Not the answer you need?
Register and ask your own question!

Monitoring rds postgres with pmm docker container

peru2019peru2019 ContributorCurrent User Role Novice
I am trying to setup rds postgres monitoring with pmm docker contaner. As part of setup , I created aws user plus following user policy plus separate db user with necessary permissions.

"Version": "2012-10-17",
"Statement": [{
"Sid": "Stmt1508404837003",
"Effect": "Allow",
"Action": [
"Resource": ["*"]
"Sid": "Stmt1508410723001",
"Effect": "Allow",
"Action": [
"Resource": ["arn:aws:logs:*:*:log-group:RDSOSMetrics:*"]


CREATE USER pmm_user with ENCRYPTED PASSWORD 'xxxxzzzzzyyyy';
grant rds_superuser to pmm_user;

Finally when I try to add rds postgres database using PMM GUI -> Add Remote Postgresql Instance, I run into following error

Any comments /suggestions ?


  • peru2019peru2019 Contributor Current User Role Novice
    One more thing, db conection from pmm docker container to rds postgresql database using psql client works with no issues.
  • peru2019peru2019 Contributor Current User Role Novice
    I think this is related to SSL configuration on pmm docker container. I checked the rds postgresql logs, and found following lines relevant to above error.

    2019-08-26 20:13:28 UTC:[email protected]:[20063]:FATAL: no pg_hba.conf entry for host "", user "pmm_user", database "postgres", SSL off 2019-08-26 20:19:45 UTC:[email protected]:[28180]:LOG: connection authorized: user=pmm_user database=postgres SSL enabled (protocol=TLSv1.2, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256, compression=off)

    Issue is when I try to do "Add a remote PostgreSQL instance" using "_PMM Add Instance", it trys to open db connection with SSL option disabled. And thats the reason the db connection is failing.


  • peru2019peru2019 Contributor Current User Role Novice
    I was able to resolve this issue, by using pmm-admin commands from the docker container. Here is what I end up doing,

    yum update -y
    yum install initscripts

    pmm-admin config --server --server-insecure-ssl --client-name

    pmm-admin add postgresql --user=pmm_user --password='secret' --port=5432 --sslmode require
Sign In or Register to comment.

MySQL, InnoDB, MariaDB and MongoDB are trademarks of their respective owners.
Copyright ©2005 - 2020 Percona LLC. All rights reserved.