How do I connect to my local kubernetes CockroachDB with DBeaver?

0
votes

I have a Minikube Kubernetes cluster running a cockroachdb which looks like:

kubectl get pods

test-cockroachdb-0            1/1     Running     17         95m
test-cockroachdb-1            1/1     Running     190        2d
test-cockroachdb-2            1/1     Running     160        2d
test-cockroachdb-init-m8rzp   0/1     Completed   0          2d
cockroachdb-client-secure     1/1     Running     0          2d

I want to get a connection string that I can use in my application.

To verify my connection string, I am using the tool DBeaver.

My database name is configured to 'defaultdb' which exists on my cluster, and the user with the relevant password. The port is accurate as well (default cockroachdb minikube port).

However as to the certificate aspect of connecting I am at a loss. How do I generate/gather the certificates I need to successfully connect to my cluster? How do I connect to my cluster using DBeaver?

Edit:

$ kubectl get all

NAME                                         READY   STATUS      RESTARTS   AGE
pod/myname-cockroachdb-0            1/1     Running     27         156m
pod/myname-cockroachdb-1            1/1     Running     197        2d1h
pod/myname-cockroachdb-2            1/1     Running     167        2d1h
pod/myname-cockroachdb-init-m8rzp   0/1     Completed   0          2d1h
pod/myname-client-secure            1/1     Running     0          2d1h


NAME                                         TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)              AGE
service/myname-cockroachdb          ClusterIP   None            <none>        26257/TCP,8080/TCP   2d1h
service/myname-cockroachdb-public   ClusterIP   10.xxx.xxx.xx   <none>        26257/TCP,8080/TCP   2d1h
service/kubernetes                           ClusterIP   10.xx.0.1       <none>        443/TCP              2d1h




NAME                                           READY   AGE
statefulset.apps/myname-cockroachdb   3/3     2d1h


NAME                                         COMPLETIONS   DURATION   AGE
job.batch/myname-cockroachdb-init   1/1           92s        2d1h
2
kubernetesminikubedbeavercockroachdb
Please add output from kubectl get allFL3SH
I have added output from kubectl get allPointo Senshi
Can you add error with a certificate?FL3SH

2 Answers

2
votes

Like @FL3SH already said.

You can use kubectl port-forward <pod_name> <port>

This is nicely explained in Cockroach documentation Step 4. Access the Admin UI, please us it as example and set different ports.

As for the certificates:

As each pod is created, it issues a Certificate Signing Request, or CSR, to have the node's certificate signed by the Kubernetes CA. You must manually check and approve each node's certificates, at which point the CockroachDB node is started in the pod.

Get the name of the Pending CSR for the first pod:

kubectl get csr

NAME                                                   AGE       REQUESTOR                               CONDITION
default.node.cockroachdb-0                             1m        system:serviceaccount:default:default   Pending
node-csr-0Xmb4UTVAWMEnUeGbW4KX1oL4XV_LADpkwjrPtQjlZ4   4m        kubelet                                 Approved,Issued
node-csr-NiN8oDsLhxn0uwLTWa0RWpMUgJYnwcFxB984mwjjYsY   4m        kubelet                                 Approved,Issued
node-csr-aU78SxyU69pDK57aj6txnevr7X-8M3XgX9mTK0Hso6o   5m        kubelet                                 Approved,Issued

If you do not see a Pending CSR, wait a minute and try again.

You can check the CSR pod kubectl describe csr default.node.cockroachdb-0

It might look like this:

Name:               default.node.cockroachdb-0
Labels:             <none>
Annotations:        <none>
CreationTimestamp:  Thu, 09 Nov 2017 13:39:37 -0500
Requesting User:    system:serviceaccount:default:default
Status:             Pending
Subject:
  Common Name:    node
  Serial Number:
  Organization:   Cockroach
Subject Alternative Names:
         DNS Names:     localhost
                        cockroachdb-0.cockroachdb.default.svc.cluster.local
                        cockroachdb-public
         IP Addresses:  127.0.0.1
                        10.48.1.6
Events:  <none>

If it does then you can approve the certificate using:

kubectl certificate approve default.node.cockroachdb-0

Please do follow the Orchestrate CockroachDB in a Single Kubernetes Cluster guide.

Let me know if you need any further help.

1
votes

You can use kubectl port-forward service/myname-cockroachdb 26257 and in DBeaver just use localhost:26257 as a connection string.