node.js - Typescript "error: no pg_hba.conf entry for host "x", user "x", database "x", SSL off"
问题描述
Setup
I'm currently using Kubernetes to manage my NodeJS services.
Every NodeJS service has its own PostgreSQL database, I'm using TypeORM to access each database. Everything worked fine until I converted my Kubernetes Deployment to a StatefulSet. I did this because I wanted my databases to keep their data, even after being shut down.
Problem
The NodeJS service (confirmation-deployment-{unique-id}
) which represents a REST API can't connect to the PostgreSQL database (confirmation-postgres-statefulset-{number}
)
Error
The logs return this error: error: no pg_hba.conf entry for host "x", user "x", database "x", SSL off
I found that I had to set {ssl: true}
in my ConnectionOptions
but when
I did this I got another error: Error: The server does not support SSL connections
.
I'm basically stuck at the moment. The first error tells me to convert {ssl: false}
to {ssl: true}
, while the other error tells me to do the opposite. I've no idea why this happens, all of this started when I converted the Deployment to a StatefulSet inside Kubernetes.
If I can take a guess, it's perhaps an internal cluster network issue inside Kubernetes? Anyway, I'm not familiar with those errors...
Any help would be appreciated!
System Information
- Windows 10
- Docker Desktop
- Linux Containers
Code
ormconfig.json: TypeORM's way to define the ConnectionOptions
.
{
"type": "postgres",
"host": "confirmation-postgres-service",
"port": 5432,
"username": "postgres",
"password": "12345",
"database": "postgres",
"synchronize": true,
"ssl": false,
"entities": [
"src/models/*.model.ts"
]
}
confirmation-postgres-statefulset.yml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: confirmation-postgres-statefulset
spec:
serviceName: "confirmation-postgres"
replicas: 2
selector:
matchLabels:
app: confirmation-postgres
template:
metadata:
labels:
app: confirmation-postgres
spec:
containers:
- name: confirmation-postgres
image: postgres
envFrom:
- configMapRef:
name: confirmation-postgres-config
ports:
- containerPort: 5432
name: confirmation-db
volumeMounts:
- name: confirmation-postgres-storage
mountPath: /var/lib/postgresql/data
volumes:
- name: confirmation-postgres-storage
persistentVolumeClaim:
claimName: confirmation-postgres-pvc
confirmation-postgres-service.yml
apiVersion: v1
kind: Service
metadata:
name: confirmation-postgres-service
spec:
type: ClusterIP
selector:
app: confirmation-postgres
ports:
- name: db
protocol: TCP
port: 5432
targetPort: 5432
confirmation-postgres-config.yml
apiVersion: v1
kind: ConfigMap
metadata:
name: confirmation-postgres-config
labels:
app: confirmation-postgres
data:
POSTGRES_DB: postgres
POSTGRES_USER: postgres
POSTGRES_PASSWORD: "12345"
confirmation-postgres-pv.yml
apiVersion: v1
kind: PersistentVolume
metadata:
name: confirmation-postgres-pv
labels:
type: local
spec:
storageClassName: manual
capacity:
storage: 20Gi
accessModes:
- ReadWriteOnce
hostPath:
path: "/mnt/data"
confirmation-postgres-pvc.yml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: confirmation-postgres-pvc
labels:
app: confirmation-postgres
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
解决方案
如果你想使用 ssl,你需要配置/编译你的 PostgreSQL 服务器来支持它。
如果您不想使用 ssl,则需要配置 pg_hba.conf 以允许没有 ssl 的连接(来自该主机、用户和数据库)。很可能您的 pg_hba.conf 只是不允许这种连接(无论是否使用 ssl),但客户端只报告它实际尝试的连接。我这样说是因为如果您的 pg_hba 需要 ssl,但您的服务器不支持它,那么它应该首先拒绝启动。如果它没有启动,你会得到一个不同的错误。
推荐阅读
- php - 从 .htaccess 配置中删除结尾的斜杠
- python - python selenium不加载firefox扩展
- kubernetes - How to login to Kubernetes using service account?
- r - 犰狳中的合并功能
- r - 由于 0 方差而具有 NA 值的 cor 函数
- c# - 如何在运行时向我的类添加方法?
- webpack - 为 NativeScript Vue 使用手写笔?
- javascript - 使用 Parcel 从多个 JS 文件生成单个 JS 文件并保持框架路径默认值
- javascript - ESlint 和 typescript 集成问题
- html - 为什么 CSS Sticky 属性在传递时会清除其他元素