[pgpool-general: 4242] Re: pgpool load balancing & md5 question

Tatsuo Ishii ishii at postgresql.org
Fri Nov 27 10:02:00 JST 2015 

> Previous behaviour was tested on pgpool 3.3.7
> 
> In pgpool-3.4 it behaves almost exactly as previous version but client
> receives different message:
> 
> psql: ERROR:  unable to get password, password file descriptor is NULL
> 
> 
> It is null because I expect pgpool to proxy authorization from backend as
> it does with only one backend configured.
> 
> Only configuration that is working with md5 & multiple backends in load
> balancer mode is same as described for master/slave:
> 
> enable_pool_hba = on
> pool_passwd = 'pool_passwd'
> backend_hostname0 = 'pg2'
> backend_hostname1 = 'pg3'
> 
> with passwords copied from database to pool_passwd file
> and pool_hba having:
> 
> local all all 0.0.0.0/0 md5
> 
> 
> this does not solve my case as I do not want to maintain local pool_passwd
> file in addition to postgres database user table.

As I said in the up thread message, this is due to the design of
pgpool-II. There's no way to avoid it.

> Roman Barczyński
> 
> On Thu, Nov 26, 2015 at 12:40 PM, Roman Barczyński <rombar at gmail.com> wrote:
> 
>> Hi,
>>
>> I have 2 read-only backends for select queries and I'd like to setup
>> pgpool load balancing for them without using md5 pool_passwd file on pgpool
>> machine.
>>
>> When I setup pgpool with only one backend like this:
>>
>> enable_pool_hba = off
>> pool_passwd = ''
>> backend_hostname0 = 'pg2'
>>
>> it works as I want to, that is first auth is passed to backend, then
>> stored, clients can connect without problems:
>>
>> DEBUG: pid 17273: pool_do_auth: auth kind:5
>> DEBUG: pid 17273: trying md5 authentication
>> DEBUG: pid 17273: DB node id: 0 salt: 58d222bc
>> ...
>> DEBUG: pid 17273: 0 th backend: name: session_authorization value:
>> replica_test
>> ...
>> DEBUG: pid 17273: pool_send_auth_ok: send pid 31831 to frontend
>>
>>
>> Issues start when I add second backend:
>>
>> enable_pool_hba = off
>> pool_passwd = ''
>> backend_hostname0 = 'pg2'
>> backend_hostname1 = 'pg3'
>>
>>
>> clients get "password authentication failed" and pgpool logs:
>>
>> DEBUG: pid 17328: pool_do_auth: auth kind:5
>> DEBUG: pid 17328: trying md5 authentication
>> ERROR: pid 17328: pool_get_passwd: username is NULL
>> DEBUG: pid 17328: do_md5: (null) does not exist in pool_passwd
>> DEBUG: pid 17328: do_md5failed in slot 0
>>
>>
>> is it by design or bug?
>>
>>
>> Roman Barczyński
>>

More information about the pgpool-general mailing list