Compliant Kubernetes Service documentation has moved

Please note: You are not reading Kubernetes documentation. If you're looking for Compliant Kubernetes Service documentation, it has moved. Read more here.

Datica uses Heroku buildpacks to build and run your application. Heroku made a decision to force all PostgreSQL connections to use SSL starting March 2018. Since Datica does not use PostgreSQL's SSL connection encryption, if you're using a recent buildpack, you might run into an error that looks something like:

WARNING: SQLException occurred while connecting to postgresql-220255302.internal:5432
org.postgresql.util.PSQLException: The server does not support SSL.

 

Configuring SSL is unnecessary because Datica already encrypts all the traffic in your environment. Instead, this article will guide you through configuring the service so the buildpack does not force connections to use SSL. This is done by adding an environment variable to your code service and rebuilding it.

 

First, add the environment variables SKIP_PGCONFIG_INSTALL=true and DATABASE_URL=  to your code service with the CLI, replacing the <PLACEHOLDERS> with the correct values.

datica -E <ENVIRONMENT> vars set <SERVICE> -v "SKIP_PGCONFIG_INSTALL=true" -v "DATABASE_URL="

If that's successful, you should see the following message:

Set. For these environment variables to take effect, you will need to redeploy your service with "datica redeploy <SERVICE>"

 

Next, we want to build and deploy the application with the new buildpack configuration. You do this by pushing a commit. If you have nothing to commit, you can push an empty commit.

git commit --allow-empty -m "empty commit"
git push

 

Once the application is deployed, new connections should not be required to use SSL.