Connecting to a database in a cluster PostgreSQL

Configuring an SSL certificate
Connection string
Automatic master host selection
- Using libpq
- With a driver that supports only one host

You can connect to Managed Service for PostgreSQL cluster hosts:

Over the internet, if you configured public access for the appropriate host. You can only connect to these hosts over an SSL connection.
From Yandex.Cloud virtual machines located in the same virtual network. If the host isn't publicly available, you don't need to use an SSL connection to connect to such VMs.

Note

If public access is only configured for certain hosts in your cluster, automatic master change may make the master unavailable over the internet.

Configuring an SSL certificate

PostgreSQL hosts with public access only support connections with an SSL certificate. You can prepare a certificate as follows:

$ mkdir ~/.postgresql
$ wget "https://storage.yandexcloud.net/cloud-certs/CA.pem" -O ~/.postgresql/root.crt
$ chmod 0600 ~/.postgresql/root.crt

Connection string

Connect to the database using the command psql.

To view an example of the command with the host FQDN filled in, open the cluster page in the management console and click Connect.

SSL

Without SSL

For hosts with public access, you can only connect over the internet with an SSL certificate.

$ psql "host=<DB host FQDN> \
        port=6432 \
        sslmode=verify-full \
        dbname=<DB name> \
        user=<DB user name>"

If you don't need to encrypt traffic within the virtual network when connecting to the database, you can connect to the database without an SSL connection. Pass the sslmode parameter with the disable value:

$ psql "host=<DB host FQDN> \
        port=6432 \
        sslmode=disable \
        dbname=<DB name> \
        user=<DB user name>"

Automatic master host selection

Using libpq

To guarantee a connection to the master host, specify the FQDNs of all the cluster hosts in the host argument and pass the target_session_attrs=read-write parameter. This parameter is supported by the libpq library starting from version 10:

psql "host=<host 1 FQDN>,<host 2 FQDN>,<host 3 FQDN> \
      port=6432 \
      sslmode=verify-full \
      dbname=<DB name> \
      user= \
      target_session_attrs=read-write"

To upgrade the library version used by the psql utility:

For Debian-based Linux distributions, install the postgresql-client-10 package (for example, using an APT repository).
For operating systems that use RPM packages, a PostgreSQL distribution is available from a YUM repository.

You can find the addresses of all the hosts in the DB cluster on the appropriate cluster page in the management console.

With a driver that supports only one host

If your database connection driver doesn't allow passing multiple hosts in the connection string (for example,pgx in Go), you can connect to a special host like c-<cluster ID>.rw.mdb.yandexcloud.net.

This domain name always indicates the current master in the cluster. For example, you can connect to the master of the cluster with the c9qash3nb1v9ulc8j9nm ID as follows:

$ psql "host=c-c9qash3nb1v9ulc8j9nm.rw.mdb.yandexcloud.net \
      port=6432 \
      sslmode=verify-full \
      dbname=<DB name> \
      user=<DB user name>"