In the last article, I've explained how to manage the vCenter Server Appliance vPostgres Databases with pgAdmin. This article goes a step further and explains how to run pgAdmin in a Docker Container on the vCenter Server Appliance itself. This method works with vCenter Server Appliance version 6.5, 6.7, and 7.0.
Caution: Working with the database can cause issues with the vCenter Service. Make sure that you know what you are doing and double-check that you have a working backup or snapshots of the vCenter Server Appliance. Consider working with VMware Support if you have problems in a critical production environment.
Disclaimer: This is not officially supported by VMware, please use at your own risk.
Since vSphere 6.5, the vCenter Server Appliance is based on VMware PhotonOS making it very easy to run docker containers on the Appliance itself. The method described here should work with all standard Docker containers.
- Connect to the vCenter Server Appliance with SSH
- Install Docker
# tdnf -y install docker
- Start Docker and load Kernel Bridge Modules
# systemctl enable docker # insmod /usr/lib/modules/$(uname -r)/kernel/net/bridge/bridge.ko.xz # systemctl start docker
In older vCSA versions you might get an error message loading the module. If you get an error, try replacing "bridge.ko.xz" with "bridge.ko".
- Pull pgAdmin4 Docker Image
# docker pull dpage/pgadmin4
- Start the Docker Container
# docker run --name pgadmin -p 8080:80 \ -e 'PGADMIN_DEFAULT_EMAIL=admin' \ -e 'PGADMIN_DEFAULT_PASSWORD=password' \ -d dpage/pgadmin4
- The Container is running on public port 8080, which has to be allowed by the firewall:
# iptables -I INPUT 1 -p tcp --dport 8080 -j ACCEPT
- Docker uses a private network to allow communication between host and container. You have to configure pg_hba.conf to allow connections from the container. You can get the IP address with the docker inspect command.Get the IP Adresse with docker inspect and add an entry in pg_hba.conf:
# pgadminaddress=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' pgadmin) # echo "host all all $pgadminaddress/24 trust" >> /storage/db/vpostgres/pg_hba.conf
- Verify the entry in pg_hba.conf
# tail /storage/db/vpostgres/pg_hba.conf
- Reload vPostgres Configuration to activate changes in pg_hba.conf
#psql -U postgres -c "SELECT pg_reload_conf();"
- Open a browser and navigate to http://[vcenter]:8080. You should see the pgAdmin Login Screen:
If your browser has a cached HSTS header, the connection might not work. In that case, try the vCenters IP-Address or use Incognito mode. - Login with username and password from the docker run command.
- Right-Click Servers and navigate to Create > Server...
- Enter a Name
- Enter vCenter Hostname and connect with the postgres user (no password).
You can now manage the vCenter Server Appliance embedded vPostgres Database with pgAdmin running on the Appliance:
Hi,
Thanks a very useful article.
In my case had to load two additional modules:
insmod /usr/lib/modules/4.4.161-1.ph1/kernel/net/llc/llc.ko.xz
insmod /usr/lib/modules/4.4.161-1.ph1/kernel/net/802/stp.ko.xz
Otherwise was getting error "Unknown symbol in module" while trying to load bridge.ko.xz
Thanks for sharing and good luck.