pgbouncer登录被拒绝

Question

第二天，如果我使用auth_type = hba，我将无法通过pgbouncer解决连接错误：

postgres=# create user monitoring with password 'monitoring';
postgres=# create database monitoring owner monitoring;
postgres=# \du+ monitoring
                   List of roles
 Role name  | Attributes | Member of | Description
------------+------------+-----------+-------------
 monitoring |            | {}        |


postgres=# \l+ monitoring
                                                    List of databases
    Name    |   Owner    | Encoding |   Collate   |    Ctype    | Access privileges |  Size   | Tablespace | Description
------------+------------+----------+-------------+-------------+-------------------+---------+------------+-------------
 monitoring | monitoring | UTF8     | en_US.UTF-8 | en_US.UTF-8 |                   | 7861 kB | pg_default |

/var/lib/pgsql/10/data/pg_hba.conf：

# TYPE  DATABASE        USER            ADDRESS                 METHOD

host    monitoring      monitoring      0.0.0.0/0               trust
local   monitoring      monitoring                              trust

/etc/pgbouncer/pgbouncer.ini：

pidfile                 = /var/run/pgbouncer/pgbouncer.pid
reserve_pool_size       = 5
reserve_pool_timeout    = 2
listen_port             = 6432
listen_addr             = *
auth_type               = hba
auth_hba_file           = /etc/pgbouncer/hba_bouncer.conf
auth_file               = /etc/pgbouncer/userlist.txt
logfile                 = /var/log/pgbouncer/pgbouncer.log
log_connections         = 0
log_disconnections      = 0
log_pooler_errors       = 1
max_client_conn         = 5000
server_idle_timeout     = 30
pool_mode               = transaction
server_reset_query      =
admin_users             = root
stats_users             = root,monitoring

[databases]
*                       = client_encoding=UTF8 host=localhost port=5432 pool_size=1000

在pgbouncer的pg_hba.conf中，我还尝试使用掩码/ 32，掩码/ 8，/ 16（我的网段的真实掩码）指定服务器接口的特定地址。

结果只有一个：登录被拒绝！

/etc/pgbouncer/hba_bouncer.conf：

host    monitoring            monitoring            0.0.0.0/0               trust
host    monitoring            monitoring            127.0.0.1/32            trust

/etc/pgbouncer/userlist.txt：

"monitoring" "monitoring"

尝试连接：

# psql -U monitoring -p 5432 -h 127.0.0.1
psql (10.1)
Type "help" for help.

monitoring=>


# psql -U monitoring -p 6432 -h 127.0.0.1
psql: ERROR:  login rejected

Answer 1

我们有一个与您相似的用例。我们正在运行1.12.0版本，并且遇到了同样的问题，我们也收到“错误：登录被拒绝”消息。

经调查后发现，我们对pg_bouncer的pg_hba.conf的权限不正确。一旦我们授予pgbouncer读取权限，它就会按预期工作。不幸的是，在我们打开的更高级别的日志记录中，没有任何东西揭示了这一点，并且我们偶然通过自己的测试偶然发现了该解决方案。

Ps。我们在连接上使用信任时，在pgbouncer配置中保留的密码哈希为“”。我认为我们的配置与您发布的其他内容没有什么不同。