Port forwarding is one of those hidden gems in the oc CLI that provides an easy way to interact with pods without exposing them to the outside world. I’m all about keeping security to high standards.
In this example I want to connect to a MongoDB instance using Robo 3T to validate the data been saved by another application. Once authenticated into the OpenSHift CLI, this is a simple as this command:
$ oc port-forward mongodb-1-btwp8 -n dashboard-app 27017:27017 --address=192.168.1.23
Forwarding from 192.168.1.23:27017 -> 27017Where mongodb-1-btwp8 is the name of the pod, dashboard-app is the namespace, 27017:27017 is the port mapping (from my laptop’s 27017 port to the pod’s 27017 port and 192.168.1.23 is the IP address of my laptop in the local network. If you do not specify the address flag it will automatically use localhost
For MacOS users: The
--address=192.168.1.23is required since some of the security policies will block requests going againstlocalhost. I do not know if this is also required for Windows and Linux.
The port forwarding will be active as long as that command is running and every time you use the connection the terminal will print Handling connection for 27017.
If you do not have the
mongoshell you can install it from here.
$ mongo "mongodb://user:password@192.168.1.23:27017/database"
...
Welcome to the MongoDB shell.
For interactive help, type "help".
> To complete the port forwarding command, just do ctrl+c or close the terminal.