Setting up access to EDB Postgres service instances

You can connect to the EDB Postgres service from a Kubernetes cluster.

About this task

For more information, see Connecting from an application in the EDB Postgres documentation.

You need the EDB Postgres instance name to connect to a database.

Procedure

Follow these steps to connect to the EDB Postgres service:

  1. Retrieve your deployed EDB Postgres service instances.
    Cloud Native PostgreSQL automatically provides 4 service instances for each Kubernetes cluster. Use the following command to retrieve these service instances:
    % kubectl get services -o name -n ${PROJECT_CPD_INST_OPERANDS}

    The command will return information similar to the following example:

    service/<instance_name>-edb-db-any
    service/<instance_name>-edb-db-r
    service/<instance_name>-edb-db-ro
    service/<instance_name>-edb-db-rw
  2. Retrieve your instance credentials.
    Credentials are stored as Kubernetes secrets and are automatically generated for the service instance by default. Run the following command to retrieve your instance secrets:
    % kubectl get secrets -o name -n ${PROJECT_CPD_INST_OPERANDS}

    The command will return your secrets and will appear similar to the following example:

    secret/<instance_name>-edb-db-app
    secret/<instance_name>-edb-db-superuser

    Use the secret/<instance_name>-edb-db-app secret for typical workloads. Use the secret/<instance_name>-edb-db-superuser secret for administrative purposes that require greater privileges.

  3. Extract the username and password from the secret.
    You can extract this information from either the OpenShift® Container Platform console or the command line.
    Using the OpenShift Container Platform:
    Click Secrets, then select the secret you require and copy the username and password values.
    Using the command line:
    Run the following command to extract the username and password:
    oc get secret/edb0210-1-edb-db-app -o jsonpath='{.data.username}{"\n"}'
    oc get secret/edb0210-1-edb-db-app -o jsonpath='{.data.password}{"\n"}'
    The output will be an encoded string. Run the following command to decode it:
    echo "<encoded_string>" | base64 -d
    You can now use the username and password to access the EDB Postgres service instance.
  4. Optional: Configure port forwarding to retrieve your EDB Postgres service instance.
    After you deploy an EDB Postgres service instance, you can expose your service instance externally to allow access outside of the Kubernetes cluster. Consult with your network administrator on methods to do this for your environment. One example of port forwarding is shown below.
    Use the following command to configure port forwarding:
    % kubectl port-forward service/ad-edb-db-rw 5454:5432 -n ${PROJECT_CPD_INST_OPERANDS}
    This will generate an output similar to the following example:
    Forwarding from 127.0.0.1:5454 -> 5432
    Forwarding from [::1]:5454 -> 5432
    The EDB Postgres service instance can now be retrieved from your local 5432 port.
  5. Access the service instance.
    Using the service instance name (or local host if using port forwarding), port, and credentials, a PostgreSQL client can now be used to access the service. One example is shown below.
    psql -p <server_port> -h <server_host> -U <username>
    The output will be similar to the following:
    Password for user app: Password for user app: psql (14.4, server 14.4.0) WARNING: psql major version 14, server major version 14.
    Some psql features might not work. SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
    Type "help" for help. app=> show db_dialect; db_dialect ------------ redwood(1 row)

    Use the password you extracted in step 3.

What to do next