error using postgres database

[jp006]

Hello

testing installation of HDP 3.1 on Virtualbox, I got this error when I configure postgres as database database: 'postgres' # can be set to 'embedded', 'postgres', 'mysql' or 'mariadb' error : TASK [ambari-server : Load the Ambari Server schema (postgres)] ** An exception occurred during task execution. To see the full traceback, use -vvv. The error was: OperationalError: FATAL: Ident authentication failed for user "ambari" fatal: [master01]: FAILED! => {"changed": false, "msg": "unable to connect to database: FATAL: Ident authentication failed for user \"ambari\"\n"}

to bypass it, I have to update postgres conf files before restarting the install_cluster.sh : https://docs.hortonworks.com/HDPDocuments/Ambari-2.7.1.0/bk_ambari-installation/content/postgres-remote-connections.html

[alexandruanghel]

Hi, which playbook did you run? Did you run install_cluster.sh or prepare_nodes.sh? The database access is set in the database role called during the prepare_nodes playbook: https://github.com/hortonworks/ansible-hortonworks/blob/master/playbooks/roles/database/tasks/postgres_play_db_access.yml

Any special OS version or other changes?

[jp006]

Hi I ran install_cluster.sh (static inventory) The problem happened during the configuration of Ambari " Load the Ambari Server schema (postgres)] " I am on RHEL 7.5 and install HDP on VM Centos 7 on virtualbox, nothing special.

[alexandruanghel]

Hmm, can you post the config from your /var/lib/pgsql/*/data/pg_hba.conf. For example, this is mine in a 1 node AWS centos7.5 instance:

tail /var/lib/pgsql/*/data/pg_hba.conf 
host    all             all             127.0.0.1/32            ident
# IPv6 local connections:
host    all             all             ::1/128                 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local   replication     postgres                                peer
#host    replication     postgres        127.0.0.1/32            ident
#host    replication     postgres        ::1/128                 ident
host ambari ambari 172.31.34.111/32 md5
host ranger ranger 172.31.34.111/32 md5

But now I suspect Ambari tried to connect to localhost for some reason, so the ident authentication takes over. Can you also check the jdbc url?

grep jdbc.url /etc/ambari-server/conf/ambari.properties

[jp006]

Hi about pg_hba.conf , it is the file I updated to fix the issue following HDP doc indicated in my first post, I didn't keep the original version.

[root@localhost ~]# grep jdbc.url /etc/ambari-server/conf/ambari.properties server.jdbc.url=jdbc:postgresql://localhost.localdomain:5432/ambari yes it is connection to localhost

otherwise this a an amazing asset

[alexandruanghel]

Yes, I was afraid that's the issue. Because you're only using a local VM which seems to have the hostname as localhost.localdomain, Ansible will pick that up (the ansible_fqdn variable) and use it in various parts of the playbook, while postgres, by default, has a very specific configuration in pg_hba.conf which sets the ident auth for localhost, rather than md5 (the password auth used by ambari):

host    all             all             127.0.0.1/32            ident

I'll have to figure out how to treat this better so I'll mark it as a bug, but you can do several things, like comment that line in your pg_hba.conf, or setting a hostname for your VM, which points to the VM ip rather than the localhost.

[jp006]

I set hostname and IP@ to this hostname in ./etc/hosts and it works ! thank you !