Search code examples
postgresqlopenshiftopenshift-origin

Openshift: Expose postgresql remotely


I've create a postgresql instance into my openshift origin v3. It's running correctly, however I don't quite figure out why I am not able to reach it remotely.

I've exposed a route:

$oc get routes
postgresql   postgresql-ra-sec.192.168.99.100.nip.io             postgresql   postgresql                 None

$ oc get services
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
postgresql   ClusterIP   172.30.59.113   <none>        5432/TCP   57m

This is my route:

enter image description here

I'm trying to get access to this instance from an ubuntu os. I'm trying to get access using psql:

$ psql --host=postgresql-ra-sec.192.168.99.100.nip.io --dbname=tdevhub
psql: could not connect to server: Connection refused
Is the server running on host "postgresql-ra-sec.192.168.99.100.nip.io" (192.168.99.100) and accepting
TCP/IP connections on port 5432?

Otherwise:

$ psql --host=postgresql-ra-sec.192.168.99.100.nip.io --port=80 --dbname=tdevhub
psql: received invalid response to SSL negotiation: H

I've checked dns resolution, and it seems to work correctly:

$ nslookup postgresql-ra-sec.192.168.99.100.nip.io                    
Server:     127.0.0.53
Address:    127.0.0.53#53

Non-authoritative answer:
Name:   postgresql-ra-sec.192.168.99.100.nip.io
Address: 192.168.99.100

EDIT

What about this?

enter image description here

Why is there this redirection? Could I try to change it before port-forwarding?


Solution

  • Exposing a service via a route means that your enabling external HTTP traffic. For a service like Postgresql, this is not going to work as per your example.

    An alternative is to port forward to your local machine and connect that way. So for example, run oc get pods and then oc port-forward <postgresql-pod-name> 5432, this will allow you to create the TCP connection:

    Run psql --host=localhost --dbname=tdevhub on the host machine to verify this.

    There is also the option, in some instances at least to assign external IP's to allow ingress traffic. See the OpenShift docs. This will be more complicated to achieve but a permanent solution as opposed to port forwarding. It looks like you are running oc cluster up or minishift however so not sure how viable this is.