Doc Map

Configuring openGauss Parameters

Setting a Client Authentication Policy

The current default values for parameters in the openGauss configuration file (pg_hba.conf) are all in single-instance configuration mode. You can set application parameters by using gs_guc. For more configurations, see the Developer Guide.

Syntax

Set a client authentication policy and send semaphores to the database process.

gs_guc [ set | reload ] [-N NODE-NAME] [-I INSTANCE-NAME | -D DATADIR] -h "HOSTTYPE DATABASE USERNAME IPADDR-WITH-IPMASK AUTHMEHOD authentication-options option"

NOTE: authmehod-options supports the following options: trust: no authentication. Remote hosts are not allowed to access openGauss in trust mode. reject: access denied. md5, sha256, and cert: client certificate authentication. gss: kerberos authentication.

Command Reference

  • set:

    Modifies only parameters in the configuration file.

  • reload:

    Modifies parameters in the configuration file and sends semaphores to the database process for reloading the configuration file.

  • -N:

    Specifies the name of the host to be set.

    Value range: name of an existing host

    When this parameter is set to ALL, all the hosts in openGauss are to be set.

  • **-I **INSTANCE-NAME:

    Specifies the name of the instance to be set.

    Value range: name of an existing instance

    When this parameter is set to ALL, all the instances in the host are to be set.

  • -D:

    Specifies the openGauss instance path of the commands to be run. When the encrypt command is used, this parameter indicates the path for storing the generated password file.

    NOTE:

    • -D cannot be used together with -I.

  • **-h **host-auth-policy:

    Specifies the client authentication policy added to the pg_hba.conf configuration file.

    Value range:

    • HOSTTYPE DATABASE USERNAME IPADDR IPMASK [authmehod-options]
    • HOSTTYPE DATABASE USERNAME IPADDR-WITH-IPMASK [authmehod-options ]
    • HOSTTYPE DATABASE USERNAME HOSTNAME [authmehod-options ]

    HOSTTYPE is a mandatory parameter. Value range:

    • local
    • host
    • hostssl
    • hostnossl

    local is a Unix domain socket. host is a common or SSL-encrypted TCP/IP socket. hostssl is an SSL-encrypted TCP/IP socket. hostnossl is a TCP/IP-only socket.

    authmehod-options is an optional parameter. Value range:

    • trust
    • reject
    • md5
    • sha256
    • cert
    • gss

    For details about the parameters, see their description in the pg_hba.conf configuration file.

Examples

Set a client authentication policy.

gs_guc set -N all -I all -h "host replication testuser 10.252.95.191/32 sha256"

Total instances: 2. Failed instances: 0.
Success to perform gs_guc!

Configuring Parameters in Configuration Files

The current default values for parameters in the openGauss configuration file (postgresql.conf) are all in single-instance configuration mode. You can set application parameters by using gs_guc.

Syntax

  • Modify parameters in the configuration file (postgresql.conf).

    gs_guc set [-N NODE-NAME] [-I INSTANCE-NAME | -D DATADIR] -c "parameter = value"

  • Reset parameters to their default values.

    gs_guc [ set | reload ] [-N NODE-NAME] [-I INSTANCE-NAME | -D DATADIR] -c "parameter"

Command Reference

  • set:

    Modifies only parameters in the configuration file.

  • reload:

    Modifies parameters in the configuration file and sends semaphores to the database process for reloading the configuration file.

  • -N:

    Specifies the name of the host to be set.

    Value range: name of an existing host

    When this parameter is set to ALL, all the hosts in openGauss are to be set.

  • **-I **INSTANCE-NAME:

    Specifies the name of the instance to be set.

    Value range: name of an existing instance

    When this parameter is set to ALL, all the instances in the host are to be set.

  • -D:

    Specifies the openGauss instance path of the commands to be run. When the encrypt command is used, this parameter indicates the path for storing the generated password file.

    NOTE:

    • -D cannot be used together with -I.

  • -c parameter=value

    Specifies the name and value of the openGauss configuration parameter to be set.

    NOTE:

    • If the parameter is a string variable, use -c parameter="'value'" or -c “parameter** = 'value'”**.
    • When gs_guc set or reload is set to log_directory, the default value is restored and set to a specific data directory.

    Value range: all the parameters in the postgresql.conf file

  • -U, --keyuser=USER

Examples

Modify database node parameters. For example, modify the maximum number of connections allowed by a database to 800. The database must be restarted to make the change take effect.

gs_guc set -N all -I all -c "max_connections = 800"

Total instances: 21. Failed instances: 0.
Success to perform gs_guc!
Feedback
编组 3备份

您对 openGauss文档 的整体满意度如何?

0
0-不满意10-非常满意

0/500

感谢您的反馈,如需帮助可联系contact@opengauss.org

问题反馈

contact@opengauss.org

    openGauss 2024-05-05 00:44:49
    cancel