6

trying to open Postgres port 5432 so it can be accessible from my local machine. the port is only open from kubernetes pods.

127.0.0.1:5432 <====> kubernetes-pod <=====> Postgres Server

basically I want to make port 5432 accessible via my local machine, the port is only accessible from kubernetes-pod. how do I do that.

I tried which I think this would work if postgres server is running on the same pod which is not in my case:

kubectl port-forward pod-5bf5c7df9b-xcjsf 5433:5432

Note: The PostgreSQL server runs as standalone db server and only the pod can access the port and I want to access the PostgreSQL db port from my local machine .

Improve this question
1
  • Is there a reason why you need to have an "intermediary" Pod? Why not just port-forward straight to the Postgresql Pod? Commented Jan 19, 2022 at 8:06

2 Answers 2

Reset to default
10

The easiest and best way to accomplish this is using socat in a pod.

You can use the alpine/socat container image to create the pod. Then use port-forward into this pod which will forward the connections to the target db.

Here are the steps:

  1. Create a file my-postgresql-socat.yaml:
apiVersion: v1
kind: Pod
metadata:
  name: my-postgresql-socat
  labels:
    name: my-postgresql-socat
spec:
  containers:
  - name: my-postgresql-socat
    image: alpine/socat
    command: ["socat", "-dd", "tcp4-listen:5432,fork,reuseaddr", "tcp4:my-postgresql-host:5432"]
    resources:
      limits:
        memory: "64Mi"
        cpu: "50m"
    ports:
      - containerPort: 5432
  1. Create a pod with
kubectl apply -f my-postgresql-socat.yaml
  1. Run a local port-forward:
kubectl port-forward my-postgresql-socat 5432:5432

You can access your database now via localhost:5432

  1. When finished, delete the pod:
kubectl delete pod my-postgresql-socat
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you derkoe, this works like a charm!
Happy to hear that :)
1

Try this: kubectl port-forward -n <namespace-name> pod/pod-5bf5c7df9b-xcjsf 5432:5432

Note the differences:

  1. Namespace needs to be specified if not default
  2. I usually prefix the pod name with pod/
  3. The local port 5432 connects to the k8s cluster on port 5432

In addition, it's best practice to port-forward to the service instead of the pod. For example: kubectl port-forward -n namespace svc/service-name 5432:5432 since pod names change but the service name does NOT. And, remember that the service port is usually 5432 but the pod may not listen on that port.

I hope this helps. I work for CodeZero and we allow you to easily connect with cluster resources with our teleport feature. Check it out at https://codezero.io

You can also use CodeZero CLI (czctl) to teleport into the cluster and then you can access kubernetes resources locally:

czctl start
czctl namespace teleport <namespace-name>

Then, as long as you have a Service in the cluster pointing to Postgres, you can access that service as if it's running locally on your computer. For example:

Create a Service called my-postgres-db which points to your Postgress Pod/Deployment/ReplicaSet pods. Then you can connect using

psql -h my-postgres-db ...

Improve this answer

2 Comments

Thanks @grant B but the command you referenced assumes that the postgres server runs on the same pod but it is not. the postgres server runs as standalone db server and only the pod can access the port.
Have you tried creating a k8s service, in your cluster, that points to this Postgres DB server and then you can run czctl namespace teleport <namespace-name in order to connect to the Postgres DB?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.