search

yandex / odyssey

Scalable PostgreSQL connection pooler
BSD 3-Clause "New" or "Revised" License
3.21k stars 165 forks source link

error [none s2c40584c065c] (auth) unsupported authentication method #515

Open Ars312 opened 1 year ago

Ars312 commented 1 year ago

database "testBD" { user "testuser" { authentication "md5" password "testuser" pool "transaction" pool_size 30 pool_cancel yes pool_rollback yes client_fwd_error yes storage "postgres_server"

storage_db "testBD"

                    #storage_user "testuser"
                    #storage_password "testuser"
            }
    }

connects directly to the database successfully

Ars312 commented 1 year ago

60448 2023-07-17T14:50:55Z info [ccd0bf5610cfd none] (startup) new client connection 192.168.5.143:37800 60448 2023-07-17T14:50:55Z debug [ccd0bf5610cfd none] (tls) ssl request 60448 2023-07-17T14:50:55Z debug [ccd0bf5610cfd none] (tls) is disabled, ignoring 60448 2023-07-17T14:50:55Z debug [none none] (routing) matched rule: testBD testuser with (null) routing type 60448 2023-07-17T14:50:55Z info [ccd0bf5610cfd none] (startup) route 'testBD.testuser' to 'testBD.testuser' 60448 2023-07-17T14:50:55Z debug [ccd0bf5610cfd none] (auth) PasswordMessage

ilya-maltsev commented 1 year ago

@Ars312 try to uncomment lines

#storage_user "testuser"
#storage_password "testuser"
reshke commented 1 year ago

60448 2023-07-17T14:50:55Z info [ccd0bf5610cfd none] (startup) new client connection 192.168.5.143:37800 60448 2023-07-17T14:50:55Z debug [ccd0bf5610cfd none] (tls) ssl request 60448 2023-07-17T14:50:55Z debug [ccd0bf5610cfd none] (tls) is disabled, ignoring 60448 2023-07-17T14:50:55Z debug [none none] (routing) matched rule: testBD testuser with (null) routing type 60448 2023-07-17T14:50:55Z info [ccd0bf5610cfd none] (startup) route 'testBD.testuser' to 'testBD.testuser' 60448 2023-07-17T14:50:55Z debug [ccd0bf5610cfd none] (auth) PasswordMessage

can you grep all messages produced by server id=s2c40584c065c? something like grep s2c40584c065c logfile.log

Ars312 commented 1 year ago

60550 2023-07-17T16:47:29Z info [c9709933d9632 none] (startup) new client connection 192.168.5.143:58650 60550 2023-07-17T16:47:29Z debug [c9709933d9632 none] (tls) ssl request 60550 2023-07-17T16:47:29Z debug [c9709933d9632 none] (tls) is disabled, ignoring 60550 2023-07-17T16:47:29Z debug [none none] (routing) matched rule: testBD testuser with (null) routing type 60550 2023-07-17T16:47:29Z info [c9709933d9632 none] (startup) route 'testBD.testuser' to 'testBD.testuser' 60550 2023-07-17T16:47:29Z debug [c9709933d9632 none] (auth) PasswordMessage 60550 2023-07-17T16:47:29Z debug [c9709933d9632 sf51f0a2a6634] (setup) client c9709933d attached to sf51f0a2a 60550 2023-07-17T16:47:29Z info [c9709933d9632 sf51f0a2a6634] (setup) new server connection 192.168.5.142:5432 (connect time: 368 usec, resolve time: 0 usec) 60550 2023-07-17T16:47:29Z debug [none sf51f0a2a6634] (startup) received packet type: Authentication 60550 2023-07-17T16:47:29Z error [none sf51f0a2a6634] (auth) unsupported authentication method

tried again

Ars312 commented 1 year ago

@ilya-maltsev 60632 2023-07-17T16:53:26Z debug [c4a5dbb1745fd s11c3ad7987d5] (setup) client c4a5dbb17 attached to s11c3ad79 60632 2023-07-17T16:53:26Z info [c4a5dbb1745fd s11c3ad7987d5] (setup) new server connection 192.168.5.142:5432 (connect time: 367 usec, resolve time: 0 usec) 60632 2023-07-17T16:53:26Z debug [none s11c3ad7987d5] (startup) received packet type: Authentication 60632 2023-07-17T16:53:26Z error [none s11c3ad7987d5] (auth) unsupported authentication method

ilya-maltsev commented 1 year ago

@Ars312 can you show hba-file from postgres server?

Ars312 commented 1 year ago

@ilya-maltsev I use patroni 192.168.5.142 leader, cat /var/lib/pgsql/15/data/pg_hba.conf

Do not edit this file manually!

It will be overwritten by Patroni!

local all postgres peer host replication replicator 192.168.5.0/24 md5 host replication replicator 127.0.0.1/32 trust host all all 0.0.0.0/0 md5

ilya-maltsev commented 1 year ago

@Ars312 can you show postgres logs?

Ars312 commented 1 year ago

@ilya-maltsev 2023-07-18 12:54:32.547 +06 [2369] LOG: connection received: host=192.168.5.144 port=38572 2023-07-18 12:54:32.548 +06 [2369] FATAL: expected SASL response, got message type 88

ilya-maltsev commented 1 year ago

@Ars312 I think, something wrong with your patrony/postgresql configuration, because without patrony on default installation of postgresql-15 all works fine. Try checking your configs and make sure that everything has been applied

Ars312 commented 1 year ago

thanks, I will additionally check, but from the same host where Odysseus connects directly to the database successfully.

ilya-maltsev commented 1 year ago

@Ars312 Also the cause of the problem may be that password encryption method for user 'testuser' is scram-sha-256 but odyssey trying to connect to postgresql with md5 password encryption

try to create new user test-md5:

set password_encryption TO 'md5'; 
create user "test-md5" with password 'test-md5';
\c testBD
GRANT ALL ON ALL TABLES IN SCHEMA public TO "test-md5";

replace credentials in odyssey.conf and restart odyssey

Ars312 commented 1 year ago

@ilya-maltsev
New user with "md5" solve the problem, thanks!!!