0

semanage confirms my host is running in permissive mode.

I can login to postgresql as user puppetdb when I don't use a password like this:

[msk@puppet ~]$ su - postgres Password: Last login: Fri Jun 21 14:19:01 EDT 2019 on pts/1 bash-4.2$ psql -d puppetdb -U puppetdb psql: FATAL: Peer authentication failed for user "puppetdb"

netstat -tlpn |grep postmaster shows
tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 22948/postmaster

The error I see in /var/log/puppetlabs/puppetdb/puppetdb.log by the hundred is:

Pool - Connection is not available, request timed out after 3012ms. 2019-06-21T13:36:50.267-04:00 ERROR [p.p.c.services] Will retry database connection after temporary failure: java.sql.SQLTransientConnectionException: PDBMigrationsPool - Connection is not available, request timed out after 3000ms.

/var/lib/pgsql/11/data/pg_hba.conf contains: 

local all all peer host all all 127.0.0.1/32 ident host puppetdb puppetdb 127.0.0.1/32 peer

postgresql-Fri.log is full of

FATAL: remaining connection slots are reserved for non-replication superuser connections

Thanks for any clues.

Improve this question

2 Answers 2

Reset to default
1

/var/lib/pgsql/11/data/pg_hba.conf wanted this line added to the top of it.

host puppetdb puppetdb ::1/24 trust

I had forgotten about posting this question. Thanks for helping :)

Improve this answer
0

PuppetDB can't connect to the database. Firstly check database.ini file, possibly in: /etc/puppetlabs/puppetdb/conf.d/database.ini. It should contain something like this:

classname = org.postgresql.Driver subprotocol = postgresql subname = //localhost:5432/puppetdb username = puppetdb conn-max-age = 60 conn-keep-alive = 45 conn-lifetime = 0

Make sure set appropriate number of connections in your PostgreSQL instance, i.e. postgresql.conf:

max_connections = 64

Restart PostgreSQL.

Now verify as puppetdb user that the connection actually works:

su - puppetdb -s /bin/sh -c "psql -h localhost puppetdb"

If you're using SSL, make sure to check the PostgreSQL SSL guide.

When debugging DB issues the status endpoint could be useful:

curl -X GET http://localhost:8080/status/v1/services | jq .
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.