Openshift: Expose postgresql remotely

Question

I've create a postgresql instance into my openshift origin v3. It's running correctly, however I don't quite figure out why I am not able to reach it remotely.

I've exposed a route:

$oc get routes
postgresql   postgresql-ra-sec.192.168.99.100.nip.io             postgresql   postgresql                 None

$ oc get services
NAME         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
postgresql   ClusterIP   172.30.59.113   <none>        5432/TCP   57m

This is my route:

I'm trying to get access to this instance from an ubuntu os. I'm trying to get access using psql:

$ psql --host=postgresql-ra-sec.192.168.99.100.nip.io --dbname=tdevhub
psql: could not connect to server: Connection refused
Is the server running on host "postgresql-ra-sec.192.168.99.100.nip.io" (192.168.99.100) and accepting
TCP/IP connections on port 5432?

Otherwise:

$ psql --host=postgresql-ra-sec.192.168.99.100.nip.io --port=80 --dbname=tdevhub
psql: received invalid response to SSL negotiation: H

I've checked dns resolution, and it seems to work correctly:

$ nslookup postgresql-ra-sec.192.168.99.100.nip.io                    
Server:     127.0.0.53
Address:    127.0.0.53#53

Non-authoritative answer:
Name:   postgresql-ra-sec.192.168.99.100.nip.io
Address: 192.168.99.100

EDIT

What about this?

Why is there this redirection? Could I try to change it before port-forwarding?

Answer 1

Exposing a service via a route means that your enabling external HTTP traffic. For a service like Postgresql, this is not going to work as per your example.

An alternative is to port forward to your local machine and connect that way. So for example, run oc get pods and then oc port-forward <postgresql-pod-name> 5432, this will allow you to create the TCP connection:

Run psql --host=localhost --dbname=tdevhub on the host machine to verify this.

There is also the option, in some instances at least to assign external IP's to allow ingress traffic. See the OpenShift docs. This will be more complicated to achieve but a permanent solution as opposed to port forwarding. It looks like you are running oc cluster up or minishift however so not sure how viable this is.

Answer 2

In theory while the answer of the port forwarding is correct and the only way I made it work I would say that in Openshift 3.x you could use a tcp route for this https://documentation.its.umich.edu/node/2126

However it does not seem to work (at least for me) in Openshift 4.x

Also I don't personally like the port forwarding because this assumes you have to establish a connection with a user that can connect to the cluster and has permissions with namespace to do what it needs to do. I would much rather suggest the ingress solution

https://docs.openshift.com/container-platform/4.6/networking/configuring_ingress_cluster_traffic/configuring-externalip.html