Google 云计算,PostgreSQL
Google Cloud Compute , PostgreSQL
通过 Whosebug 上的所有链接,我已经在计算实例上安装并设置了 postgresql。它启动了 运行 下面的配置 -
pg_hba.conf --
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 ident
host all all 0.0.0.0/0 md5
-bash-4.2$ cat postgresql.conf | grep listen
listen_addresses = '*' # what IP address(es) to listen on;
我在侦听 IP 和 pg_hba.conf 更改后重新启动。 Post 服务已启动并且 运行 -
[xxxxxxx_gmail_com@python-postgres ~]$ sudo systemctl status postgresql-9.4
postgresql-9.4.service - PostgreSQL 9.4 database server
Loaded: loaded (/usr/lib/systemd/system/postgresql-9.4.service; enabled)
Active: active (running) since Wed 2015-02-18 13:07:55 UTC; 12min ago
[xxxxxxx_gmail_com@python-postgres ~]$ netstat -a --numeric-ports | grep 5432
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp6 0 0 [::]:5432 [::]:* LISTEN
unix 2 [ ACC ] STREAM LISTENING 108412 /tmp/.s.PGSQL.5432
端口仍然在外部不可见,我无法使用 PGadmin3 连接到数据库。
Starting Nmap 6.40 ( http://nmap.org ) at 2015-02-18 13:23 UTC
Nmap scan report for 11x.21x.15x.10x.bc.googleusercontent.com (10x.15x.21x.11x)
Host is up (0.0013s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-wbt-server
对此有什么想法吗?
谢谢,
马尼什
您没有提到有关在计算实例上设置防火墙的任何内容。根据 Google Compute Engine documentation :
By default, all incoming traffic from outside a network is blocked and no packet is allowed into an instance without an appropriate firewall. To allow incoming network traffic, you need to set up firewalls to permit these connections. Each firewall represents a single rule that determines what traffic is permitted into the network.
因此,您至少必须设置一个防火墙,并在端口 5432 上打开传入流量。查看 This documentation 并注意,通常平台防火墙对托管实例来说是不可见的。
使用命令 -
gcloud compute firewall-rules create postgres --allow tcp:5432 icmp
通过 Whosebug 上的所有链接,我已经在计算实例上安装并设置了 postgresql。它启动了 运行 下面的配置 -
pg_hba.conf --
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 ident
host all all 0.0.0.0/0 md5
-bash-4.2$ cat postgresql.conf | grep listen
listen_addresses = '*' # what IP address(es) to listen on;
我在侦听 IP 和 pg_hba.conf 更改后重新启动。 Post 服务已启动并且 运行 -
[xxxxxxx_gmail_com@python-postgres ~]$ sudo systemctl status postgresql-9.4
postgresql-9.4.service - PostgreSQL 9.4 database server
Loaded: loaded (/usr/lib/systemd/system/postgresql-9.4.service; enabled)
Active: active (running) since Wed 2015-02-18 13:07:55 UTC; 12min ago
[xxxxxxx_gmail_com@python-postgres ~]$ netstat -a --numeric-ports | grep 5432
tcp 0 0 0.0.0.0:5432 0.0.0.0:* LISTEN
tcp6 0 0 [::]:5432 [::]:* LISTEN
unix 2 [ ACC ] STREAM LISTENING 108412 /tmp/.s.PGSQL.5432
端口仍然在外部不可见,我无法使用 PGadmin3 连接到数据库。
Starting Nmap 6.40 ( http://nmap.org ) at 2015-02-18 13:23 UTC
Nmap scan report for 11x.21x.15x.10x.bc.googleusercontent.com (10x.15x.21x.11x)
Host is up (0.0013s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp closed http
443/tcp closed https
3389/tcp closed ms-wbt-server
对此有什么想法吗?
谢谢, 马尼什
您没有提到有关在计算实例上设置防火墙的任何内容。根据 Google Compute Engine documentation :
By default, all incoming traffic from outside a network is blocked and no packet is allowed into an instance without an appropriate firewall. To allow incoming network traffic, you need to set up firewalls to permit these connections. Each firewall represents a single rule that determines what traffic is permitted into the network.
因此,您至少必须设置一个防火墙,并在端口 5432 上打开传入流量。查看 This documentation 并注意,通常平台防火墙对托管实例来说是不可见的。
使用命令 -
gcloud compute firewall-rules create postgres --allow tcp:5432 icmp