Scenario:
Tableau application;
Postgres on a cloud;
Kubernetes on another cloud, running an application based on Alpine image (different cloud than Postgres).
What a I need:
Important restrictions:
Tableau can access my kubernetes cluster but cannot access my Postgres host directly;
My kubernetes cluster can access my Postgres host.
Next steps Now I was able to make it work by using Thomas answer, using the following code:
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
type: NodePort
ports:
- port: 5432
targetPort: 5432
nodePort: 30004
---
apiVersion: v1
kind: Endpoints
metadata:
name: my-service
subsets:
- addresses:
- ip: **111.111.111.111** ** < need change this to hostname
ports:
- port: 5432
Everything works fine with numerical IP, but I need to put my Postgres DNS instead, something like:
subsets:
- addresses:
- ip: mypostgres.com
ports:
- port: 5432
You can achieve this by creating service type object without selectors and then manually creating endpoints for this its. Service needs to expose outside either via NodePort
or Loadbalancer
type:
apiVersion: v1
kind: Service
metadata:
name: my-service #Name of the service must match the name of the endpoints
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 30007
Services don’t link to pods directly. There is another object in between called endpoints. Because of this you are able to define them manually.
apiVersion: v1
kind: Endpoints
metadata:
name: my-service #Name of te endpoint must match the name of the service
subsets:
- addresses:
- ip: 172.217.212.100 # This is the IP of the endpoints that the service will forward connections to.
ports:
- port: 80
Since you are going to expose your postgres some sort securiy measures has to be taken in order to secure it, e.g. whitelist ip
For more reading please visit /Services without selectors .