4

Many devops use mysql connect over ssh to access to production database for various reasons and queries

after successfull deploy mysql container to a digital ocean kubernetes cluster im able to ssh into the pod via :

kubectl --kubeconfig="kubeconfig.yaml" exec -it vega-mysql-5df9b745f9-c6859 -c vega-mysql -- /bin/bash

my question is how can i remote connect applications like : navicat - sequel pro or mysql workbench to this pod ?

Sina Miandashti
  • 2,087
  • 1
  • 26
  • 40

2 Answers2

7

Nitpick: Even though you can use it to start an interactive shell, kubectl exec is not the same as SSH. For that reason, regular MySQL clients that support SSH-tunneled connections, don't (and probably never will) support connecting to a MySQL server tunneled through kubectl exec.

Alternative solution: Use kubectl port-forward to forward the Pod's MySQL server port 3306 to your local machine:

kubectl port-forward vega-mysql-5df9b745f9-c6859 3306:3306

This will instruct kubectl to act as a TCP proxy from a local port on your machine into the Pod. Then, connect to 127.0.0.1:3306 with any MySQL client of your choice:

mysql -u youruser -p -h 127.0.0.1
helmbert
  • 35,797
  • 13
  • 82
  • 95
0

I achieved this by expose mysql to a service with random port 

kubectl --kubeconfig=vega-kubeconfig.yaml expose deployment mysqldeployment --type=NodePort --name=nginx --port=3306 --target-port=3306

And connect to it via my client without ssh tunnel.

but @helmbert solution is good also

Sina Miandashti
  • 2,087
  • 1
  • 26
  • 40
  • While this does work, you should keep in mind that you should do this only when you have SSL set up for your MySQL server (ideally, with `ssl-mode=required`) or your NodePort is reachable only from a network that you trust entirely. Otherwise, you might end up sending your MySQL credentials through the internet in clear text. – helmbert Dec 24 '18 at 09:06