我一直在尝试使用ODBC驱动程序通过代理连接到Snowflake,但到目前为止无法这样做。我正在使用HAProxy进行此操作。
这是从odbc.ini
那里配置的DSN:
[ODBC Data Sources]
SnowflakeDSII = Snowflake
[SnowflakeDSII]
Server = <account>.<region>.snowflakecomputing.com
Port = 443
UID = <username>
PWD = <password>
Schema =
Warehouse =
Driver = /opt/snowflake/snowflakeodbc/lib/universal/libSnowflake.dylib
Description = Snowflake DSII
Locale = en-US
Tracing = 0
proxy = http://127.0.0.1:8000
这是我的HAProxy配置:
global
log stdout format raw local0 info
defaults
log global
# timeouts
timeout connect 3600s
timeout client 3600s
timeout server 3600s
maxconn 4000
frontend snowflake_proxy
mode tcp
option tcplog
bind 0.0.0.0:8000
default_backend snowflake
backend snowflake
mode tcp
option tcp-check
server server0 <account>.<region>.snowflakecomputing.com:443 check
在运行iodbctest
时,我看到此错误:
OOB curl_easy_perform() failed: Failure when receiving data from the peer
1: SQLDriverConnect = [Snowflake][Snowflake] (4)
REST request for URL https://<account>.<region>.snowflakecomputing.com:443/session/v1/login-request?requestId=0fe536ed-4d6c-4858-b468-52a6757248a7&request_guid=5477913c-989a-4da3-bbbc-b62a68391749 failed: CURLerror (curl_easy_perform() failed) - code=56 msg='Failure when receiving data from the peer' osCode=36 osMsg='Operation now in progress'.
(4) SQLSTATE=HY000
1: ODBC_Connect = [Snowflake][Snowflake] (4)
REST request for URL https://<account>.<region>.snowflakecomputing.com:443/session/v1/login-request?requestId=0fe536ed-4d6c-4858-b468-52a6757248a7&request_guid=5477913c-989a-4da3-bbbc-b62a68391749 failed: CURLerror (curl_easy_perform() failed) - code=56 msg='Failure when receiving data from the peer' osCode=36 osMsg='Operation now in progress'.
(4) SQLSTATE=HY000
我还尝试将HAProxy配置为仅充当简单的HTTP代理。这是我的HAProxy配置:
global
log stdout format raw local0 info
defaults
log global
# timeouts
timeout connect 3600s
timeout client 3600s
timeout server 3600s
maxconn 4000
frontend snowflake_proxy
mode http
option httplog
bind 0.0.0.0:8000
default_backend snowflake
backend snowflake
mode http
option http-server-close
option http_proxy
使用上面的HAProxy配置,我看到此错误:
OOB curl_easy_perform() failed: Failure when receiving data from the peer
1: SQLDriverConnect = [Snowflake][Snowflake] (4)
REST request for URL https://<account>.<region>.snowflakecomputing.com:443/session/v1/login-request?requestId=01ccf8d9-895b-47d1-9102-41f7524ec436&request_guid=773e75b3-9137-4862-a5e1-3bf49e076a1d failed: CURLerror (curl_easy_perform() failed) - code=56 msg='Failure when receiving data from the peer'.
(4) SQLSTATE=HY000
1: ODBC_Connect = [Snowflake][Snowflake] (4)
REST request for URL https://<account>.<region>.snowflakecomputing.com:443/session/v1/login-request?requestId=01ccf8d9-895b-47d1-9102-41f7524ec436&request_guid=773e75b3-9137-4862-a5e1-3bf49e076a1d failed: CURLerror (curl_easy_perform() failed) - code=56 msg='Failure when receiving data from the peer'.
(4) SQLSTATE=HY000
从HAProxy的日志中:
127.0.0.1:64824 [31/Jan/2020:13:28:19.888] snowflake_proxy snowflake/<NOSRV> -1/-1/-1/-1/0 400 211 - - PR-- 1/1/0/0/3 0/0 "CONNECT <account>.<region>.snowflakecomputing.com:443 HTTP/1.1"
127.0.0.1:64825 [31/Jan/2020:13:28:21.890] snowflake_proxy snowflake/<NOSRV> -1/-1/-1/-1/0 400 211 - - PR-- 1/1/0/0/3 0/0 "CONNECT <account>.<region>.snowflakecomputing.com:443 HTTP/1.1"
127.0.0.1:64826 [31/Jan/2020:13:28:25.894] snowflake_proxy snowflake/<NOSRV> -1/-1/-1/-1/0 400 211 - - PR-- 1/1/0/0/3 0/0 "CONNECT <account>.<region>.snowflakecomputing.com:443 HTTP/1.1"
127.0.0.1:64829 [31/Jan/2020:13:28:33.898] snowflake_proxy snowflake/<NOSRV> -1/-1/-1/-1/0 400 211 - - PR-- 1/1/0/0/3 0/0 "CONNECT <account>.<region>.snowflakecomputing.com:443 HTTP/1.1"
127.0.0.1:64830 [31/Jan/2020:13:28:33.903] snowflake_proxy snowflake/<NOSRV> -1/-1/-1/-1/0 400 211 - - PR-- 1/1/0/0/3 0/0 "CONNECT sfctest.client-telemetry.snowflakecomputing.com:443 HTTP/1.1"
有人做过类似的事吗?您可以共享HAProxy配置的相关部分吗?
由于需要在代理上配置SSL传递,因此即使不是不可能配置HAProxy并用作Snowflake ODBC驱动程序的转发代理,HAProxy也会很困难。
原因在this SO answer中指出:
我捕获了数据包,使用代理访问https网站,curl将启动HTTP CONNECT方法来建立隧道。隧道应该在curl客户端和代理之间,但是TCP代理会将所有消息传递到Web服务器,因此Web服务器将重置连接。
转发代理不应该只是在客户端和Web服务器之间传递消息。它应该了解HTTP CONNECT方法
HAProxy在进行SSL传递时表现为TCP代理,因此不会解析基础消息。但是,它需要先建立隧道,然后再建立隧道,这需要响应HTTP CONNECT
方法。