Hi everyone :raised_hands: In my company we are e...
# ask-the-community
Hi everyone 🙌 In my company we are evaluating Flyte 🦜and we want to deploy an MVP to AWS EKS, with s3 and RDS postgres. We are following the guide flyte-the-hard-way but we are stuck in the 05-deploy-with-helm.md. When we try to install flyte the pod throws the following error:
Copy code
[error] failed to initialize database, got error failed to connect to `host=***** user=flyteadmin database=flyteadmin`: server error (FATAL: no pg_hba.conf entry for host "", user "flyteadmin", database "flyteadmin", no encryption (SQLSTATE 28000))
We have run this command to test the database connection:
Copy code
kubectl run pgsql-postgresql-client --rm --tty -i --restart='Never' --namespace testdb --image <http://docker.io/bitnami/postgresql:11.7.0-debian-10-r9|docker.io/bitnami/postgresql:11.7.0-debian-10-r9> --env='PGPASSWORD=<Password>' --command -- psql testdb --host <RDS-ENDPOINT-NAME> -U flyteadmin -d flyteadmin -p 5432
And works. The only difference is that when we run it asks for the password. Anyone knows what’s happening here?
We ran into this issue too. @Mike Morgan fixed this. We had to add options: sslmode=require to the config map
Hi @Marti Jorda Roca and @Rob Rati Thanks for using the guide and I'm sorry you've had this issue, my goal with the guide is that it works 99% of the time What version of PostgreSQL are you using in RDS?
also, is Encryption enabled?
For our RDS, yes. We have solved our issue with the sslmode option though.
got it, but you had to manually patch the configmap. I'd like to avoid this in the future. I'll try to reproduce and update the guide accordingly
To be clear though, we weren't following your guide I don't think. We followed this: https://docs.flyte.org/en/latest/deployment/deployment/cloud_production.html
But I think both end up with the same issue
oh ok, couple of questions to repro 1. Is your RDS an Aurora engine (postgres-compatible)? or pure PostgreSQL 2. What version of PostgreSQL? Thanks in advance
Ours is an auroa postgres DB, engine version 12.10
Hi thank you for your answers 😻 setting
worked for me. We are using a RDS postgres 15.2 (no aurora)
so just to confirm, your
configmap looks like:
Copy code
apiVersion: v1
  db.yaml: |
      dbname: datacatalog
      host: <Postgres host>
      options: sslmode=require
      port: 5432
      username: postgres
? Even when I set this, I still see the following in logs:
Copy code
  "json": {},
  "level": "fatal",
  "msg": "failed to connect to `host=<host> user=postgres database=flyteadmin`: server error (FATAL: no pg_hba.conf entry for host \"\", user \"postgres\", database \"flyteadmin\", SSL off (SQLSTATE 28000))",
  "ts": "2023-08-07T17:22:38Z"
which makes me think the SSL key is not being read
@Gopal Vashishtha what chart are you using? Also, is your Postgres instance listening on that address?
1.5.0 and yes, I confirmed I can connect to postgres through sqladmin on that address