
$nc -zv postgresql1.c6c8mn7tsdgv0.us-west-2.rds.amazonaws.com 8299
Connection to postgresql1.c6c8mn7tsdgv0.us-west-2.rds.amazonaws.com
8299 port [tcp/vvr-data] succeeded!
Windows users can use Telnet to test the connection to a DB instance. Note that Telnet actions are not supported other than for testing the connection. If a connection is successful, the action returns no message. If a connection is not successful, you receive an error message such as the following:
C:>telnet sg-postgresql1.c6c8mntzhgv0.us-west-2.rds.amazonaws.com
8299
Connecting To sg-postgresql1.c6c8mntzhgv0.us-west-2.rds.amazonaws.com...Could not
open connection to the host, on port 819: Connect failed
If Telnet actions return success, then you are good to go.
If you are trying to access it from a network which is not listed for that port. you need to add inbound rules for those network IPs from AMAZON RDS system
You will also need to set Public accessibility true under Connect & security tab in RDS console.
Read this post.In your security group go to unbound rules and add my ip.
and make sure your database is public.
https://serverfault.com/questions/656079/unable-to-connect-to-public-postgresql-rds-instance
Doing freelance, I keep on getting on new projets.
I find postgresql config highly complicated when being used in development mode only (I totally understand that production requirements are much different).
What I want to achieve is to config my postgres so that whatever username/password/port/connexion mode is used, it has all the rights on the DB (as security is no matter here). Working with Rails, all the config is in config/database.yml and I don't want to change anything from the file itself.
I achieved having any password_less authentication for every connexion (local and TCP), but doing this:
# /etc/postgresql/9.3/main/pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
host all all 0.0.0.0/0 trust
And:
# /etc/postgresql/9.3/main/postgresql.conf
listen_addresses = '*'
As from this Post.
But if the user (eg. appname_dev) doesn't exists, I get:
FATAL: role "appname_dev" does not exist
This Post allows me to create the user in 1 line, which is fair enough (sudo -u postgres createuser -d -R -P appname_dev), but I would really like this to be plug and play.
How can I achieve that?
Ain't there any development installation mode on postgres where by default, credentials would be much lighter configured that the current one?
Am I missing some best practice that make this not being a problem?
I understand the port thing can be tricky, but IMHO, the rest should not!
Thanks for the help!
You may achieve this by using pgbouncer (connection pooler) with following settings:
* = host=127.0.0.1 user=postgres
auth_type = any
so when you connect to pgbouncer with any user and any password it will connect to postgres as postgres user which has all permissions.
You may also want to change pgbouncer port to 5432 (by default it works on 6432 port) and change postgres port to something different so your application will connect to pgbouncer without any modifications in configs.
I just recently install PostgreSQL on our server via SSH. The installation went successful, until the time I tried to connect to it using pgAdmin on my Windows machine.I received this kind of error:
could not connect to server: Connection refused (0x0000274D/10061) Is
the server running on host "xxx.xxx.xxx.xxx" and accepting TCP/IP
connections on port 5432?
xxx.xxx.xxx.xxx = my server's public IP.
The docs suggest this can be fixed by setting the value of listen_addresses = '*' in the /etc/postgresql/9.1/main/postgresql.conf. I did that but still it won't let me.
additional error came up
FATAL: no pg_hba.conf entry for host "xxx.xx.xxx.xxx", user
"postgres", database "postgres", SSL on FATAL: no pg_hba.conf entry
for host "xxx.xx.xxx.xxx", user "postgres", database "postgres", SSL
off
xxx.xx.xxx.xxx = my IP address.
What seems to be I'm missing?
Things that could block a postgres connection:
misconfigured listen_address in postgresql.conf
selinux (?)
iptables
pg_hba.conf (although this should cause a different error, not server doesn't listen)
Can you connect to the server locally, if you ssh in and run psql?
On our internal dev servers, I just turn off selinux and iptables. This is a bad idea from a security standpoint, but it might serve as a temporary step to help you narrow down where the problem is.
You might need to change more than one configuration file. In your case, you probably need to edit pg_hba.conf, too. Search that file for "non-local connections".
I like to keep configuration files under version control. It's easier to recover from mistakes that way.
You probably need to restart the PostgreSQL server after making those changes.
After changing listen_addresses settings on the server, make sure to restart the PostgreSQL server (send SIGHUP to the postmaster process, with kill -HUP, etc).
Make sure that postgresql.conf port is set to 5432
Make sure that if a firewall is running on the server, that port 5432 is open for connections coming from the window's (client) machine you are using
Check pg_hba.conf to make sure that the subnet of your client machine is given access
Try using psql locally