Configuring a Data Source in the Linux OS

The ODBC DRIVER (gsqlodbcw.so) provided by GaussDB can be used after it has been configured in a data source. To configure a data source, you must configure the odbc.ini and odbcinst.ini files on the server. The two files are generated during the unixODBC compilation and installation, and are saved in the /usr/local/etc directory by default.

Procedure

Obtain the source code package of unixODBC by clicking the following link:

Download address: https://www.unixodbc.org/unixODBC-2.3.7.tar.gz.

After the download, verify the integrity based on the integrity verification algorithm provided by the community. Download https://www.unixodbc.org/unixODBC-2.3.7.tar.gz.md5, view the MD5 value, and check whether the MD5 value is the same as that in the source code package.
Install unixODBC. It does not matter if unixODBC of another version has been installed.
For example, install unixODBC-2.3.7.
```
tar zxvf unixODBC-2.3.7.tar.gz
cd unixODBC-2.3.7

./configure --enable-gui=no # To perform compilation on an Arm server, add the configure parameter --build=aarch64-unknown-linux-gnu.
make
# The installation may require root permissions.
make install
```
- Currently, unixODBC-2.2.1 is not supported.
- It is installed in the /usr/local directory by default. The data source file is generated in the /usr/local/etc directory, and the library file is generated in the /usr/local/lib directory.
- You can compile unixODBC with the --enable-fastvalidate=yes option to achieve higher performance. However, this option may cause an application that passes an invalid handle to the ODBC API to fail instead of returning an SQL_INVALID_HANDLE error.
Replace the GaussDB client driver.

Decompress GaussDB-Kernel_Database version number_OS version number_64bit_Odbc.tar.gz. After the decompression, the lib and odbc folders are generated. The odbc folder contains another lib folder. Copy all dynamic libraries in the /lib and /odbc/lib folders to the /usr/local/lib directory.

Configure a data source.

Configure the ODBC driver file.

Add the following content to the /usr/local/etc/odbcinst.ini file:

[GaussMPP]
Driver64=/usr/local/lib/gsqlodbcw.so
setup=/usr/local/lib/gsqlodbcw.so

For descriptions of the parameters in the odbcinst.ini file, see Table 1.

**Table 1** odbcinst.ini configuration parameters
Parameter	Description	Example
[DriverName]	Driver name, corresponding to Driver in DSN.	[DRIVER_N]
Driver64	Path of the dynamic driver library.	Driver64=/usr/local/lib/gsqlodbcw.so
setup	Driver installation path, which is the same as the dynamic library path in Driver64.	setup=/usr/local/lib/gsqlodbcw.so

Configure the data source file.

Add the following content to the /usr/local/etc/odbc.ini file:

[gaussdb]
Driver=GaussMPP
Servername=127.0.0.1 # Database server IP address
Database=db1 # Database name
Username=omm  # Database username
Password=  # Database user password
Port=8000 # Database listening port
Sslmode=allow

For descriptions of the parameters in the odbc.ini file, see Table 2.

**Table 2** odbc.ini configuration parameters
Parameter	Description	Example
[DSN]	Data source name.	[gaussdb]
Driver	Driver name, corresponding to DriverName in odbcinst.ini.	Driver=DRIVER_N
Servername	Server IP address. Multiple IP addresses can be configured. Both IPv4 and IPv6 are supported.	Servername=127.0.0.1
Database	Name of the database to connect.	Database=db1
Username	Database username.	Username=omm
Password	Database user password. NOTE: After a user establishes a connection, the ODBC driver automatically clears their password stored in memory. However, if this parameter is configured, unixODBC will cache data source files, which may cause the password to be stored in the memory for a long time. When you connect to an application, you are advised to send your password through an API instead of writing it in a data source configuration file. After the connection has been established, immediately clear the memory segment where your password is stored. CAUTION: The password in the configuration file must comply with the following HTTP rules: Characters must comply with the URL encoding specifications. For example, the exclamation mark (!) must be written as %21, and the percent sign (%) must be written as %25. Therefore, pay attention to the characters. A plus sign (+) will be replaced by a space.	Password=********
Port	Port number of the server. When load balancing is enabled, multiple port numbers can be configured and must correspond to multiple IP addresses. If multiple IP addresses are configured and only one port number is configured when load balancing is enabled, all IP addresses share the same port number by default, that is, the configured port number.	Port=8000
Sslmode	Specifies whether to enable SSL.	Sslmode=allow
Debug	If this parameter is set to 1, the mylog file of the gsqlODBC driver will be printed. The directory generated for storing logs is /tmp/. If this parameter is set to 0, no directory is generated.	Debug=1
UseServerSidePrepare	Specifies whether to enable the extended query protocol for the database. The value can be 0 or 1. The default value is 1, indicating that the extended query protocol is enabled.	UseServerSidePrepare=1
UseBatchProtocol	Specifies whether to enable the batch query protocol. If it is enabled, DML performance can be improved. The value can be 0 or 1 (default). If this parameter is set to 0, the batch query protocol is disabled (mainly for communication with earlier database versions). If this parameter is set to 1 and support_batch_bind is set to on, the batch query protocol is enabled.	UseBatchProtocol=1
ForExtensionConnector	This parameter specifies whether the savepoint is sent. The default value is 1. If the value is 0, the savepoint is sent. If the value is 1, the savepoint is not sent.	ForExtensionConnector=1
ConnectionExtraInfo	Specifies whether to display the driver deployment path and process owner in the GUC parameter connection_info. NOTE: The default value is 0. If this parameter is set to 1, the ODBC driver reports the driver deployment path and process owner to the database and displays the information in the GUC parameter connection_info. In this case, you can query the information from PG_STAT_ACTIVITY or PGXC_STAT_ACTIVITY.	ConnectionExtraInfo=1
BoolAsChar	If this parameter is set to Yes, the Boolean value is mapped to the SQL_CHAR type. If this parameter is not set, the value is mapped to the SQL_BIT type. The default value is Yes.	BoolsAsChar = Yes
RowVersioning	When an attempt is made to update a row of data, setting this parameter to Yes allows the application to detect whether the data has been modified by other users. The default value is No.	RowVersioning=Yes
ShowSystemTables	If the value is Yes, the driver regards the system catalog as a common SQL table by default. The default value is No.	ShowSystemTables=Yes
AutoBalance	Specifies whether ODBC controls load balancing. The default value is 0, indicating that the function is disabled. 1 indicates that the function is enabled. That is, all values except 1 do not take effect. IPv6 does not support load balancing.	AutoBalance=1
RefreshCNListTime	Specifies the interval for refreshing the CN list. The value is an integer and the default value is 10, in seconds. This parameter can be configured when load balancing is enabled.	RefreshCNListTime=5
Priority	This parameter can be configured when load balancing is enabled. The default value is 0, indicating that the function is disabled. 1 indicates that the function is enabled. That is, all values except 1 do not take effect. When Priority is enabled, all connections initiated by applications are preferentially sent to the CNs configured in the configuration file. If all the configured CNs are unavailable, the connections are sent to the remaining CNs.	Priority=1
UsingEip	This parameter can be configured when load balancing is enabled. The default value is 0, indicating that the function is disabled. 1 indicates that the function is enabled. That is, all values except 1 do not take effect. This value specifies whether to use an elastic IP address for load balancing. If UsingEip is enabled, the elastic IP address is used for load balancing. If UsingEip is disabled, the data IP address is used for load balancing.	UsingEip=1
MaxCacheQueries	Controls the number of prepared statements cached for each connection. If this parameter is set to 0, the prepared statement cache pool is disabled on the client. If this parameter is set to a value greater than 4096, the value 4096 is used. If the number of executed statements exceeds the upper limit specified by MaxCacheQueries, the least recently used statements are eliminated. The default value is 0.	MaxCacheQueries=128
MaxCacheSizeMiB	Controls the total size of prepared statements cached for each connection. This parameter takes effect when the value of MaxCacheQueries is greater than 0. If the total size of cached statements is greater than the value of MaxCacheSizeMiB, the least recently used statements are eliminated. If this parameter is set to a value greater than 4096, the value 4096 is used. The unit is MB. The default value is 1.	MaxCacheSizeMiB=10
TcpUserTimeout	Specifies the maximum duration for which transmitted data can remain unacknowledged before the TCP connection is forcibly closed on an OS that supports the TCP_USER_TIMEOUT socket option. 0 indicates that the default value is used. Ignore this parameter for UDS connections. The unit is millisecond. The default value is 0.	TcpUserTimeout=5000
TextAsLongVarchar	If TextAsLongVarchar is set to 1, the text type on the kernel side is mapped to the SQL_LONGVARCHAR type on the driver side. If TextAsLongVarchar is set to 0, the text type on the kernel side is mapped to the SQL_VARCHAR type on the driver side. The default value is 1.	TextAsLongVarchar=1
MaxLongVarcharSize	Maximum length of the SQL_LONGVARCHAR type on the driver side. The default value is 8190.	MaxLongVarcharSize=8190
MaxVarcharSize	Maximum length of the SQL_VARCHAR type on the driver side. The default value is 255.	MaxVarcharSize=255

Table 3 sslmode options describes the valid values of Sslmode.

**Table 3** sslmode options
sslmode	Whether SSL Encryption Is Enabled	Description
disable	No	SSL connection is not enabled.
allow	Possible	If the database server requires SSL connection, SSL connection can be enabled. However, authenticity of the database server will not be verified.
prefer	Possible	If the database supports SSL connection, SSL connection is preferred. However, authenticity of the database server will not be verified.
require	Yes	SSL connection is required and data is encrypted. However, authenticity of the database server will not be verified.
verify-ca	Yes	SSL connection is required and whether the database has a trusted certificate will be verified.
verify-full	Yes	SSL connection is required. In addition to the check scope specified by verify-ca, the system checks whether the name of the host where the database resides is the same as that in the certificate. If they are different, modify the /etc/hosts file as user root and add the IP address and host name of the connected database node to the file. NOTE: This mode does not support the default certificate of the product. Contact the administrator to generate a certificate.

Enable the SSL mode. For details, contact the database administrator.
Configure the database server. For details, contact the database administrator.

Configure the environment variables on the client.

vim ~/.bashrc

Add the following information to the configuration file:

export LD_LIBRARY_PATH=/usr/local/lib/:$LD_LIBRARY_PATH
export ODBCSYSINI=/usr/local/etc
export ODBCINI=/usr/local/etc/odbc.ini

Run the following command to validate the addition:
```
source ~/.bashrc
```

Verifying the Data Source Configuration

After the installation, the generated binary file is stored in the /usr/bin directory. You can run the isql -v gaussdb command (gaussdb is the data source name).

If the following information is displayed, the configuration is correct and the connection succeeds:

+---------------------------------------+
| Connected!                            |
|                                       |
| sql-statement                         |
| help [tablename]                      |
| quit                                  |
|                                       |
+---------------------------------------+

If error information is displayed, the configuration is incorrect. Check the configuration.
In a cluster environment, you need to copy and configure the unixODBC file on all nodes.

FAQs

[UnixODBC][Driver Manager]Can't open lib 'xxx/xxx/gsqlodbcw.so' : file not found.
Possible causes:
- The path configured in the odbcinst.ini file is incorrect.
  Run ls to check the path in the error information, ensuring that the gsqlodbcw.so file exists and you have execution permissions on it.
- The dependent library of gsqlodbcw.so does not exist or is not in system environment variables.
  Run the ldd command to check the path in the error information. If the unixODBC library such as libodbc.so.1 is missing, reconfigure unixODBC according to the procedure, ensure that the lib directory in the installation path is added to LD_LIBRARY_PATH. If the problem persists after reinstallation, manually copy the content in the unixodbc/lib directory of the database installation package to the lib directory in the installation path of the unixODBC. If other libraries do not exist, add the lib directory under the ODBC driver package to LD_LIBRARY_PATH. If other standard libraries are missing, install them.
[UnixODBC]connect to server failed: no such file or directory
Possible causes:
- An incorrect or unreachable database IP address or port was configured.
  Check the Servername and Port configuration items in data sources.
- Server monitoring is improper.
  If Servername and Port are correctly configured, ensure the proper network adapter and port are monitored by following the database server configurations in the procedure in this section.
- Firewall and network gatekeeper settings are improper.
  Check firewall settings, and ensure that the database communication port is trusted.
  
  Check to ensure network gatekeeper settings are proper (if any).
[unixODBC]The password-stored method is not supported.
Possible causes:

The sslmode configuration item is not configured in the data sources.

Solution:

Set the configuration item to allow or a higher level. For details, see Table 3.
Server common name "xxxx" does not match host name "xxxxx"
Possible causes:

When verify-full is used for SSL encryption, the driver checks whether the host name in certificates is the same as the actual one.

Solution:

To solve this problem, use verify-ca to stop checking host names, or generate a set of server certificates containing the actual host names.
Driver's SQLAllocHandle on SQL_HANDLE_DBC failed
Possible causes:

The executable file (such as the isql of unixODBC) and the database driver (gsqlodbcw.so) depend on different library versions of ODBC, such as libodbc.so.1 and libodbc.so.2. You can verify this problem by using the following method:
```
ldd `which isql` | grep odbc
ldd gsqlodbcw.so | grep odbc
```
If the suffix digits of the outputs libodbc.so are different or indicate different physical disk files, this problem exists. Both isql and gsqlodbcw.so require libodbc.so to be loaded. If they load different physical files, two sets of function lists with the same name are generated in a visible domain (the libodbc.so.* function export lists of unixODBC are the same). This results in conflicts and the database driver cannot be loaded.

Solution:

Uninstall the unnecessary unixODBC, such as libodbc.so.2, and create a soft link with the same name and the .so.2 suffix for the remaining libodbc.so.1 library.
FATAL: Forbid remote connection with trust method!
For security purposes, the database CN forbids access from other nodes in the cluster without authentication.

To access the CN from inside the cluster, deploy the ODBC program on the host where the CN is located and use 127.0.0.1 as the server address. It is recommended that the service system be deployed outside the cluster. If it is deployed inside, database performance may be affected.
[unixODBC][Driver Manager]Invalid attribute value
This problem occurs when you use SQL on other GaussDB. The possible cause is that the unixODBC version is not the recommended one. You are advised to run the odbcinst --version command to check the unixODBC version.
authentication method 10 not supported.
If this error occurs on an open-source client, the cause may be:

The database stores only the SHA-256 hash of the password, but the open-source client supports only MD5 hashes.
- The database stores the hashes of user passwords instead of actual passwords.
- If a password is updated or a user is created, both types of hashes will be stored, compatible with open-source authentication protocols.
- An MD5 hash can only be generated using the original password, but the password cannot be obtained by reversing its SHA-256 hash. Passwords in the source version will only have SHA-256 hashes and not support MD5 authentication.
- The MD5 encryption algorithm has lower security and poses security risks. Therefore, you are advised to use a more secure encryption algorithm.
To solve this problem, you can update the user password (see ALTER USER) or create a user (see CREATE USER) having the same permissions as the faulty user.
unsupported frontend protocol 3.51: server supports 1.0 to 3.0
The database version is too early or the database is an open-source database. Use the driver of the required version to connect to the database.
FATAL: GSS authentication method is not allowed because XXXX user password is not disabled.
In gs_hba.conf of the target CN, the authentication mode is set to gss for authenticating the IP address of the current client. However, this authentication algorithm cannot authenticate clients. Change the authentication algorithm to sha256 and try again. For details, see 6.
isql: error while loading shared libraries:xxx
The dynamic library does not exist in the environment. You need to install the corresponding library.