Hello!
This is my configuration (values for traefik helm chart):
logs:
general:
level: INFO
access:
enabled: true
format: json
entryPoints:
postgres5432:
address: ":5432"
ports:
postgres5432:
port: 5432
expose:
default: true
exposedPort: 5432
protocol: TCP
tls:
enabled: false
This is my ingressroutetcp:
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: postgres-ingressroute
namespace: test
spec:
entryPoints:
- postgres5432
routes:
- match: HostSNI(`mydomain.com`)
services:
- name: database
port: 5432
tls:
secretName: main-domain-cert
It works fine with dbeaver without any issues, i don't enable ssl in connection, just url and credentials.
PROBLEM:
When i try to connect to this instance with PGadmin i get errors:
Traefik log:
ERR Error while handling TCP connection error="readfrom tcp 10.233.113.222:36488->10.233.89.116:5432: tls: client requested unsupported application protocols ([postgresql])"
ERR Error while handling TCP connection error="readfrom tcp 10.233.113.222:60892->10.233.112.195:5432: remote error: tls: user canceled"
And pgadmin says about timeout
I tried this:
apiVersion: traefik.io/v1alpha1
kind: TLSOption
metadata:
name: postgresql
namespace: traefik
spec:
alpnProtocols:
- postgresql
with this IngressRouteTCP:
apiVersion: traefik.io/v1alpha1
kind: IngressRouteTCP
metadata:
name: postgres-ingressroute
namespace: test
spec:
entryPoints:
- postgres5432
routes:
- match: HostSNI(`mydomain.com`)
services:
- name: database
port: 5432
tls:
secretName: main-domain-cert
options:
name: postgresql
it breaks dbeaver connection with error Connection peer shutdown incorrectly even if i use ssl_mode=require in dbeaver settings and in connection string
pgadmin still doesn't work.
My task is to provide access for developers to PostgreSQL within the Kubernetes cluster