# Connect to an Aerospike cluster on Kubernetes Connect to an Aerospike cluster deployed by Aerospike Kubernetes Operator (AKO) through [Aerospike Admin (asadm)](https://aerospike.com/docs/database/tools/asadm) or through applications that use Aerospike client libraries. ## Port access Configure the firewall rules for the Kubernetes cluster depending on the number of pods per Kubernetes host. If the Aerospike cluster is deployed with a _single_ pod per host ([`multiPodPerHost` set to its default value ‘false’](https://aerospike.com/docs/kubernetes/4.1.x/reference/config-reference)), make ports `3000 (service port) and 4333 (TLS port)` accessible to all clients and tools on all hosts . If the Aerospike cluster is deployed with _multiple_ pods per host ([`multiPodPerHost` set to ‘true’](https://aerospike.com/docs/kubernetes/4.1.x/reference/config-reference)), make port range `30000–32767` accessible to all clients and tools on all hosts. See the [Cluster Configuration Settings](https://aerospike.com/docs/kubernetes/4.1.x/reference/config-reference) section for more information on using the `multiPodPerHost` setting. ## Aerospike Database endpoints Use `kubectl -n NAMESPACE describe aerospikecluster AEROSPIKE_CLUSTER_NAME` to get the IP addresses and port numbers. The following example gets the IP addresses and port numbers for the cluster `aerocluster` in the `aerospike` namespace: Terminal window ```shell kubectl -n aerospike describe aerospikecluster aerocluster ``` The **Status > Pods** section provides pod-wise access, alternate access, TLS access, and TLS alternate access endpoints as well as the TLS name (if TLS is configured) to be used to access the cluster. > Output: > > Terminal window > > ```shell > $ kubectl -n aerospike describe aerospikecluster aerocluster > > Name: aerocluster > > Namespace: aerospike > > Labels: > > API Version: aerospike.com/v1alpha1 > > Kind: AerospikeCluster > > . > > . > > . > > Status: > > Aerospike Access Control: > > Users: > > Name: admin > > Roles: > > sys-admin > > user-admin > > Secret Name: auth-secret > > Aerospike Config: > > Logging: > > Any: info > > Clustering: debug > > Name: /var/log/aerospike/aerospike.log > > Any: info > > Name: console > > Namespaces: > > Memory - Size: 3000000000 > > Name: test > > Replication - Factor: 2 > > Storage - Engine: memory > > . > > . > > . > > Pods: > > aerocluster-0-0: > > Aerospike: > > Access Endpoints: > > 10.128.15.225:31312 > > Alternate Access Endpoints: > > 34.70.193.192:31312 > > Cluster Name: aerocluster > > Node ID: 0a0 > > Tls Access Endpoints: > > Tls Alternate Access Endpoints: > > Tls Name: > > Aerospike Config Hash: 39730a4545725a86206dcb5a2b158005621ae9b5 > > Dirty Volumes: > > Host External IP: 34.70.193.192 > > Host Internal IP: 10.128.15.225 > > Image: aerospike/aerospike-server-enterprise:8.1.0.0 > > Initialized Volumes: > > workdir > > ns > > Network Policy Hash: acbbfab3668e1fceeed201139d1173f00095667e > > Pod IP: 10.0.4.6 > > Pod Port: 3000 > > Service Port: 31312 > > aerocluster-0-1: > > Aerospike: > > Access Endpoints: > > 10.128.15.226:30196 > > Alternate Access Endpoints: > > 35.192.88.52:30196 > > Cluster Name: aerocluster > > Node ID: 0a1 > > Tls Access Endpoints: > > Tls Alternate Access Endpoints: > > Tls Name: > > Aerospike Config Hash: 39730a4545725a86206dcb5a2b158005621ae9b5 > > Dirty Volumes: > > Host External IP: 35.192.88.52 > > Host Internal IP: 10.128.15.226 > > Image: aerospike/aerospike-server-enterprise:8.1.0.0 > > Initialized Volumes: > > workdir > > ns > > Network Policy Hash: acbbfab3668e1fceeed201139d1173f00095667e > > Pod IP: 10.0.5.8 > > Pod Port: 3000 > > Service Port: 30196 > ``` ## Connect to the cluster When connecting from outside the Kubernetes cluster network, use the host external IP addresses. By default, AKO configures access endpoints to use Kubernetes host internal IPs and alternate access endpoints to use host external IP addresses. See [network policy](https://aerospike.com/docs/kubernetes/4.1.x/reference/config-reference/#aerospike-network-policy) configuration for details. From the example status output, for pod `aerocluster-0-0`, the alternate access endpoint is `34.70.193.192:31312` ### Connect with a client To use a client from outside the Kubernetes network using external IP addresses, set the following for the client policy using the appropriate client API. ```yaml host: 34.70.193.192 port: :31312 username: admin password: admin123 # based on the configured secret use-services-alternate: true ``` To use [Aerospike Admin (`asadm`)](https://aerospike.com/docs/database/tools/asadm) from within the Kubernetes network, run: ```yaml host: 10.128.15.225 port: :31312 username: admin password: admin123 # based on the configured secret use-services-alternate: false ``` ### Connect with asadm Run this kubectl command: Terminal window ```shell kubectl run -it --rm --restart=Never aerospike-tool -n aerospike --image=aerospike/aerospike-tools:latest -- asadm -h [cluster name] -U [username] -P [password] ``` To use `asadm` from outside the Kubernetes network: Terminal window ```shell asadm -h 34.70.193.192:31312 -U [username] -P [password] --services-alternate ``` To use `asadm` from within the Kubernetes network: Terminal window ```shell asadm -h 10.128.15.225:31312 -U [username] -P [password] ```