python - 如何解决 AWS RDS 问题:psycopg2.OperationalError: FATAL: password authentication failed for user "root"
问题描述
我使用 terraform 并构建了以下基础设施:
- 具有公共子网的 VPC
- ECS Fargate 和 ECR
- 公有子网中的公有 RDS 实例
我使用 django 作为后端框架。
一切似乎都很好(docker compose logs 报告很好,我可以通过终端中的 psql 和 RDS 端点访问 AWS RDS),直到 ECS 的任务开始然后立即停止并显示日志消息:
psycopg2.OperationalError:致命:用户“root”的密码验证失败
这里的日志来自docker-compose logs
db | The files belonging to this database system will be owned by user "postgres".
db | This user must also own the server process.
db |
db | The database cluster will be initialized with locale "en_US.utf8".
db | The default database encoding has accordingly been set to "UTF8".
db | The default text search configuration will be set to "english".
db |
db | Data page checksums are disabled.
db |
db | fixing permissions on existing directory /var/lib/postgresql/data ... ok
db | creating subdirectories ... ok
db | selecting dynamic shared memory implementation ... posix
db | selecting default max_connections ... 100
db | selecting default shared_buffers ... 128MB
db | selecting default time zone ... Etc/UTC
db | creating configuration files ... ok
db | running bootstrap script ... ok
db | performing post-bootstrap initialization ... ok
db | syncing data to disk ... ok
db |
db |
db | Success. You can now start the database server using:
db |
db | pg_ctl -D /var/lib/postgresql/data -l logfile start
db |
db | initdb: warning: enabling "trust" authentication for local connections
db | You can change this by editing pg_hba.conf or using the option -A, or
db | --auth-local and --auth-host, the next time you run initdb.
db | waiting for server to start....2021-08-08 16:34:32.374 UTC [48] LOG: starting PostgreSQL 13.3 (Debian 13.3-1.pgdg100+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 8.3.0-6) 8.3.0, 64-bit
db | 2021-08-08 16:34:32.375 UTC [48] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
db | 2021-08-08 16:34:32.382 UTC [49] LOG: database system was shut down at 2021-08-08 16:34:31 UTC
db | 2021-08-08 16:34:32.388 UTC [48] LOG: database system is ready to accept connections
db | done
db | server started
db | CREATE DATABASE
db |
db |
db | /usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*
db |
db | 2021-08-08 16:34:32.842 UTC [48] LOG: received fast shutdown request
db | waiting for server to shut down....2021-08-08 16:34:32.844 UTC [48] LOG: aborting any active transactions
db | 2021-08-08 16:34:32.850 UTC [48] LOG: background worker "logical replication launcher" (PID 55) exited with exit code 1
db | 2021-08-08 16:34:32.851 UTC [50] LOG: shutting down
db | 2021-08-08 16:34:32.886 UTC [48] LOG: database system is shut down
db | done
db | server stopped
db |
db | PostgreSQL init process complete; ready for start up.
db |
db | 2021-08-08 16:34:33.008 UTC [1] LOG: starting PostgreSQL 13.3 (Debian 13.3-1.pgdg100+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 8.3.0-6) 8.3.0, 64-bit
db | 2021-08-08 16:34:33.008 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432
db | 2021-08-08 16:34:33.008 UTC [1] LOG: listening on IPv6 address "::", port 5432
db | 2021-08-08 16:34:33.012 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
db | 2021-08-08 16:34:33.017 UTC [76] LOG: database system was shut down at 2021-08-08 16:34:32 UTC
db | 2021-08-08 16:34:33.024 UTC [1] LOG: database system is ready to accept connections
日志来自RDS
2021-08-06 16:56:12 UTC:10.0.2.174(39934):root@testdb:[5710]:DETAIL: Role "root" does not exist.
Connection matched pg_hba.conf line 13: "host all all all md5"
Dockerfile
FROM python:3.8
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1
WORKDIR /backend
COPY requirements.txt /backend/
RUN pip install -r requirements.txt && \
pip install --upgrade pip
COPY . /backend/
COPY ./entrypoint.sh /
ENTRYPOINT ["sh", "/entrypoint.sh"]
入口点.sh
#!/bin/sh
set -e
python manage.py migrate --no-input
python manage.py collectstatic --no-input
gunicorn backend.wsgi:application --bind 0.0.0.0:8000
我不确定为什么会这样。
有人可以帮我理解,因为本地 PostgreSQL 没有任何问题。
解决方案
您不能将root
数据库帐户用于 RDS 数据库。这是一个只有亚马逊才能访问的保留帐户。您需要检查您的 RDS 数据库配置并确定您的管理员帐户名称是什么。
推荐阅读
- vue.js - VueJS 和数据表
- algorithm - 检查一个简单的无向图是否是三连接的
- c++ - 使用 boost 序列化多态类
- python - VSC 将为 Azure Functions 重新创建整个 Python 环境
- java - 如何在 Vaadin Flow 中使用自定义组合框过滤和 DataProvider?
- python - 关于 randint 和 if 的问题
- c++ - 什么是使用 opencv::Mat 优化 c++ 矩阵计算
- sass - 用户代理样式表位于何处,如何禁用它?
- ios - 使用 NSRunLoop 正确使用辅助 NSThread
- spring-data-jpa - Neo4jTransactionManager 不允许支持自定义隔离级别