Exposing Percona Postgres deployment externally in AKS

Hi Team,
We’re doing a POC for Percona postgres on AKS(Azure Kubernetes) environment with v1.1 and facing issue while making external connectivity. We have exposed the cluster1 externally through a internal AKS load balancer.

NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
cluster1 LoadBalancer 10.119.253.184 10.126.96.150 2022:30275/TCP,5432:30693/TCP 8s
cluster1-backrest-shared-repo ClusterIP 10.119.254.1 2022/TCP 41m
cluster1-pgbouncer ClusterIP 10.119.253.129 5432/TCP 41m
cluster1-replica ClusterIP 10.119.254.128 2022/TCP,5432/TCP 41m
postgres-operator ClusterIP 10.119.255.215 8443/TCP,4171/TCP,4150/TCP 3h47m

However, while trying to access is from my laptop getting the below error:
$ curl -k -vvvv telnet://10.126.96.150:5432

  • Trying 10.126.96.150:5432…
    % Total % Received % Xferd Average Speed Time Time Time Current
    Dload Upload Total Spent Left Speed
    0 0 0 0 0 0 0 0 --:–:-- 0:00:20 --:–:-- 0* connect to 10.126.96.150 port 5432 failed: Timed out
  • Failed to connect to 10.126.96.150 port 5432 after 21036 ms: Timed out
    0 0 0 0 0 0 0 0 --:–:-- 0:00:21 --:–:-- 0
    *** Closing connection 0**
    curl: (28) Failed to connect to 10.126.96.150 port 5432 after 21036 ms: Timed out

$ curl -k -vvvv telnet://10.126.96.150:30693

  • Trying 10.126.96.150:30693…
    % Total % Received % Xferd Average Speed Time Time Time Current
    Dload Upload Total Spent Left Speed
    0 0 0 0 0 0 0 0 --:–:-- 0:00:20 --:–:-- 0* connect to 10.126.96.150 port 30693 failed: Timed out
  • Failed to connect to 10.126.96.150 port 30693 after 21046 ms: Timed out
    0 0 0 0 0 0 0 0 --:–:-- 0:00:21 --:–:-- 0
    *** Closing connection 0**
    curl: (28) Failed to connect to 10.126.96.150 port 30693 after 21046 ms: Timed out

Can anyone suggest for possible solutions on this.

Thanks…

1 Like

It looks like external IP it’s showing you is a private IP address / non-routable over the internet. Have you attached a public IP?

1 Like

I can see the route table attached to the subnet is having internet route:


By attaching a public IP, you mean do I need to create a external AKS load balancer. But I want the traffic to be restricted only within my company’s network (external to kubernetes but internally within my company’s network)

1 Like

Can anyone help further on this topic.

1 Like

When you tried to connect to the instance were you on the same network (what IP/subnet are you connecting from) or trying to connect over the public network?

1 Like

Hey @skandhw ,

looks like a networking prob to me (sorry for stating the obvious). Internal load balancer means that you can connect to it from some private network that you have in Azure. Or through some sort of VPN or Peering.

So if your laptop does not have access to this private network in Azure, you will not be able to access the cluster. What Joe is suggesting is to use public load balancer instead. This is not recommended for production, but will work for you if you are just exploring.

1 Like

Hi Sergey,

We have figured out the approach for external connectivity to the database, and now we’re able to connect DB from outside.
Just one question, is there any detailed documentation/ explanation available to deep dive into the Percona PG operator.

Thanks

@skandhw the docs can be found here: Percona Operator for PostgreSQL

I’m more than happy to jump into a call with you to discuss anything pg operator related. Especially curious to learn your use case. Please send me a DM.

Sure Sergey. Glad to connect with you.