I tried the following config to expose an Oracle DB as a TCP service. The database works as I could test it with port forwarding. But, the service is not accessible from the outside. What do I miss in the config?
If you port-forward to the Kong admin API and call GET /routes, do you see a oracle19-ingress route present? If not, check your controller logs to see if there’s some issue pushing configuration.
If the route is present, do you see any error logs in the proxy log? Can you show what happens when you make a test connection?
AFAIK logging for TCP routes is fairly limited, but you can attach a tcpdump sidecar to the proxy Pod and check traffic for this with tcpdump -npi any port 25432 or port 1521 to see if there are any issues establishing connections on either end.
Thank you very much for your replies! As far as I understood the configuration settings the ports are exposed. I hope that my configuration posted above is correct. If there is any mistake please let me know. Currently, the JDBC client claims: “Connection refused”.
What I checked so far
The nftables rules are ok (checked with positive / negative testing)
The /routes returns oracle-19.ingress.0
I installed the sidecar and I am generally able to get information on some ports, let’s say admin 8001 etc. However, there is no traffic on port 1521 and 25432.
Thanks for pointing me to the relevant information. Based on the docs and values I ended up with the following config that however throws an error. As far as I can see it’s configured correctly? At least the externalTrafficPolicy works.
Check your Helm version’s up to date? Pasting that stream section into one of the test values.yamls and rendering it worked fine for me, and search results for that error indicate there was a bug in earlier Helm versions that would result in it being thrown spuriously.
Thank you very much for your inputs. Here is what I’ve found:
~ » helm search repo kong/kong --versions
NAME CHART VERSION APP VERSION DESCRIPTION
kong/kong 2.7.0 2.7 The Cloud-Native Ingress and API-management
What I’ve currently installed:
~ » helm list --all-namespaces
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
kong gateway 16 2022-04-08 22:36:14.003648275 +0200 CEST deployed kong-2.7.0 2.7
So if there is a new version I wouldn’t know which version it could be.
Not sure then–not sure what would cause you to get the error with the same values.yaml that works for me on the same version. At this point I’d recommend filing a bug on Issues · helm/helm · GitHub since they know the internals better, and can hopefully suggest what else may be the cause of the different render results we’re seeing.