Hi everyone :raised_hands: In my company we are e...
# ask-the-community
m
Hi everyone 🙌 In my company we are evaluating Flyte 🦜and we want to deploy an MVP to AWS EKS, with s3 and RDS postgres. We are following the guide flyte-the-hard-way but we are stuck in the 05-deploy-with-helm.md. When we try to install flyte the pod throws the following error:
Copy code
/go/pkg/mod/gorm.io/gorm@v1.24.1-0.20221019064659-5dd2bb482755/gorm.go:206
[error] failed to initialize database, got error failed to connect to `host=***** user=flyteadmin database=flyteadmin`: server error (FATAL: no pg_hba.conf entry for host "172.32.101.12", user "flyteadmin", database "flyteadmin", no encryption (SQLSTATE 28000))
We have run this command to test the database connection:
Copy code
kubectl run pgsql-postgresql-client --rm --tty -i --restart='Never' --namespace testdb --image <http://docker.io/bitnami/postgresql:11.7.0-debian-10-r9|docker.io/bitnami/postgresql:11.7.0-debian-10-r9> --env='PGPASSWORD=<Password>' --command -- psql testdb --host <RDS-ENDPOINT-NAME> -U flyteadmin -d flyteadmin -p 5432
And works. The only difference is that when we run it asks for the password. Anyone knows what’s happening here?
r
We ran into this issue too. @Mike Morgan fixed this. We had to add options: sslmode=require to the config map
d
Hi @Marti Jorda Roca and @Rob Rati Thanks for using the guide and I'm sorry you've had this issue, my goal with the guide is that it works 99% of the time What version of PostgreSQL are you using in RDS?
also, is Encryption enabled?
r
For our RDS, yes. We have solved our issue with the sslmode option though.
d
got it, but you had to manually patch the configmap. I'd like to avoid this in the future. I'll try to reproduce and update the guide accordingly
r
To be clear though, we weren't following your guide I don't think. We followed this: https://docs.flyte.org/en/latest/deployment/deployment/cloud_production.html
But I think both end up with the same issue
d
oh ok, couple of questions to repro 1. Is your RDS an Aurora engine (postgres-compatible)? or pure PostgreSQL 2. What version of PostgreSQL? Thanks in advance
r
Ours is an auroa postgres DB, engine version 12.10
m
Hi thank you for your answers 😻 setting
sslmode=require
worked for me. We are using a RDS postgres 15.2 (no aurora)
g
so just to confirm, your
datacatalog-config
configmap looks like:
Copy code
apiVersion: v1
data:
  db.yaml: |
    database:
      dbname: datacatalog
      host: <Postgres host>
      options: sslmode=require
      port: 5432
      username: postgres
...
? Even when I set this, I still see the following in logs:
Copy code
{
  "json": {},
  "level": "fatal",
  "msg": "failed to connect to `host=<host> user=postgres database=flyteadmin`: server error (FATAL: no pg_hba.conf entry for host \"10.48.3.24\", user \"postgres\", database \"flyteadmin\", SSL off (SQLSTATE 28000))",
  "ts": "2023-08-07T17:22:38Z"
}
which makes me think the SSL key is not being read
d
@Gopal Vashishtha what chart are you using? Also, is your Postgres instance listening on that address?
g
1.5.0 and yes, I confirmed I can connect to postgres through sqladmin on that address
207 Views