Kubectl port-forward on RancherOS

Hello together,
I have a database base running on rancher provision kubernetes on top of RancherOS and I would like to access the database via ssh tunnel to the local node the database is running on.
I am trying

kubectl port-forward percona-percona-598df6598c-db9nx 3306:3306 -n percona

Unfortunately from the node, I am not able to connect to port 3306. Now I am wondering, if this might have to do with the fact that kubernetes is running containerized? And I am also wondering how I could solve the issue and get the port exported to my localhost.
Thanks a lot for your help!

Best regards,

Hello @cjohn001,

If you have a local kubectl working on your laptop you should be able to do a local port-forward directly without involving the RancherOS side ?
Can you retrieve pods names from your RancherOs using kubectl ?

Hello @zwordi,
thanks for your feedback. I think I need to provide more details. As mentioned I have a mysql database running in kubernetes on top of rancheros.
I indeed have kubectl running on my local laptop and I executed

kubectl port-forward percona-percona-598df6598c-db9nx 3306:3306 -n percona
Forwarding from -> 3306
Forwarding from [::1]:3306 -> 3306

in my local shall and not on the node the database is running at. Kubectl command blocks the console, hence, it looks like the port-forward is working as expected. At least I assume the command which I use does this?
As I do not want to make the database publicly available, I mapped the port to localhost on the node. What I actually want to do now, is to connect with mysql workbench via ssh to the node and access the database on port through the ssh tunnel. I can see in mysql workbench, that the ssl connection is working, but it cannot connect to the database. For debugging purposes I checked that my user,password and permissions for the database are ok. Therefore I opened a shell via RancherUI to the database pod. As expected I was able to access the database with user,password. My next try was to connect to the node via ssh directly (rather than via mysql workbench) and run a mysql client on the node against 3306 directly. I wanted to ensure that on server side things work as expected. Unfortunately, even when connected to the node like described, I am not able to connect to the mysql database. Hence, it seems like the kubectl port-forward does not work as expected. Have you any idea how I could debug this further and where the source of the problem could be?
Thanks for your help!

Hello together,
does nobody else have an idea, why I cannot port-forward my database? I still have not found a solution for it yet.

Best regards,

Dear @cjohn001,

Shouldn’t it more efficient to you to use an phpmyadmin with an ingress in front rather than trying to expose critical ports on a local node ?
Did you try to do an permission with host = “%” because as you’re using tunnels it may leads to issue…

Hello zwordi,
my problem is solved.

1 Like