I m able to connect to my redis deployment from a custom sub rancher-users #k3s

Title

nice-motherboard-21953

01/12/2023, 8:04 AM

I’m able to connect to my redis deployment, from a custom subdomain HostSNI, outside the cluster after I configured an IngressRouteTCP along with tls secret, like so

---
apiVersion: <http://traefik.containo.us/v1alpha1|traefik.containo.us/v1alpha1>
kind: IngressRouteTCP
metadata:
  name: redis-service-tcp

spec:
  entryPoints:
    - redis
  routes:
  - match: HostSNI(`<http://redis.example.net|redis.example.net>`)
    services:
    - name: redis-service
      port: 6379
  tls:
    secretName: wildcard-secret

(After applying this, I’m able to connect to

<http://redis.example.net|redis.example.net>

using redis-cli) However, I’m not able to do the same with postgres, even though the certificate etc is valid. Doesn’t postgres support SNI? Has anyone here exposed their postgres deployments via Traefik IngressRouteTCP with custom domain and TLS?

sticky-summer-13450

01/12/2023, 8:21 AM

Since this is purely a Traefik question, maybe you'd get more traction on a Traefik slack channel - maybe https://kubernetes.slack.com/archives/CD1C3TMRR

nice-motherboard-21953

01/12/2023, 9:00 AM

Thanks, I’ve posted it there as well.

#k3s Join Slack