I’m new to the database operator scene. I have two questions.
I’m getting this error when connecting to the bouncer service.
ERROR: SQLSTATE[08006] [7] connection to server at "postgres-db-pg-db-pgbouncer.postgres-ha.svc.cluster.local" (10.43.245.232), port 5432 failed: FATAL: SASL authentication failed
connection to server at "postgres-db-pg-db-pgbouncer.postgres-ha.svc.cluster.local" (10.43.245.232), port 5432 failed: FATAL: SSL required
ERROR: Failed to connect to database
How can I turn off SSL to connect to the bouncer service?
And my second question, in general, how are application users supposed to be added to the database? I’ve been through the docs and this forum. I’ve seen something referring to using Crossplane, but that seems like overkill for just getting started. Any tips on how to create application users would be greatly appreciated.
Offhand without looking at your configuration settings, located at /etc/pgbouncer/pgbouncer.ini, you should refer to these two runtime parameters to see if they’ve been enabled by accident;
server_tls_sslmode
client_tls_sslmode
Look up the references for these configuration parameters here.
Thanks for the reply. Would I be looking inside the pgBouncer container for this ini file? I’ll go looking. But, wouldn’t there be a setting in the Helm charts for the server or operator to set these settings? I know of the tlsOnly setting. It is set to false.
I’ve got the client_tls_sslmode value to change to disable and allow. With both values I now get:
FATAL: server login has been failing, try again later (server_login_retry)
When I set both server_tls_sslmode and client_tls_sslmode to disable, I get:
ERROR: SQLSTATE[08006] [7] connection to server at "postgres-db-pg-db-pgbouncer.postgres-ha.svc.cluster.local" (10.43.245.232), port 5432 failed: FATAL: SASL authentication failed
ERROR: Failed to connect to database