ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca
kikijolicoeur opened this issue · comments
What happened?
Hello
I prepare migration from patroni 3.0.2 (debian package) to 3.1.0 (debian package). According to my previous issue (#2973) , I uncomment ma ctl section with right value then I reloaded patroni (always in 3.0.2).
Since I dit that, I have a lot of the following errors in patroni systemd logs:
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Exception in thread Thread-1294198:
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Traceback (most recent call last):
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self.run()
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 865, in run
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._target(*self._args, **self._kwargs)
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3/dist-packages/patroni/api.py", line 886, in process_request_thread
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: request.do_handshake()
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/ssl.py", line 1150, in do_handshake
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._sslobj.do_handshake()
Dec 15 00:32:10 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1056)
How can we reproduce it (as minimally and precisely as possible)?
Using SSL both in restapi section (with optionnal) and ctl section with insecure: false or true
What did you expect to happen?
No SSL errors like when I was without ctl section.
Patroni/PostgreSQL/DCS version
- Patroni version: 3.0.2
- PostgreSQL version: 12
- DCS (and its version): etcd 3.5.9
- debian 10.13
Patroni configuration file
---
scope: "12-main"
namespace: "/postgresql/gam-fam-prod/"
name: "petcisdbpgha001.hosting.cegedim.cloud"
etcd3:
hosts: XXXXX:2379,XXXXX:2379,XXXXX:2379
protocol: https
cacert: "/etc/ssl/certs/cgdm-etcd.crt"
cert: "/etc/patroni/etcd_client.crt"
key: "/etc/patroni/etcd_client.key"
username: "XXXXXXX"
password: "XXXXXXX"
log:
level: DEBUG
traceback_level: DEBUG
format: '%(asctime)s %(levelname)s: %(message)s'
dateformat: ''
max_queue_size: 1000
dir: /var/log/patroni
file_num: 60
file_size: 25000000
loggers:
patroni.postmaster: WARNING
urllib3: WARNING
bootstrap:
# Custom bootstrap method
# The options --scope= and --datadir= are passed to the custom script by
# patroni and passed on to pg_createcluster by pg_createcluster_patroni
method: pg_createcluster
pg_createcluster:
command: /usr/bin/cgdm_paas_postgres_instance_patroni
# this section will be written into Etcd:/<namespace>/<scope>/config after initializing new cluster
# and all other cluster members will use it as a `global configuration`
dcs:
ttl: 60
loop_wait: 5
retry_timeout: 27
maximum_lag_on_failover: "10485760"
master_start_timeout: 300
synchronous_mode: false
synchronous_mode_strict: false
synchronous_node_count: 1
# standby_cluster:
# host: 127.0.0.1
# port: 1111
# primary_slot_name: patroni
postgresql:
use_pg_rewind: true
use_slots: true
#recovery_conf:
parameters:
wal_keep_segments: 64
wal_log_hints: on
wal_level: logical
hot_standby: on
max_replication_slots: 10
max_wal_senders: 10
track_commit_timestamp: off
max_worker_processes: 8
max_connections: 500
max_locks_per_transaction: 64
max_prepared_transactions: 0
logging_collector: on
log_directory: '/var/log/postgresql'
log_filename: 'postgresql-12-main.log'
cluster_name: '12-main'
data_directory: '/var/lib/postgresql/data/12/main'
log_line_prefix: '%t [%p]: [%l-1] db=%d,user=%u,app=%a,client=%h '
unix_socket_permissions: "0770"
log_destination: stderr
work_mem: 100MB
maintenance_work_mem: 1GB
# the following section (pg_hba) is written into /config key into ETCD. After that any node
# will take this value and write it into pg_hba.conf. Later, you can use patronictl edit-config to change pg_hba
# on all nodes in the cluster.
pg_hba:
- local all postgres peer
- local all r_itmonit peer
- local all all peer
- host all r_itdashboard 127.0.0.1/32 scram-sha-256
- host replication r_itreplicant 127.0.0.1/32 scram-sha-256
- host all r_itdba 10.255.0.0/21 scram-sha-256
- host all r_itmonit 0.0.0.0/0 scram-sha-256
- host all all XXXXX/24 scram-sha-256
- host all all XXXXX/24 scram-sha-256
- host replication r_itreplicant XXXXX/32 scram-sha-256
- host cgdm r_itrewind XXXXX/32 scram-sha-256
- host postgres r_itrewind XXXXX/32 scram-sha-256
- host replication r_itreplicant XXXXX/32 scram-sha-256
- host cgdm r_itrewind XXXXX/32 scram-sha-256
- host postgres r_itrewind XXXXX/32 scram-sha-256
- host cgdm all 0.0.0.0/0 reject
- host all all 0.0.0.0/0 scram-sha-256
users:
#r_itmonit:
# password: strong
# options:
# - createrole
#r_itdashboard:
# password: strong
# options:
# - login
# - createdb
#r_itdba:
# password: strong
# options:
# - superuser
# - login
#post_bootstrap:
postgresql:
database: cgdm
authentication:
superuser:
username: postgres
password:
replication:
username: "XXXXXX"
password: "XXXXXX"
rewind: # Has no effect on postgres 10 and lower
username: "XXXXX"
password: "XXXXX"
callbacks:
#on_start:
#on_stop:
#on_restart:
#on_reload:
#on_role_change:
connect_address: XXXXX:5432
config_dir: /etc/postgresql/12/main
data_dir: /var/lib/postgresql/data/12/main
bin_dir: /usr/lib/postgresql/12/bin
listen: "XXXXXX,127.0.0.1:5432"
use_unix_socket: true
pgpass: /var/lib/postgresql/12-main.pgpass
# custom_conf:
parameters:
unix_socket_directories: '/var/run/postgresql'
# Emulate default Debian/Ubuntu logging
logging_collector: 'on'
log_directory: '/var/log/postgresql'
log_filename: 'postgresql-12-main.log'
pg_ctl_timeout: 60
use_pg_rewind: true
remove_data_directory_on_rewind_failure: true
remove_data_directory_on_diverged_timelines: true
# Custom clone method
# The options --scope= and --datadir= are passed to the custom script by
# patroni and passed on to pg_createcluster by pg_clonecluster_patroni
create_replica_method:
- pg_clonecluster
pg_clonecluster:
command: /usr/bin/cgdm_clonecluster_patroni
pre_promote:
restapi:
listen: XXXXX:8008
connect_address: XXXXX:8008
certfile: /etc/patroni/server.crt
keyfile: /etc/patroni/server.key
#keyfile_password:
cafile: /etc/ssl/certs/cgdm-pgha.crt
#ciphers: “ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:!SSLv1:!SSLv2:!SSLv3:!TLSv1:!TLSv1.1”
verify_client: optional
# http_extra_headers:
# https_extra_headers:
# 'X-Frame-Options': 'SAMEORIGIN'
# 'X-XSS-Protection': '1; mode=block'
# 'X-Content-Type-Options': 'nosniff'
#
# authentication:
# username: username
#
ctl:
insecure: true
cacert: /etc/ssl/certs/cgdm-pgha.crt
certfile: /etc/patroni/server.crt
keyfile: /etc/patroni/server.key
watchdog:
mode: required
device: /dev/watchdog
safety_margin: 5
tags:
nofailover: false
noloadbalance: false
clonefrom: false
nosync: false
# specify a node to replicate from (cascading replication)
# replicatefrom: (node name)patronictl show-config
loop_wait: 5
master_start_timeout: 300
maximum_lag_on_failover: '10485760'
postgresql:
parameters:
archive_command: pgbackrest --stanza=gam-fam-prod-000001 archive-push %p
cluster_name: 12-main
data_directory: /var/lib/postgresql/data/12/main
hot_standby: true
log_destination: stderr
log_directory: /var/log/postgresql
log_filename: postgresql-12-main.log
log_line_prefix: '%t [%p]: [%l-1] db=%d,user=%u,app=%a,client=%h '
logging_collector: true
maintenance_work_mem: 1GB
max_connections: 500
max_locks_per_transaction: 64
max_prepared_transactions: 0
max_replication_slots: 10
max_wal_senders: 10
max_worker_processes: 8
track_commit_timestamp: false
unix_socket_permissions: '0770'
wal_keep_segments: 64
wal_level: logical
wal_log_hints: true
work_mem: 100MB
pg_hba:
- local all postgres peer
- local all r_itmonit peer
- local all all peer
- host all r_itdashboard 127.0.0.1/32 scram-sha-256
- host replication r_itreplicant 127.0.0.1/32 scram-sha-256
- host all r_itdba XXXXX55.0.0/21 scram-sha-256
- host all r_itmonit 0.0.0.0/0 scram-sha-256
- host all all XXXXX5.29.0/24 scram-sha-256
- host all all XXXXX2.25.0/24 scram-sha-256
- host replication r_itreplicant XXXXX9.4.74/32 scram-sha-256
- host cgdm r_itreplicant XXXXX9.4.74/32 scram-sha-256
- host cgdm r_itrewind XXXXX9.4.74/32 scram-sha-256
- host postgres r_itrewind XXXXX9.4.74/32 scram-sha-256
- host replication r_itreplicant XXXXX9.4.75/32 scram-sha-256
- host cgdm r_itreplicant XXXXX9.4.75/32 scram-sha-256
- host cgdm r_itrewind XXXXX9.4.75/32 scram-sha-256
- host postgres r_itrewind XXXXX9.4.75/32 scram-sha-256
- host cgdm all 0.0.0.0/0 reject
- host all all 0.0.0.0/0 scram-sha-256
use_pg_rewind: true
use_slots: true
retry_timeout: 27
synchronous_mode: false
synchronous_mode_strict: false
synchronous_node_count: 1
ttl: 60Patroni log files
journalctl -u patroni@12-main.service|less
-- Logs begin at Fri 2023-12-15 01:27:33 CET, end at Fri 2023-12-15 14:58:52 CET. --
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Exception in thread Thread-1298986:
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Traceback (most recent call last):
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self.run()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 865, in run
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._target(*self._args, **self._kwargs)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3/dist-packages/patroni/api.py", line 886, in process_request_thread
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: request.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/ssl.py", line 1150, in do_handshake
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._sslobj.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1056)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Exception in thread Thread-1299386:
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Traceback (most recent call last):
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self.run()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 865, in run
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._target(*self._args, **self._kwargs)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3/dist-packages/patroni/api.py", line 886, in process_request_thread
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: request.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/ssl.py", line 1150, in do_handshake
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._sslobj.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1056)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Exception in thread Thread-1299784:
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Traceback (most recent call last):
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self.run()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 865, in run
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._target(*self._args, **self._kwargs)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3/dist-packages/patroni/api.py", line 886, in process_request_thread
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: request.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/ssl.py", line 1150, in do_handshake
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._sslobj.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1056)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Exception in thread Thread-1300185:
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: Traceback (most recent call last):
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 917, in _bootstrap_inner
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self.run()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/threading.py", line 865, in run
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._target(*self._args, **self._kwargs)
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3/dist-packages/patroni/api.py", line 886, in process_request_thread
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: request.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: File "/usr/lib/python3.7/ssl.py", line 1150, in do_handshake
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: self._sslobj.do_handshake()
Dec 15 01:47:23 petcisdbpgha001.hosting.cegedim.cloud patroni@12-main[11251]: ssl.SSLError: [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1056)
grep -i ssl /var/log/patroni/patroni.log
2023-12-15 14:47:15,217 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:48:10,513 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:48:13,518 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:48:37,563 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:49:18,429 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:49:22,637 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:49:33,455 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:00,497 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:04,706 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:34,755 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:43,770 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:49,782 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:52,787 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:57,598 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:50:58,796 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:51:06,615 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:51:13,824 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:51:14,498 DEBUG: Failed to shutdown SSL connection: OSError(0, 'Error')
2023-12-15 14:52:12,729 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:52:40,983 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:52:50,464 DEBUG: Failed to shutdown SSL connection: OSError(0, 'Error')
2023-12-15 14:53:23,061 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:53:27,861 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:53:45,893 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:53:56,117 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:54:09,935 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:54:12,941 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:54:24,963 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:54:30,972 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')
2023-12-15 14:54:42,993 DEBUG: Failed to shutdown SSL connection: BrokenPipeError(32, 'Broken pipe')PostgreSQL log files
not a PostgreSQL issueHave you tried to use GitHub issue search?
- Yes
Anything else we need to know?
I tried to upgrade to patroni 3.1:
Same errors with SSL and 2 more errors with patronictl list on validation errors
root@pebelyspgha001:~# patronictl list|sed -e's/10.[0-9]/XXXX/'
2023-12-15 15:06:10,694 - WARNING - postgresql parameter cluster_name=12-main failed validation, defaulting to None
2023-12-15 15:06:10,694 - WARNING - postgresql parameter max_prepared_transactions=0 failed validation, defaulting to 0
- Cluster: 12-main --------------------+---------------+---------+-----------+----+-----------+
| Member | Host | Role | State | TL | Lag in MB |
+--------------------------------------+---------------+---------+-----------+----+-----------+
| pebelyspgha001.hosting.cegedim.cloud | XXXX9.132.140 | Leader | running | 60 | |
| pebelyspgha002.hosting.cegedim.cloud | XXXX9.132.141 | Replica | streaming | 60 | 0 |
+--------------------------------------+---------------+---------+-----------+----+-----------+
Best regards
Since I dit that, I have a lot of the following errors in patroni systemd logs:
What is making these requests? The thing is that TLSV1_ALERT_UNKNOWN_CA error literally means Client connected using a cert that was signed by a CA unknown to the server.
Are you sure that client that connects to REST API has a valid client certificate?
I'm so sorry, there was an issue with our infrastructure (bad path on ca, key and certificate to call patroni). So this issue is fixed.
Thanks.
but, the issue about validation parameters is always here in patroni 3.1.0:
oot@pebelyspgha001:~# patronictl list
2023-12-15 15:06:10,694 - WARNING - postgresql parameter cluster_name=12-main failed validation, defaulting to None
2023-12-15 15:06:10,694 - WARNING - postgresql parameter max_prepared_transactions=0 failed validation, defaulting to 0
What about this 2 warnings, can I ignore it safely ?
can I ignore it safely ?
Yes. Or better upgrade to the latest version (3.2.1).
Many thanks.
I use debian package (apt.postgresql.org) so I have no choice for choose the patroni latest version. Perhaps should I change and use pip to install patroni.
Best regards