Menu
Can please somebody help me? This is my first post here, and I am really exited to start posting here and helping people but I need help first.
I am deploying my own Postgres database on Minikube. For db, password and username I am using secrets.
Data is encoded with base64
I also exec into container to see if I could see these envs and they were there.
The problem is when I try to enter into postgres with psql. I checked minikube ip and typed correct password(pass) after this command:
pqsl -h 192.168.99.100 -U website_user -p 31315 website
Error
Password for user website_user:
psql: FATAL: password authentication failed for user "website_user"
Also if I exec into my pod:
kubectl exec -it postgres-deployment-744fcdd5f5-7f7vx bash
And try to enter into postgres I get:
psql -h $(hostname -i) -U website_user -p 5432 website
Error:
Password for user website_user:
psql: FATAL: password authentication failed for user "website_user"
I am lacking something here.I tried also ps aux in container, and everything seems to be find postgres processes are running
kubectl get all
Output:
NAME READY STATUS RESTARTS AGE
pod/postgres-deployment-744fcdd5f5-7f7vx 1/1 Running 0 18m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19m
service/postgres-service NodePort 10.109.235.114 <none> 5432:31315/TCP 18m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/postgres-deployment 1/1 1 1 18m
NAME DESIRED CURRENT READY AGE
replicaset.apps/postgres-deployment-744fcdd5f5 1 1 1 18m
# Secret store
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
type: Opaque
data:
POSTGRES_USER: d2Vic2l0ZV91c2VyCg==
POSTGRES_PASSWORD: cGFzcwo=
POSTGRES_DB: d2Vic2l0ZQo=
---
# Persistent Volume
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-pv
labels:
type: local
spec:
storageClassName: manual
capacity:
storage: 2Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/postgres-pv
---
# Persistent Volume Claim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
labels:
type: local
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
volumeName: postgres-pv
---
# Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres-deployment
spec:
selector:
matchLabels:
app: postgres-container
template:
metadata:
labels:
app: postgres-container
spec:
containers:
- name: postgres-container
image: postgres:9.6.6
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_USER
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_DB
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_PASSWORD
ports:
- containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: postgres-volume-mount
volumes:
- name: postgres-volume-mount
persistentVolumeClaim:
claimName: postgres-pvc
---
apiVersion: v1
kind: Service
metadata:
name: postgres-service
spec:
selector:
app: postgres-container
ports:
- port: 5432
protocol: TCP
targetPort: 5432
type: NodePort
367
Accessing a Pod with KubectlUse the kubectl tool to run utilities directly in a Postgres pod. This psql command connects to the default Postgres database, postgres .
In this case, 192.168. 64.7 is the IP address of minikube which you can also retrieve using the command `minikube ip`. Open a browser and check your nginx application. That's it; you can try different applications and you will realize how easy it is to use minikube for your Kubernetes learning and development.
Connecting to a Database In order to connect to a database you need to know the name of your target database, the host name and port number of the server, and what user name you want to connect as. psql can be told about those parameters via command line options, namely -d , -h , -p , and -U respectively.
You created all your values with:
$ echo "value" | base64$ echo -n "value" | base64Following official man page of echo:
Description
Echo the STRING(s) to standard output.
-n = do not output the trailing newline
TL;DR: You need to edit your Secret definition with new values:
$ echo -n "website_user" | base64$ echo -n "website" | base64$ echo -n "pass" | base64You created your Secret with a trailing newline. Please take a look at below example:
POSTGRES_USER:
$ echo "website_user" | base64
d2Vic2l0ZV91c2VyCg== which is the same as yours $ echo -n "website_user" | base64
d2Vic2l0ZV91c2Vy which is the correct value POSTGRES_PASSWORD:
$ echo "pass" | base64
cGFzcwo= which is the same as yours $ echo -n "pass" | base64
cGFzcw== which is the correct value POSTGRES_DB:
$ echo "website" | base64
d2Vic2l0ZQo= which is the same as yours $ echo -n "website" | base64
d2Vic2l0ZQ== which is the correct value Your Secret should look like that:
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
type: Opaque
data:
POSTGRES_USER: d2Vic2l0ZV91c2Vy
POSTGRES_PASSWORD: cGFzcw==
POSTGRES_DB: d2Vic2l0ZQ==
If you create it with a new Secret you should be able to connect to the database:
root@postgres-deployment-64d697868c-njl7q:/# psql -h $(hostname -i) -U website_user -p 5432 website
Password for user website_user:
psql (9.6.6)
Type "help" for help.
website=#
Please take a look on additional links:
55
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
