I would like to connect to a PostgreSQL (9.6) cluster that runs inside OpenShift (3.9) using port forwarding as described here. To this end I set up and sanity-check port forwarding on a jump host (outside the OpenShift cluster) like this:
oc port-forward $pod 5432:5432
netstat -ln | grep 5432 # "tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN"
psql -U postgres -h localhost # OK
psql -U postgres -h $(hostname -i) # error: "connection refused"
So it looks as if port forwarding listens only for localhost, but not the host's other IP address(es). Ultimately I want to connect to the database thru the jump host from another remote hosts, so `localhost' won't suffice.
How can I set up (OpenShift) port forwarding in such a way that it will allow access to the forwarded port from remote hosts as well? I suppose Iptables (in combination with OpenShift port forwarding) could do the trick, but I do not yet know how and if there is a simpler approach. (The jump host runs Debian 9.5.)
UPDATE An approach combining an SSH tunnel and OpenShift (Kubernetes) port forwarding apparently can solve this. This was suggested in a link provided in the accepted answer below.
on jump host (1st session):
ssh -N -L $(hostname -i):5432:localhost:5433 $(whoami)@$(hostname)
on jump host (2nd session):
oc port-forward $pod 5433:5432
on remote host:
psql -U postgres -h jump-host
you can find decent discussion on port-forward listen addresses and few temporary solutions on https://github.com/kubernetes/kubernetes/issues/43962 and https://github.com/kubernetes/kubernetes/pull/46517.
Afer the PR is merged, relased in upstream kubernetes and openshift updates to that version, you will have an easy way to achieve this (I would guess minimum half a year since now). For now you're stuck with workarounds.