Kubectl port-forward on rancher 2 provision cluster

Hello together,
sorry for cross posting, but as I have not got any helpful replies yet, I was not sure if I might have been in the wrong forum.
As a matter of principle I try to port-forward a mysql database port to 127.0.0.1 on a worker node. I would like to connect to mysql with mysql workbench via ssh through the local node, as I do not want to make the database accessible to the outside.
Unfortunately just the ssh connection part works, but I cannot connect to the port forwarded database. Access to the database via a rancher ui shell is working as expected. Hence, credentials and user settings in mysql are fine. I also logged in to the local node and tried to use a local mysql client instance to connect to the port. This is also not working. I need to mention that I use RancherOS as a base operating system. Is there something I have to consider when using kubectl port-forward as kubernetes is running containerized?

Link to my other post with further details.

Thanks a lot for your help. Seems to be hard to get a Rancher cluster stand up and being able to work with it :slight_smile:

Solved,
port-forward via kubectl opens a port on my local remote machine, not on the worker node the database is running on. Not easy to see.

I am now wondering how this tunnel is working. Does kubectl create a ssh pipe for it or is all trafix transferred unencrypted?

It’s tunneled over the same TLS connection as all the other things kubectl does.

Thanks, so I am on the save side :slight_smile: