Recovering Postgres Authentication

This section describes how to resolve recovering Postgres authentication issue.

Problem

The Postgres database is password protected. The passwords are stored as Kubernetes secrets. Also, the nodes in the Kubernetes cluster store the persisted data in the following location:

/data/<cee-namespace>/data-postgres-x.

You may encounter an authentication error while accessing Postgres database. A sample authentication error message is shown below:

2019-11-12 21:32:18.856 UTC [239] FATAL:  password authentication failed for user "replica_user"
2019-11-12 21:32:18.856 UTC [239] DETAIL:  Password does not match for user "replica_user".

The following are the probable causes for the authentication error:

  • The Kubernetes secrets are deleted.

  • The /data folder is corrupted.

Resolution

When the Kubernetes secrets are deleted

When you remove the CEE Ops Center deployment from the SMI Cluster Manager, the CEE namespace is also deleted. This action in turn deletes the secrets from the Kubernetes, which restricts access to the old database. Even when you have the CEE Ops Center deployed again, you will only have a new secret created and cannot restore the deleted secret.

To resolve this issue:

  • Delete the persisted database manually on the OAM nodes located here:

    /data/<cee-namespace>/data-postgres-x). or

  • Upgrade the deployed software of the network function. To upgrade, perform the following:

    1. Edit the default helm repository the software uses through NETCONF/RESTCONF or CLI.

      helm repository base-repos url  <url from the SMI deployer> 
      Example:
      helm repository base-repos url https://charts.10.192.1.101.nip.io/cee-2019-09-30
      Note
      The show system status command indicates the percentage of software upgrade process completed for the network function.

When the /data is corrupted

When the /data is corrupted, you must remove the /data to resolve the authentication error.