0

我在一个主节点和一个辅助节点上创建了带有 pg_auto 故障转移的 postgres。我被关注这个链接。https://www.citusdata.com/blog/2019/05/30/introducing-pg-auto-failover/我在监视器和 postgres 节点上测试了没有 --auth 标签的故障转移和复制。无需任何授权即可正常工作。这是命令

    export PATH="$PATH:/usr/pgsql-11/bin"
    pg_autoctl create monitor --nodename 10.247.74.66 --pgport 6000
    export PGDATA=/var/lib/pgsql/node_a
    pg_autoctl create postgres --nodename 10.247.74.66 --pgport 6001 --dbname test --monitor postgres://autoctl_node@10.247.74.66:6000/pg_auto_failover
    pg_autoctl run

第二节点

export PATH="$PATH:/usr/pgsql-11/bin"
export PGDATA=/var/lib/pgsql/node_b
pg_autoctl create postgres --nodename 10.247.74.67 --pgport 6002 --dbname test --monitor postgres://autoctl_node@10.247.74.66:6000/pg_auto_failover
pg_autoctl run

pg_autoctl show state


        Name |   Port | Group |  Node |     Current State |    Assigned State
-------------+--------+-------+-------+-------------------+------------------
10.247.74.66 |   6001 |     0 |     1 |           primary |           primary
10.247.74.67 |   6002 |     0 |     2 |         secondary |         secondary

我在监控节点上添加了身份验证作为 --auth md5 并在此链接https://pg-auto-failover.readthedocs.io/en/latest/security.html之后更改了 pg_auto_failover 数据库的 autoctl_node 的密码监控节点也可以正常工作. 但是当我在主 node_a 和 node_b 中添加 --auth md5 时,节点陷入等待和追赶。

    export PGDATA=/var/lib/pgsql/monitor
    pg_autoctl create monitor --auth md5 --nodename 10.247.74.66 --pgport 6000
    export PGDATA=/var/lib/pgsql/node_a
    pg_autoctl create postgres --auth md5 --nodename 10.247.74.66 --pgport 6001 --dbname test --monitor postgres://autoctl_node:BMGAAES123z3RZ5ZSwq@10.247.74.66:6000/pg_auto_failover
    pg_autoctl config set replication.password ZUp3aEAy123BEmTb44A
    pg_autoctl run

    export PGPASSWORD=ZUp3aEAy123BEmTb44A
    export PGDATA=/var/lib/pgsql/node_b
    pg_autoctl create postgres --auth md5 --nodename 10.247.74.67 --pgport 6002 --dbname test --monitor postgres://autoctl_node:BMGAAES123z3RZ5ZSwq@10.247.74.66:6000/pg_auto_failover
    pg_autoctl config set replication.password ZUp3aEAy123BEmTb44A
    pg_autoctl run

        Name |   Port | Group |  Node |     Current State |    Assigned State
-------------+--------+-------+-------+-------------------+------------------
10.247.74.66 |   6001 |     0 |     1 |      wait_primary |      wait_primary
10.247.74.67 |   6002 |     0 |     2 |        catchingup |        catchingup

主node_a的日志

2021-04-02 19:06:32.028 IST [19588] LOG:  connection received: host=10.247.74.66 port=52598
2021-04-02 19:06:32.031 IST [19588] FATAL:  password authentication failed for user "pgautofailover_monitor"
2021-04-02 19:06:32.031 IST [19588] DETAIL:  User "pgautofailover_monitor" has no password assigned.
        Connection matched pg_hba.conf line 95: "host all "pgautofailover_monitor" 10.247.74.66/32 md5 # Auto-generated by pg_auto_failover"
2021-04-02 19:06:34.034 IST [19609] LOG:  connection received: host=10.247.74.66 port=52618
2021-04-02 19:06:34.036 IST [19609] FATAL:  password authentication failed for user "pgautofailover_monitor"
2021-04-02 19:06:34.036 IST [19609] DETAIL:  User "pgautofailover_monitor" has no password assigned.
        Connection matched pg_hba.conf line 95: "host all "pgautofailover_monitor" 10.247.74.66/32 md5 # Auto-generated by pg_auto_failover"
2021-04-02 19:06:36.041 IST [19626] LOG:  connection received: host=10.247.74.66 port=52628
2021-04-02 19:06:36.043 IST [19626] FATAL:  password authentication failed for user "pgautofailover_monitor"
2021-04-02 19:06:36.043 IST [19626] DETAIL:  User "pgautofailover_monitor" has no password assigned.
        Connection matched pg_hba.conf line 95: "host all "pgautofailover_monitor" 10.247.74.66/32 md5 # Auto-generated by pg_auto_failover"

Secondary node_b的日志

2021-04-02 19:08:32.099 IST [8755] LOG:  connection received: host=10.247.74.66 port=41682
2021-04-02 19:08:32.101 IST [8755] FATAL:  password authentication failed for user "pgautofailover_monitor"
2021-04-02 19:08:32.101 IST [8755] DETAIL:  User "pgautofailover_monitor" has no password assigned.
        Connection matched pg_hba.conf line 95: "host all "pgautofailover_monitor" 10.247.74.66/32 md5 # Auto-generated by pg_auto_failover"
2021-04-02 19:08:34.105 IST [8758] LOG:  connection received: host=10.247.74.66 port=41732
2021-04-02 19:08:34.107 IST [8758] FATAL:  password authentication failed for user "pgautofailover_monitor"
2021-04-02 19:08:34.107 IST [8758] DETAIL:  User "pgautofailover_monitor" has no password assigned.
        Connection matched pg_hba.conf line 95: "host all "pgautofailover_monitor" 10.247.74.66/32 md5 # Auto-generated by pg_auto_failover"
2021-04-02 19:08:36.111 IST [8760] LOG:  connection received: host=10.247.74.66 port=41762
2021-04-02 19:08:36.115 IST [8760] FATAL:  password authentication failed for user "pgautofailover_monitor"
2021-04-02 19:08:36.115 IST [8760] DETAIL:  User "pgautofailover_monitor" has no password assigned.
        Connection matched pg_hba.conf line 95: "host all "pgautofailover_monitor" 10.247.74.66/32 md5 # Auto-generated by pg_auto_failover"
4

1 回答 1

0

(已经通过松弛频道回复,但让我复制并粘贴我的答案)

pg_autoctl仅更改用于连接到 postgres 的密码。这意味着,您需要确保在 postgres 端配置了 HBA 文件和密码设置。(github上的相关问题https://github.com/citusdata/pg_auto_failover/issues/382

于 2021-04-08T15:20:40.437 回答