Setting up a Yandex Managed Service for PostgreSQL connection from a Serverless Containers container
To connect to the Managed Service for PostgreSQL cluster from the Serverless Containers container:
- Prepare files for a Docker image.
- Create a Docker image in the registry.
- Create and set up a Serverless Containers container.
If you no longer need the resources you created, delete them.
Getting started
- If you do not have Docker yet, install it
. Make sure Docker Engine is running. - If you do not have a Managed Service for PostgreSQL cluster, create one. You can connect from the Serverless Containers container regardless of the public access settings to cluster hosts.
Prepare files for a Docker image
-
In the local directory, create an Ubuntu-based Dockerfile. The container environment configuration depends on whether there is public access to the cluster hosts:
Without public accessWith public accessFROM ubuntu:latest RUN apt-get update && \ apt-get install postgresql-client --yes COPY pg-version.sh pg-version.sh RUN chmod +x pg-version.sh ENTRYPOINT ["/pg-version.sh"]
FROM ubuntu:latest RUN apt-get update && \ apt-get install wget postgresql-client --yes && \ mkdir --parents ~/.postgresql && \ wget "https://storage.yandexcloud.net/cloud-certs/CA.pem" \ --output-document ~/.postgresql/root.crt && \ chmod 0600 ~/.postgresql/root.crt COPY pg-version.sh pg-version.sh RUN chmod +x pg-version.sh ENTRYPOINT ["/pg-version.sh"]
-
Put the
pg-version.sh
script in the same working directory. The script connects to the database and requests the PostgreSQL version. The connection string in the script depends on whether there is public access to the cluster hosts:Without public accessWith public access#!/bin/bash echo "$0: Start: $(date)" echo "Viewing the PostgreSQL Server Version" export PGPASSWORD='<password>' psql -h <host_FQDN> -p 6432 -U <username> -d <DB_name> -c 'select version();' echo "$0: End: $(date)"
#!/bin/bash echo "$0: Start: $(date)" echo "Viewing the PostgreSQL Server Version" export PGPASSWORD='<password>' psql -h <host_FQDN> -p 6432 --set=sslmode=require -U <username> -d <DB_name> -c 'select version();' echo "$0: End: $(date)"
Specify the following in the script:
- FQDN of your cluster host.
- Username for connection.
- User password.
- Name of the database to connect to.
Create the Docker image in the registry
-
Create a registry in Yandex Container Registry.
-
Build the Docker image by running the command in the working directory with the Docker file:
docker build . \ -t cr.yandex/<registry_ID>/ubuntu:pgconnect
Check that the image with the specified name appeared in the local repository:
docker images
-
Authenticate in the registry:
-
Run this command:
docker login \ --username iam \ --password <IAM_token> \ cr.yandex
For other methods, see Authentication in Container Registry.
-
Push the Docker image to the registry:
docker push cr.yandex/<registry_ID>/ubuntu:pgconnect
Create and set up a Serverless Containers container
-
Create a service account named
docker-puller
with thecontainer-registry.images.puller
role. -
Create a Serverless Containers container named
demo-pg-connect
. -
In the container revision settings, specify:
- Reference to the previously created image in the registry, in the Image URL field.
- In the Service account
docker-puller
field, specify Service account. - Network in which the Managed Service for PostgreSQL cluster is located, in the Network field. You do not need to specify the network if public access is enabled for the cluster.
-
Click Create revision.
-
Copy the link to invoke the container from the General information section in the management console.
-
Invoke the container by running the command:
curl --header "Authorization: Bearer $(yc iam create-token)" <invocation_link>
-
Go to the Logssection and make sure the container logs contain information about the PostgreSQL version.
Delete the resources you created
To stop paying for the resources you created:
- Delete the Serverless Containers container.
- Delete the Docker images from the registry.
- Delete the registry.
- Delete the service account.
- Delete the Managed Service for PostgreSQL cluster.
To delete the created Docker image from the local repository, run the command:
docker rmi cr.yandex/<registry_ID>/ubuntu:pgconnect