New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Postgres Storage Backend Connection Failure #12415
Comments
I ran into the same issue here quite strange that it happens everytime when the Azure Postgres Database is restarted, the broken connections are lingering around and not evicted. I ended up testing the same scenario locally as well as other cloud providers, i.e. AWS and don't see this symptom. The PR seems to explain the part that the new TLS error was introduced and the additional error handling in the lib/pq but why the symptom did not happen everywhere else? |
Running some tests and now I can see why it only occurs in Azure, it looks like when the connections are closed in Azure, they are closed in quite an odd way, there was no FIN message to notify client to close the connections. I see that this commit still serves its purpose to introduce the In the scenario where FIN message is received and the read function returns with the error type of https://github.com/lib/pq/blob/v1.8.0/error.go#L498-L503 It receives https://github.com/lib/pq/blob/v1.8.0/conn.go#L609-L637 It is also an interesting note that when the connections are closed off with FIN, the https://github.com/lib/pq/pull/1013/files It is odd when I see Azure Postgres keeps closing the connections this way, hope that someone will let them know where the underlying cause of this odd symptom is from exactly and get it fixed but the update to the newer version of |
Describe the bug
We've encountered an issue when using TLS enabled postgres connections using
Azure Database for PostgreSQL
w/ golang 1.15 or newer and lib/pq versions prior to v1.9.0. When this issue occurs, connections will fail, but not be purged from the lib/pq pool and will continue to be used by the Vault unsuccessfully until Vault is restarted.When this error occures we're able to SSH into the
vaultLeaderNode
and successfully establish connections to thepostgresNode:5432
showing that new connections can be established without issue.Expected behavior
The connection pool should recover from failed connections.
Environment:
vault status
): 1.7.2Vault server configuration file(s):
Additional context
It may be prudent to also allow operators to configure the Postgres
SetConnMaxLifetime
similar to howSetMaxOpenConns
andSetMaxIdleConns
can be configured.The text was updated successfully, but these errors were encountered: