[pgpool-general: 7300] Re: No TCP/IP connection to Pgpool on RHEL 8.2
Anssi Kanninen
anssi at iki.fi
Tue Sep 22 19:34:25 JST 2020
Update: It works if the client running psql is root or postgres. If it is
a regular user, the connection fails.
On Sun, 20 Sep 2020, Anssi Kanninen wrote:
> Customer's network engineers are also investigating this for a possible firewall rule problem.
>
> On 18 September 2020 11:31:41 EEST, Anssi Kanninen <anssi at iki.fi> wrote:
>
> Thank you!
> Here is some more info. I made some comparison of the TCP traffic when
> connected to Pgpool or straight to PostgreSQL.
> See attachments:
> * cmd-pgpool.txt
> The command and response when connected to Pgpool.
> * tcpdump-pgpool.txt
> A dump of TCP traffic to/from PgPool port when executed the command
> above.
> * cmd-postgres.txt
> The command and response when connected straight to PostgreSQL.
> * tcpdump-postgres.txt
> A dump of TCP traffic to/from PostgreSQL port when executed the command
> above.
> Strangely, it seems that the database name and user name never reached
> Pgpool.
> Hope this helps,
> - Anssi
> On Fri, 18 Sep 2020, Bo Peng wrote:
> Hi,
> Thank you for reporting this issue.
> I am going to look into this one.
> On Fri, 18 Sep 2020 02:47:24 +0300
> Anssi Kanninen <anssi at iki.fi> wrote:
> Software versions are the same on both systems:
> PostgreSQL 12.2
> Pgpool 4.1.3
> On 18 September 2020 02:31:11 EEST, Anssi Kanninen <anssi at iki.fi> wrote:
> Hello,
> My Pgpool doesn't work on RHEL 8.2.
> Eveythins runs smoothly on my Centos 8.1.1911 virtual machines but when
> I
> transfer the same Pgpool/PostgreSQL configuration to customer's RHEL
> 8.2,
> I can not connect to Pgpool via TCP/IP.
> Here is a clip of my log on Centos when I successfully fail to
> authenticate (x.x.x.x is a wrong interface, so this error is expected).
> So, "user" and "database" are show in the log.
> Sep 16 16:04:35 centos8i1 pgpool[6616]: [33-1] pid 6616: ERROR: failed
> to authenticate
> Sep 16 16:04:35 centos8i1 pgpool[6616]: [33-2] pid 6616: DETAIL: no
> pg_hba.conf entry for host "x.x.x.x", user "pgpool", database
> "postgres", SSL off
> Here is log of successful connection. Protocol Major is 3 and Minor is
> 0.
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [26-1] pid 27853: DEBUG:
> reading startup packet
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [26-2] pid 27853: DETAIL:
> application_name: psql
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [27-1] pid 27853: DEBUG:
> reading startup packet
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [27-2] pid 27853: DETAIL:
> Protocol Major: 3 Minor: 0 database: postgres user: pgpool
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [28-1] pid 27853: DEBUG:
> creating new connection to backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [28-2] pid 27853: DETAIL:
> connecting 0 backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [29-1] pid 27853: DEBUG:
> creating new connection to backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [29-2] pid 27853: DETAIL:
> connecting 1 backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [30-1] pid 27853: DEBUG:
> creating new connection to backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [30-2] pid 27853: DETAIL:
> connecting 2 backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [31-1] pid 27853: DEBUG:
> authentication backend
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [31-2] pid 27853: DETAIL:
> auth kind:10
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [32-1] pid 27853: DEBUG:
> authentication backend 0
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [32-2] pid 27853: DETAIL:
> trying SCRAM authentication
> Sep 18 02:07:28 centos8i1 pgpool[27853]: [33-1] pid 27853: DEBUG:
> SCRAM authentication successful for backend 0
> So, the above works.
> But then I transfer the same configuration to the customer's RHEL 8.2,
> the
> same connection attempt shows this:
> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [262-1] pid 348681:
> DEBUG: I am 348681 accept fd 8
> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [263-1] pid 348681:
> DEBUG: reading startup packet
> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [263-2] pid 348681:
> DETAIL: Protocol Major: 1234 Minor: 5680 database: user:
> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-1] pid 348681:
> FATAL: client authentication failed
> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-2] pid 348681:
> DETAIL: no pool_hba.conf entry for host "x.x.x.x", user "", database
> "", SSL off
> Sep 18 01:48:31 haketikuqadb01 pgpool[348681]: [264-3] pid 348681:
> HINT: see pgpool log for details
> Sep 18 01:48:31 haketikuqadb01 pgpool[348612]: [46-1] pid 348612:
> DEBUG: reaper handler
> Sep 18 01:48:31 haketikuqadb01 pgpool[348612]: [47-1] pid 348612: LOG:
> child process with pid: 348681 exits with status 512
> Protocol Major and Minor numbers look strange and why the database name
> and user name are empty? Did it fail to read the incoming packet for
> some
> reason? The connection was local but thru TCP/IP network interface.
> Linux
> firewall was used but same ports were open on both clusters. SELinux is
> in
> use.
> Psql client responds like this:
> psql: error: could not connect to server: server closed the connection
> unexpectedly
> This propably means the server terminated abnormally
> before or while processing the request.
> Here is my pool_hba.conf:
> local all all trust
> host all all 127.0.0.1/32 trust
> host all all ::1/128 trust
> host all pgpool samenet scram-sha-256
> host all postgres samenet scram-sha-256
> My pool_passwd looks like this:
> postgres:AESmyencryptedpassword==
> pgpool:AESmyencryptedpassword==
> The psql command was as follows and the password was correct:
> $ psql -h x.x.x.x postgres pgpool -w
> So, something is different on our RHEL but what?
> Best regards,
> Anssi
> ______________________________________________________________________________________________________________
> pgpool-general mailing list
> pgpool-general at pgpool.net
> http://www.pgpool.net/mailman/listinfo/pgpool-general
> --
> Bo Peng <pengbo at sraoss.co.jp>
> SRA OSS, Inc. Japan
>
>
>
--
anssi at iki.fi
More information about the pgpool-general
mailing list