The Issue
I’m running an aws ssm port forwarding session inside a docker container which establishes a connection to a remote postgresql db. The container port maps to my localhost on port 5432. When I attempt to connect with the psql client, I get the following error:
psql: error: connection to server at "127.0.0.1", port 5432 failed: server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.
Problem Setup and Debugging:
My local machine is mac m1
. Running psql client 14.11
.
netstat -an | grep LISTEN | grep 5432
echo $?
> 1
[container] Docker container is running as follows:
docker run --rm -it -p 5432:5432
--entrypoint=/bin/bash
-v ~/.aws:/home/connect/.aws
<image_name:version>
### The docker image i'm running is a debian-based
### ruby image which has some added gems and psql and mysql clients
# I then start an aws ssm session
aws ssm start-session --profile <PROFILE>
--region <REGION> --target <INSTANCE_ID>
--document-name AWS-StartPortForwardingSessionToRemoteHost
--parameters host=<HOSTNAME>,portNumber=5432,localPortNumber=5432
[local machine]Then I ensure that the container is listening on the port:
netstat -an | grep LISTEN | grep 5432
>tcp46 0 0 *.5432 *.* LISTEN
Try to establish a connection:
psql -h 127.0.0.1 -p 5432 -U <USER> -d <DB_NAME> -W
Password:
> psql: error: connection to server at "127.0.0.1", port 5432 failed: server closed the connection unexpectedly
This probably means the server terminated abnormally
before or while processing the request.
Other things I’ve tried:
- Tried variety of ports (5430, 5433, 353432, …); no effect,
- Also tried
localhost
,127.0.0.1
, and0.0.0.0
; same results, - As a test, I’ve port mapped 8080 and ran an apache2 server inside the container and was able to reach the main page on my local browser so port mapping works as expected,
- I tried running the aws ssm port-forwarding session directly on my local; I was successfully able to connect via the psql client. That eliminates any issues relating to AWS IAM permissions or security groups,
Conclusion
I’m suspecting an issue/bug with psql mac client or docker. If anyone can confirm they’re getting the same behavior or have ideas on how I can further debug/narrow down this issue that would be of great help!
Update
Looks like it’s a bug in ssm. It behaves differently inside a container and does not trigger a listener on the port: https://github.com/aws/session-manager-plugin/issues/14
2
Answers
Turns out this is a bug in ssm that prevents a listener from listening on a docker port: https://github.com/aws/session-manager-plugin/issues/14
The workaround is to change the following line in
/etc/hosts
to
psql -h 127.0.0.1 -p 5432 -U -d <DB_NAME> -W
can you try running this using sudo
this issue is because of the user in which you are trying to use psql has not been added to psql usergroup, when you install psql and client by default it creates a user and group, try once with sudo
reference link:
https://www.redhat.com/sysadmin/postgresql-setup-use-cases