Get Started
Local Getting Started Guides
Docker Desktop
Minikube
Cloud Getting Started Guides
AWS + Pachyderm
Azure + Pachyderm
GCP + Pachyderm
Install Pachctl Auto-completion
Beginner Tutorial
Concepts
Advanced Concepts
Deferred Processing
Distributed Computing
Global Identifier
Pipeline Concepts
Datum
Cross & Union Inputs
Datum Processing
Datum Processing States
Glob Pattern
Group Input
Join Input
Metadata
Job
Pipeline
Cron Pipeline
Service
Spout
Versioned Data Concepts
Branch
Commit
File
History
Provenance
Repository
How Tos
Advanced Data Operations
Analyze Time-Windowed Data
Manage Secrets
Mount a Volume in a Pipeline
Skip Failed Datums
Transactions
Basic Data Operations
Export Data
Egress To An SQL Database
Export via Egress
Export via Pachctl
Mount a Repo Locally
Ingest Data
Manage Commits & Delete Data
SQL Ingest
Developer Workflow
CI/CD Integration
Create a Machine Learning Workflow
The Push Images Flag
Working with Pipelines
Pachyderm's JupyterLab Extension
Docker Installation Guide
Extension Walkthrough
Local Installation Guide
User Guide
Troubleshooting
Pipeline Operations
Create a Pipeline
Delete a Pipeline
Jsonnet Pipeline Specifications
Update a Pipeline
Deploy & Manage
Deploy
Azure
Configure Environment Variables
Configure Tracing with Jaeger
👉 Connect to a Cluster
Console
Cloud Deployment
Local Deployment
Deploy Pachyderm on AWS
Deploy Pachyderm via Proxy (One Port)
Deploy Pachyderm with TLS (SSL, HTTPS)
Enable Logs Aggregation With Loki
Google Cloud Platform
Helm Deployment
Import a Kubernetes Context
Infrastructure Recommendations
Setup Ingress with Traefik
Monitor with Prometheus
Job Metrics
Pachd Metrics
Non-Default Namespaces
On Premises
Production Recommendations
Quickstart
RBAC
Set Up AWS Secret Manager
Manage
Backup & Restore Your Cluster
Disable Usage Metrics
Global S3 Gateway
Pachyderm S3 Gateway Supported Operations
S3 Client Configuration
Unsupported operations
Manage Cluster Access
Sidecar S3 Gateway
Storage Use Optimization
Uninstall Pachyderm
Upgrade Pachyderm
Use GPUs
Using the Pachyderm Shell
Reference
PachCTL
pachctl auth
pachctl auth activate
pachctl auth check
pachctl auth check repo
pachctl auth deactivate
pachctl auth get
pachctl auth get cluster
pachctl auth get enterprise
pachctl auth get repo
pachctl auth get-config
pachctl auth get-groups
pachctl auth get-robot-token
pachctl auth login
pachctl auth logout
pachctl auth revoke
pachctl auth roles-for-permission
pachctl auth rotate-root-token
pachctl auth set
pachctl auth set cluster
pachctl auth set enterprise
pachctl auth set repo
pachctl auth set-config
pachctl auth use-auth-token
pachctl auth whoami
pachctl buildinfo
pachctl completion
pachctl completion bash
pachctl completion zsh
pachctl config
pachctl config delete
pachctl config delete context
pachctl config get
pachctl config get active-context
pachctl config get active-enterprise-context
pachctl config get context
pachctl config get metrics
pachctl config import-kube
pachctl config list
pachctl config list context
pachctl config set
pachctl config set active-context
pachctl config set active-enterprise-context
pachctl config set context
pachctl config set metrics
pachctl config update
pachctl config update context
pachctl copy
pachctl copy file
pachctl create
pachctl create branch
pachctl create pipeline
pachctl create repo
pachctl create secret
pachctl debug
pachctl debug analyze
pachctl debug binary
pachctl debug dump
pachctl debug profile
pachctl delete
pachctl delete all
pachctl delete branch
pachctl delete commit
pachctl delete file
pachctl delete job
pachctl delete pipeline
pachctl delete repo
pachctl delete secret
pachctl delete transaction
pachctl diff
pachctl diff file
pachctl draw
pachctl edit
pachctl edit pipeline
pachctl enterprise
pachctl enterprise deactivate
pachctl enterprise get-state
pachctl enterprise heartbeat
pachctl enterprise pause
pachctl enterprise pause-status
pachctl enterprise register
pachctl enterprise sync-contexts
pachctl enterprise unpause
pachctl exit
pachctl finish
pachctl finish commit
pachctl finish transaction
pachctl fsck
pachctl get
pachctl get file
pachctl glob
pachctl glob file
pachctl idp
pachctl idp create-client
pachctl idp create-connector
pachctl idp delete-client
pachctl idp delete-connector
pachctl idp get-client
pachctl idp get-config
pachctl idp get-connector
pachctl idp list-client
pachctl idp list-connector
pachctl idp set-config
pachctl idp update-client
pachctl idp update-connector
pachctl inspect
pachctl inspect branch
pachctl inspect cluster
pachctl inspect commit
pachctl inspect datum
pachctl inspect file
pachctl inspect job
pachctl inspect pipeline
pachctl inspect repo
pachctl inspect secret
pachctl inspect transaction
pachctl license
pachctl license activate
pachctl license add-cluster
pachctl license delete-all
pachctl license delete-cluster
pachctl license get-state
pachctl license list-clusters
pachctl license update-cluster
pachctl list
pachctl list branch
pachctl list commit
pachctl list datum
pachctl list file
pachctl list job
pachctl list pipeline
pachctl list repo
pachctl list secret
pachctl list transaction
pachctl logs
pachctl mount
pachctl port-forward
pachctl put
pachctl put file
pachctl restart
pachctl restart datum
pachctl resume
pachctl resume transaction
pachctl run
pachctl run cron
pachctl run pfs-load-test
pachctl run pps-load-test
pachctl shell
pachctl squash
pachctl squash commit
pachctl start
pachctl start commit
pachctl start pipeline
pachctl start transaction
pachctl stop
pachctl stop job
pachctl stop pipeline
pachctl stop transaction
pachctl subscribe
pachctl subscribe commit
pachctl unmount
pachctl update
pachctl update pipeline
pachctl update repo
pachctl version
pachctl wait
pachctl wait commit
pachctl wait job
Configuration Specification
Helm Chart Values
Language Clients
Pachyderm Supported Releases & Features
Pipeline Scaling Limits (CE)
Pipeline Specification
S3 Gateway API
Enterprise Edition
Authentication & Authorization
Authentication
Authentication Flows
Connectors
Okta
Identity Providers
Authorization
Permissions by Role
Role Binding
Enterprise Server
Server Management
Server Setup
Deploy
Features Overview
Troubleshooting Guides
General Troubleshooting
Troubleshooting Deployments
Troubleshooting Pipelines
Contributing
Coding Conventions
Contributor Setup
Developing on Windows with VSCode
Documentation Style Guide
GitHub

Connect to a Cluster

Learn how to connect to Pachyderm clusters locally and on the cloud.

March 24, 2023

You can connect to a deployed Pachyderm cluster in the following ways:

Connect to a Local Cluster #

If you are just exploring Pachyderm, use port-forwarding to access both pachd and the Pachyderm Console.

By default, Pachyderm enables port-forwarding from pachctl to pachd. If you do not want to use port-forwarding for pachctl operations, configure a pachd_address as described in Connect by using a Pachyderm context.

To connect to the Pachyderm Console, you can either use port-forwarding, or the IP address of the virtual machine on which your Kubernetes cluster is running.

The following example shows how to access Pachyderm Console that runs in minikube.

Connect to a Cluster Deployed on a Cloud Platform #

As in a local cluster deployment, a Pachyderm cluster deployed on a cloud platform has implicit port-forwarding enabled. This means that, if you are connected to the cluster so that kubectl works, pachctl can communicate with pachd without any additional configuration. Other services still need explicit port forwarding. For example, to access Pachyderm console, you need to run pachctl port-forward. Since a Pachyderm cluster deployed on a cloud platform is more likely to become a production deployment, configuring a pachd_address as described in Connect by using a Pachyderm context is the preferred way.

Connect by using a Pachyderm context #

You can specify an IP address that you use to connect to the Console (Pachyderm UI) and the S3 gateway by storing that address in the Pachyderm configuration file as the pachd_address parameter.

This configuration, recommended in production environments, requires that you deploy an ingress controller and a reliable security method to protect the traffic between the Pachyderm pods and your client machine. Remember that exposing your traffic through a public ingress might create a security issue. Therefore, if you expose your pachd endpoint, you need to make sure that you take steps to protect the endpoint and traffic against common container security threats. Port-forwarding might be an alternative which might result in sufficient performance if you place the data that is consumed by your pipeline in object store buckets located in the same region.

For more information about Pachyderm contexts, see Manage Cluster Access.

To connect by using a Pachyderm context, complete the following steps:

  1. Get the current context:

    pachctl config get active-context

    This command returns the name of the currently active context. Use this as the argument to the command below.

    If no IP address is set up for this cluster, you get the following output:

    pachctl config get context <name>
{

}

  2. Set up pachd_address:

    pachctl config update context <name> --pachd-address <host:port>

    Example:

    pachctl config update context local --pachd-address 192.168.1.15:30650

    Note: By default, the pachd port is 30650.

  3. Verify that the configuration has been updated:

    pachctl config get context local

    System Response:

    {
   "pachd_address": "192.168.1.15:30650"
}

Connect by Using Port-Forwarding #

The Pachyderm port-forwarding is the simplest way to enable cluster access and test basic Pachyderm functionality. Pachyderm automatically starts port-forwarding from pachctl to pachd. Therefore, the traffic from the local machine goes to the pachd endpoint through the Kubernetes API. However, to open a persistent tunnel to other ports, including the Pachyderm Console, authentication callbacks, the built-in HTTP file API, and other, you need to run port-forwarding explicitly.

Also, if you are connecting with port-forward, you are using the 0.0.0.0. Therefore, if you are using a proxy, it needs to handle that appropriately.

Although port-forwarding is convenient for testing, for production environments, this connection might be too slow and unreliable. The speed of the port-forwarded traffic is limited to 1 MB/s. Therefore, if you experience high latency with put file and get file operations, or if you anticipate high throughput in your Pachyderm environment, you need to enable ingress access to your Kubernetes cluster. Each cloud provider has its own requirements and procedures for enabling ingress controller and load balancing traffic at the application layer for better performance.

Remember that exposing your traffic through a public ingress might create a security issue. Therefore, if you expose your pachd endpoint, you need to make sure that you take steps to protect the endpoint and traffic against common container security threats. Port-forwarding might be an alternative which might provide satisfactory performance if you place the data that is consumed by your pipeline in object store buckets located in the same region.

To enable port-forwarding, run pachctl port-forward in a new terminal window.

The command does not stop unless you manually interrupt it. You can run other pachctl commands from another window. If any of your pachctl commands hang, verify if the kubectl port-forwarding has had issues that prevent pachctl port-forward from running properly.

👈 Configure Tracing with Jaeger Deploy Pachyderm on AWS 👉