Cloud Pak for Data

 View Only
  • 1.  Airgapped CP4D - How to whitelist ip/port

    Posted Thu December 23, 2021 09:37 AM
    Hi all,
    Our client has an airgapped CP4D Instance running and is required to add a SQL Server Connection to his Jupyter notebook project.
    The code he is using has been tested out on an internal network SQL Server Instance. 
    When he tries to Connect to publicly available SQL Server, he gets the following error output:

    com.microsoft.sqlserver.jdbc.SQLServerExceptionPyRaisablecom.microsoft.sqlserver.jdbc.SQLServerException: The TCP/IP connection to the host xxx.xxx.xxx.xxx, port 1433 has failed. Error: "Connection refused (Connection refused). Verify the connection properties. Make sure that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. Make sure that TCP connections to the port are not blocked by a firewall.".

    I tried also telneting to the address from CLI and receive "Connection refused.".

    Network isn't firewalling the IP since I can telnet the service from network and connect to it using SSMS.

    Where would one go about in whitelisting that IP on the CP4D. I presume Openshift layer but wasn't able to locate guides for that.

    Thank you kindly,



    ------------------------------
    Mario Galjanic
    ------------------------------


  • 2.  RE: Airgapped CP4D - How to whitelist ip/port

    Posted Tue March 22, 2022 08:58 AM
    Bump. I too would like to know the answer to this!

    ------------------------------
    Adam Stewart
    ------------------------------



  • 3.  RE: Airgapped CP4D - How to whitelist ip/port

    Posted Tue March 22, 2022 08:59 AM
    Looking for an answer to this as well

    ------------------------------
    Adam Stewart
    ------------------------------



  • 4.  RE: Airgapped CP4D - How to whitelist ip/port

    Posted Wed March 23, 2022 04:56 PM
    Edited by Steve Prior Wed March 23, 2022 04:56 PM
    I don't work for IBM, but I'm also running an airgapped installation of CPD.  It's a little hard to follow exactly what your network config is, but I think it's very unlikely that CPD or OpenShift is firewalling the connection (incoming connections yes, but outgoing connections no).  Is your CPD installation in it's own network that's separated from the rest of your corporate network?  If so is the air-gap between your corporate network and the network CPD is on, or is it between your corporate network and the Internet?  When you said you tested an internal network SQL Server instance was it on the same network as your CPD instance or elsewhere on your corporate network?  When you tried the telnet and got a connection refused were you logged into a pod in Openshift, another machine on the same network as your CPD install, or elsewhere on your corporate network?

    My first guess would be that you've got CPD installed on its own network which is isolated from your corporate network and maybe your network admins have rules in place that stop the CPD isolated network from reaching the Internet even if the corporate network has access.

    ------------------------------
    Steve Prior
    ------------------------------