Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CDS is unusable: API recieves database auth response 10 #5619

Closed
shueja opened this issue Dec 29, 2020 · 2 comments
Closed

CDS is unusable: API recieves database auth response 10 #5619

shueja opened this issue Dec 29, 2020 · 2 comments

Comments

@shueja
Copy link

shueja commented Dec 29, 2020

Hello.
I am trying to set up CDS 0.47.0 from binaries as provided in the docs. I'm using postgresql 13 for my database. However, when I get to setting up the database, I run into a several-part problem.

  1. The docker command uses postgres 9.6, which probably means neither the docs nor CDS itself has been updated in a long time. This leads to
  2. The new default encryption method in postgres is scram-sha-256.
  3. CDS does not support scram-sha-256 (yet).
    This is probably the cause of the following failure:
Reading configuration file @ conf.toml
Starting service api
2020-12-29 09:58:27 [INFO] api> cds-api-zealous_hypatia configuration applied
2020-12-29 09:58:27 [INFO] observability> initializing observability for api/cds-api-zealous_hypatia
2020-12-29 09:58:27 [INFO] Registing service api(*service.Common) cds-api-zealous_hypatia
2020-12-29 09:58:27 [INFO] api> Service registered
2020-12-29 09:58:27 [INFO] Starting CDS API Server 0.47.0+cds.13856
2020-12-29 09:58:27 [ERROR] engine is unavailable for download, this may lead to a poor user experience. Please check your configuration file or the /var/lib/cds-engine directory
2020-12-29 09:58:27 [ERROR] cdsctl is unavailable for download, this may lead to a poor user experience. Please check your configuration file or the /var/lib/cds-engine directory
2020-12-29 09:58:27 [INFO] Initializing mail driver...
2020-12-29 09:58:27 [INFO] Initializing feature flipping with izanami
2020-12-29 09:58:27 [INFO] Initializing local objectstore...
2020-12-29 09:58:27 [INFO] ObjectStore> Initialize Filesystem driver on directory: /var/lib/cds-engine/artifacts
2020-12-29 09:58:27 [INFO] Initializing database connection...
2020-12-29 09:58:27 [ERROR] api> Serve: cannot connect to database: pq: unknown authentication response: 10
2020-12-29 09:58:27 [ERROR] api> Service exiting with err: context canceled
Service has been stopped: api context canceled

I have tried going into pg_hba.conf and changing the encryption to md5, but its auto-upgrade functionality re-encrypts the passwords as scram. Therefore, CDS cannot access the database.

Possible Solutions/workarounds
CDS could support SCRAM. I see this is being raised in Discussions.
In the meantime, is it possible to set up PostgreSQL 13 with md5 encryption only, or do I have to roll back to 9.6 or another version?
@ozonep
Copy link

ozonep commented Jan 7, 2021

@shueja-personal PostgreSQL versions up to v12 are working fine, v13 does not.
I assume this is due to Go package used for Postgres connection, it's not actively maintained anymore, hence all these errors.
It's not crucial, you'll be just fine with v12.

@yesnault
Copy link
Member

support for scram-sha-256 will be follow in #5644

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@yesnault @ozonep @shueja