[Question] describe your problem

[Tommu10ve]

Problem Type (问题类型)

None

Before submit

• [x] 我已经确认现有的 Issues 与 FAQ 中没有相同 / 重复问题 (I have confirmed and searched that there are no similar problems in the historical issue and documents)

Environment (环境信息)

• Server Version: 1.0.0 (Apache Release Version)
• Backend: RocksDB x nodes, HDD or SSD
• OS: xx CPUs, xx G RAM, Ubuntu 2x.x / CentOS 7.x
• Data Size: xx vertices, xx edges

Your Question (问题描述)

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# TODO: reuse the configs for same type containers
# User could modify the node nums and the port by themselves
version: "3"

services:
  pd0:
    image: hugegraph/pd
    container_name: pd0
    hostname: pd0
    network_mode: host
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8620"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/application-pd0.yml:/hugegraph-pd/conf/application.yml
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  pd1:
    image: hugegraph/pd
    container_name: pd1
    hostname: pd1
    network_mode: host
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8621"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/application-pd1.yml:/hugegraph-pd/conf/application.yml
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  pd2:
    image: hugegraph/pd
    container_name: pd2
    hostname: pd2
    network_mode: host
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8622"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/application-pd2.yml:/hugegraph-pd/conf/application.yml
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  store0:
    image: hugegraph/store
    container_name: store0
    hostname: store0
    network_mode: host
    depends_on:
      pd0:
        condition: service_healthy
      pd1:
        condition: service_healthy
      pd2:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8520"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/application-store0.yml:/hugegraph-store/conf/application.yml
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  store1:
    image: hugegraph/store
    container_name: store1
    hostname: store1
    network_mode: host
    depends_on:
      pd0:
        condition: service_healthy
      pd1:
        condition: service_healthy
      pd2:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8521"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/application-store1.yml:/hugegraph-store/conf/application.yml
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  store2:
    image: hugegraph/store
    container_name: store2
    hostname: store2
    network_mode: host
    depends_on:
      pd0:
        condition: service_healthy
      pd1:
        condition: service_healthy
      pd2:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8522"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/application-store2.yml:/hugegraph-store/conf/application.yml
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  server1:
    image: hugegraph/server
    container_name: server1
    hostname: server1
    network_mode: host
    depends_on:
      store0:
        condition: service_healthy
      store1:
        condition: service_healthy
      store2:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8081"]
      interval: 10s
      timeout: 5s
      retries: 3
    environment:
    #  - PRELOAD=true 为可选参数，为 True 时可以在启动的时候预加载一个内置的样例图
     - PASSWORD=hugegraph@2024
    volumes:
      - ./configs/server1-conf:/hugegraph-server/conf
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  server2:
    image: hugegraph/server
    container_name: server2
    hostname: server2
    network_mode: host
    depends_on:
      store0:
        condition: service_healthy
      store1:
        condition: service_healthy
      store2:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8082"]
      interval: 10s
      timeout: 5s
      retries: 3
    environment:
    #  - PRELOAD=true 为可选参数，为 True 时可以在启动的时候预加载一个内置的样例图
     - PASSWORD=hugegraph@2024
    volumes:
      - ./configs/server2-conf:/hugegraph-server/conf
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

  server3:
    image: hugegraph/server
    container_name: server3
    hostname: server3
    network_mode: host
    depends_on:
      store0:
        condition: service_healthy
      store1:
        condition: service_healthy
      store2:
        condition: service_healthy
    environment:
    #  - PRELOAD=true 为可选参数，为 True 时可以在启动的时候预加载一个内置的样例图
     - PASSWORD=hugegraph@2024
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:8083"]
      interval: 10s
      timeout: 5s
      retries: 3
    volumes:
      - ./configs/server3-conf:/hugegraph-server/conf
    # 容器启动时赋予该容器几乎所有的主机权限
    privileged: true

增加 environment: - PASSWORD=hugegraph@2024 配置后 链接报错

 ### Error updating database. Cause: org.h2.jdbc.JdbcSQLIntegrityConstraintViolationException: Unique index or primary key violation: "PUBLIC.CONSTRAINT_INDEX_9 ON PUBLIC.GRAPH_CONNECTION(NAME) VALUES 3"; SQL statement: INSERT INTO graph_connection ( name, graph, host, port, timeout, username, password, create_time ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ? ) [23505-199] ### The error may exist in org/apache/hugegraph/mapper/GraphConnectionMapper.java (best guess) ### The error may involve org.apache.hugegraph.mapper.GraphConnectionMapper.insert-Inline ### The error occurred while setting parameters ### SQL: INSERT INTO graph_connection ( name, graph, host, port, timeout, username, password, create_time ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ? ) ### Cause: org.h2.jdbc.JdbcSQLIntegrityConstraintViolationException: Unique index or primary key violation: "PUBLIC.CONSTRAINT_INDEX_9 ON PUBLIC.GRAPH_CONNECTION(NAME) VALUES 3"; SQL statement: INSERT INTO graph_connection ( name, graph, host, port, timeout, username, password, create_time ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ? ) [23505-199] ; Unique index or primary key violation: "PUBLIC.CONSTRAINT_INDEX_9 ON PUBLIC.GRAPH_CONNECTION(NAME) VALUES 3"; SQL statement: INSERT INTO graph_connection ( name, graph, host, port, timeout, username, password, create_time ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ? ) [23505-199]; nested exception is org.h2.jdbc.JdbcSQLIntegrityConstraintViolationException: Unique index or primary key violation: "PUBLIC.CONSTRAINT_INDEX_9 ON PUBLIC.GRAPH_CONNECTION(NAME) VALUES 3"; SQL statement: INSERT INTO graph_connection ( name, graph, host, port, timeout, username, password, create_time ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ? ) [23505-199]

Vertex/Edge example (问题点 / 边数据举例)

Schema [VertexLabel, EdgeLabel, IndexLabel] (元数据结构)

[dosubot[bot]]

你的报错是因为在 graph_connection 表中，name 字段有唯一约束（unique constraint），当你用 Docker Compose 启动多个 HugeGraph Server 并都设置了 PASSWORD=hugegraph@2024，系统初始化时会尝试插入同名的连接，导致主键或唯一索引冲突（即同名连接已存在）schema.sql 源码。

解决建议：

1. 检查数据库（如 H2 文件或 MySQL）中 graph_connection 表，删除重复的 name 记录，或更换新的 name。
2. 启动多个 server 时，确保每个服务的连接 name 唯一，或者避免重复初始化同一个连接。
3. 如果是测试环境，可以直接清空 graph_connection 表再重启服务。
4. 如果是生产环境，建议先备份数据库，再做清理。

补充说明：

• PASSWORD 环境变量本身不会直接导致唯一约束冲突，但可能触发服务端重复初始化连接逻辑，从而多次插入同名连接，最终报错。
• 目前没有配置项可以自动跳过重复插入，需靠业务或部署流程保证唯一性。

如需进一步排查，可以贴下 graph_connection 表的内容或具体初始化流程。

To reply, just mention @dosu.

---

^{How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other}   

[Tommu10ve]

HStore 分布式部署怎么开启鉴权 @dosu-bot 请回答我问题1

[dosubot[bot]]

目前 HStore（HugeGraph 分布式存储组件）本身没有内置鉴权（认证/授权）机制，无论是在配置文件还是协议层都没有相关参数或模块。也就是说，HStore 节点之间的访问默认是无鉴权的，无法通过配置直接开启账号密码或 token 校验【源码分析结论，详见 application.yml 配置与 gRPC 协议定义】。

如果你需要在生产环境下对 HStore 的访问进行安全控制，建议通过外部手段实现，比如：反向代理（如 Nginx）、VPN、网络防火墙策略或服务网格（Service Mesh）等方式，对网络层流量进行隔离和认证。这样可以有效防止未授权访问。

如果你对 HugeGraph Server 层的 REST API 鉴权有需求，可以通过配置 REST 服务的 Basic Auth 实现，但这不影响 HStore 层的分布式存储节点间通信【参考：所有鉴权数据由 PD 节点集中管理，Server 节点仅做转发，见相关 issue 说明】。

如需具体的外部鉴权方案或配置示例，可以补充你的网络环境和安全需求。

To reply, just mention @dosu.

---

^{How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other}   

[Tommu10ve]

HStore 分布式存储后,怎么管控数据库权限

[github-actions[bot]]

Due to the lack of activity, the current issue is marked as stale and will be closed after 20 days, any update will remove the stale label