Connecting to services remotely

🌐 This document is available in both English and Ukrainian. Use the language toggle in the top right corner to switch between versions.

If you need to debug a service remotely from your local machine, follow these steps to connect.

  1. Log in to the OpenShift console.

  2. Navigate to the Workloads > Deployments menu. Select your project from the Project dropdown list where the remote service connection will be used. In the search bar, enter the name of the service, and from the filtered results, select the necessary one, for example, user-task-management.

    Before editing registry resources in Openshift, consult with the Platform administrator for rights to edit YAML configurations and port forwarding within the registry namespace, as these rights are not granted by default to the registry administrator.

    remote connection 1

  3. Go to the YAML menu, and in the editor window, add the following value for the JAVA_OPTS property:

    -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5005
    remote connection 2 1
    Figure 1. Resource appearance BEFORE editing
    remote connection 2
    Figure 2. Resource appearance AFTER editing

    Next, proceed with the pod restart.

  4. Download the OpenShift command line interface.

    1. Click the question mark icon in the upper right corner of the page.

    2. Select the Command line tools menu.

    3. Choose the utility from the list to download according to your operating system.

    4. Open the downloaded file.

    remote connection 3

  5. Launch the command line (CMD) from where the oc.exe file is located.

    remote connection 4

  6. Obtain the token for authentication in OpenShift.

    1. Click on your profile name in the upper right corner of the page and select the Copy login command menu item.

      remote connection 5

    2. Re-authenticate in the system.

    3. Click Display Token.

    4. Copy the value from the Log in with this token field.

      remote connection 6

  7. Execute the copied command in the command line (CMD), for example:

    oc login --token=sha256~1aWEXnvr4IBVNaaaaaaaAAQ10NkhokA9aa-s_-trO8k --server=https://api.example.com:6443

    If you encounter an error: x509: certificate is not trusted error during login due to a missing certificate on the API endpoint https://api.example.com:6443, use the --insecure-skip-tls-verify flag to bypass TLS verification. For instance:

    oc login --insecure-skip-tls-verify --token=sha256~1aWEXnvr4IBVNaaaaaaaAAQ10NkhokA9aa-s_-trO8k --server=https://api.example.com:6443

    1. Next, select the appropriate project by executing the command:

      oc project some_name

      where some_name is the name of your project.

    2. Retrieve the pod identifier of the service by executing the command:

      oc get pods

    3. Execute the port forwarding command:

      oc port-forward user-task-management-c8b9695d6-rg92b 5005:5005

  8. Add a new configuration in IntelliJ IDEA.

    1. Go to the Run  Edit Configuration…​.

      remote connection 7

    2. Click Add New Configuration and select the Remote JVM Debug configuration type.

      remote connection 8

    3. Specify the name, check the settings, and click OK.

      remote connection 9

  9. Start the service.

    remote connection 10

  10. The service can now be intercepted on the local machine on the subsequent request.

    remote connection 11