Connecting RH-SSO to External Database Running Outside the Openshift cluster

Solution Verified - Updated -


  • Red Hat Single Sign-On (RH-SSO)
    • 7
  • Red Hat Openshift Container Platform (OCP)
    • 3
  • External Database instance


  • Setup external service and disable the internal database


  1. If you have the database service running in another project, then it needs to be exposed with an external IP address: Using a Service External IP to Get Traffic into the Cluster -> Assigning an IP Address to the Service.

  2. Create a service of the database. The database can be assigned an internal ip address. Refer to the Openshift documentation for Defining a Service for an External Database.

  3. Disable the internal database replicates defined by the image

    $ oc describe Endpoints sso-postgresql  
    Name:         sso-postgresql
    Namespace:    myproject
    Labels:       app=sso-cd-postgresql
    Annotations:  <none>
    NotReadyAddresses:  <none>
        Name     Port  Protocol
        ----     ----  --------
        <unset>  5432  TCP
    Events:  <none>
    $ oc scale dc sso-postgresql --replicas 0
    $ oc rollout latest dc/sso

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.