You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm mounting the certificates in a volumeMount in the path ~/.postgresql as documented here.
This configuration works fine without the SSL configuration but it seems like there is a lack of documentation when it comes to using SSL to connect to postgres.
Current behavior
When I use the URL above, The prefect-server pod fails with the following error:
File "/usr/local/lib/python3.8/site-packages/sqlalchemy/engine/default.py", line 615, in connect
return self.loaded_dbapi.connect(*cargs, **cparams)
File "/usr/local/lib/python3.8/site-packages/sqlalchemy/dialects/postgresql/asyncpg.py", line 916, in connect
await_only(creator_fn(*arg, **kw)),
TypeError: connect() got an unexpected keyword argument 'sslmode'
Application startup failed. Exiting.
According to this issue, the key ssl should be used instead of sslmode but still failing this time with the error:
return self.loaded_dbapi.connect(*cargs, **cparams)
File "/usr/local/lib/python3.8/site-packages/sqlalchemy/dialects/postgresql/asyncpg.py", line 916, in connect
await_only(creator_fn(*arg, **kw)),
TypeError: connect() got an unexpected keyword argument 'sslrootcert'
Desired behavior
Prefect should be able to parse the arguments from the URL and attempt an SSL connection with Postgresql using certificates.
The documentation should illustrate how to configure correctly connections to psql using SSL.
I'm using the version: 2023.03.30 of the helm chart.
How can I configure Prefect to use an SSL connection with Postgresql using certificates?
First I needed to configure prefect to mount the certificate to the root certificate in /home/prefect/.postgresql that way it can be found by asyncpg. This is the default location according to the postgres documentation.
The connection string should have the following format:
postgresql+asyncpg://user:pass@mydb-host.us-west-2.rds.amazonaws.com/dbname?ssl=verify-ca notice the argument ssl=verify-ca, that argument will require a file with the name root.crt holding the ca certificate for the database.
Summary
I'm trying to connect with Prefect, I passing a URL with the following format to the secret documented here:
I'm mounting the certificates in a
volumeMount
in the path~/.postgresql
as documented here.This configuration works fine without the SSL configuration but it seems like there is a lack of documentation when it comes to using SSL to connect to postgres.
Current behavior
When I use the URL above, The prefect-server pod fails with the following error:
According to this issue, the key
ssl
should be used instead ofsslmode
but still failing this time with the error:Desired behavior
Prefect should be able to parse the arguments from the URL and attempt an SSL connection with Postgresql using certificates.
The documentation should illustrate how to configure correctly connections to psql using SSL.
I'm using the version:
2023.03.30
of the helm chart.How can I configure Prefect to use an SSL connection with Postgresql using certificates?
Thanks!
This issue can be related to sqlalchemy/sqlalchemy#6275 and tortoise/tortoise-orm#1376
The text was updated successfully, but these errors were encountered: