[英]Access Postgres host from Tableau using kubernetes cluster as a kind of router
Scenario:设想:
Tableau application;表格应用程序;
Postgres on a cloud;云上的 Postgres;
Kubernetes on another cloud, running an application based on Alpine image (different cloud than Postgres). Kubernetes 在另一个云上,运行基于 Alpine 映像的应用程序(不同于 Postgres 的云)。
What a I need:我需要什么:
Important restrictions:重要限制:
Tableau can access my kubernetes cluster but cannot access my Postgres host directly; Tableau 可以访问我的 kubernetes 集群,但不能直接访问我的 Postgres 主机;
My kubernetes cluster can access my Postgres host.我的 kubernetes 集群可以访问我的 Postgres 主机。
Next steps Now I was able to make it work by using Thomas answer, using the following code:后续步骤现在我可以使用 Thomas answer 使用以下代码使其工作:
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
type: NodePort
ports:
- port: 5432
targetPort: 5432
nodePort: 30004
---
apiVersion: v1
kind: Endpoints
metadata:
name: my-service
subsets:
- addresses:
- ip: **111.111.111.111** ** < need change this to hostname
ports:
- port: 5432
Everything works fine with numerical IP, but I need to put my Postgres DNS instead, something like:数字 IP 一切正常,但我需要使用我的 Postgres DNS 代替,例如:
subsets:
- addresses:
- ip: mypostgres.com
ports:
- port: 5432
You can achieve this by creating service type object without selectors and then manually creating endpoints for this its.您可以通过创建不带选择器的服务类型 object 然后手动为此创建端点来实现此目的。 Service needs to expose outside either via
NodePort
or Loadbalancer
type:服务需要通过
NodePort
或Loadbalancer
类型暴露在外部:
apiVersion: v1
kind: Service
metadata:
name: my-service #Name of the service must match the name of the endpoints
spec:
type: NodePort
ports:
- port: 80
targetPort: 80
nodePort: 30007
Services don't link to pods directly.服务不直接链接到 pod。 There is another object in between called endpoints.
在称为端点之间还有另一个 object。 Because of this you are able to define them manually.
因此,您可以手动定义它们。
apiVersion: v1
kind: Endpoints
metadata:
name: my-service #Name of te endpoint must match the name of the service
subsets:
- addresses:
- ip: 172.217.212.100 # This is the IP of the endpoints that the service will forward connections to.
ports:
- port: 80
Since you are going to expose your postgres some sort securiy measures has to be taken in order to secure it, eg whitelist ip由于您要公开您的 postgres,因此必须采取某种安全措施来保护它,例如白名单 ip
For more reading please visit /Services without selectors .更多阅读请访问/Services without selectors 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.