我正在尝试在 Google Cloud Postgres
之间建立连接和 Google Kubernetes Engine
使用 CloudSQL proxy
.如果我查看两个工作负载的日志:
我正进入(状态:
2021-02-02T11:42:09.748706102Z2021/02/02 11:42:09 dial tcp 127.0.0.1:5432: connect: connection refused
我正在写下我使用所有真实文件关键字或文件名执行的所有步骤。脚步
google cloud cluster
有 3 个节点。 Postgres
Google Cloud SQL
的实例.添加新用户 gothamuser
密码是gothampass
: 在 5432 端口上运行 I am service
账户通过gothamcity-gke@miles-789.iam.gserviceaccount.com
并保存了config.json
文件。 Docker file
的链接[.1] gcloud builds submit --tag gcr.io/miles-789/gothamcity:0.10 .
构建容器Deployment.yaml
的链接[.2] kubectl create -f deployment.yaml
执行部署文件service.yaml
的链接[3] kubectl create -f service.yaml
执行服务文件kubectl create secret generic cloudsql-instance-credentials --from-file=cred.json=/Users/gotham/Downloads/cofig.json
创建云 SQL 实例cloudsql-db credentials using kubectl create secret generic cloudsql-db-credentials --from-literal=username=gothamuser --from-literal=password=gothampass
.没有提到数据库名称,因为我要连接多个数据库。 cloudsql-db-credentials
和 cloudsql-instance-credentials
在 psql.yaml
文件 psql.yaml
的链接文件 [4] kubectl create -f psql.yaml
执行此文件Go
上的数据库配置项目 [5] kubectl 命令截图
1
kubectl get nodes
2
kubectl get pods
提到的文件
[1.] docker
FROM golang:alpine AS build-env
ENV GOPATH /go
WORKDIR /go/src
COPY . /go/src/gothamcity
RUN cd /go/src/gothamcity && go build .
FROM alpine
RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk*
WORKDIR /app
COPY --from=build-env /go/src/gothamcity/gothamcity /app
COPY .env /app
EXPOSE 5432
EXPOSE 8080
ENTRYPOINT [ "./gothamcity" ]
[2.] 部署.yamlapiVersion: apps/v1
kind: Deployment
metadata:
name: gothamcity-backend
spec:
replicas: 1
selector:
matchLabels:
app: gothamcity
template:
metadata:
labels:
app: gothamcity
spec:
containers:
- name: gothamcity-app
image: gcr.io/miles-789/gothamcity:0.10
ports:
- containerPort: 8080
env:
- name: PORT
value: "8080"
[3] 服务.yamlapiVersion: v1
kind: Service
metadata:
name: gothamcity
spec:
type: LoadBalancer
selector:
app: gothamcity
ports:
- port: 80
targetPort: 8080
[4] psql.yaml apiVersion: apps/v1
kind: Deployment
metadata:
name: gothamcity-psql-proxy
spec:
selector:
matchLabels:
app: gothamcity
template:
metadata:
labels:
app: gothamcity
spec:
containers:
- image: gcr.io/miles-789/gothamcity:0.10
name: gothamcity-app
env:
- namee: DB_HOST
value: 127.0.0.1
- name: DB_USER
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: password
- name: DB_NAME
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: database
- name: cloud-sql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.17
command:
- "/cloud_sql_proxy"
- "-instances=miles-789:europe-east1:gotham-miles-v1=tcp:5432"
- "-credential_file=/secrets/config.json"
securityContext:
runAsNonRoot: true
volumeMounts:
- name: cloudsql-instance-credentials
mountPath: /secrets/
readOnly: true
volumes:
- name: cloudsql-instance-credentials
secret:
secretName: cloudsql-instance-credentials
[5] 数据库配置package dataservices
import "os"
const (
dbhost = "DBHOST"
dbport = "DBPORT"
dbuser = "DBUSER"
dbpass = "DBPASS"
dbname = "DBNAME"
env = "ENV"
)
func dbConfig(database string) map[string]string {
var host = os.Getenv("DB_HOST")
var user = os.Getenv("DB_USER")
var password = os.Getenv("DB_PASS")
var name = database
var port = "5432"
conf := make(map[string]string)
conf[dbhost] = host
conf[dbport] = port
conf[dbuser] = user
conf[dbpass] = password
conf[dbname] = name
return conf
}
我不明白我在这里做错了什么。是错字还是我在这里缺少某种配置。
最佳答案
这是私有(private)集群吗?
如果是这样,您需要在同一个 VPC 上拥有 SQL DB(或拥有 VPC 对等)才能让您的应用程序访问 SQL DB
或者您需要在您的 VPC 上设置 Cloud NAT,以便集群与 SQL DB 对话
这可能很有用
https://groups.google.com/g/google-cloud-sql-discuss/c/6lA0r6zRfeI/m/hr8mRt9AGgAJ
关于docker - 如何使用 Cloud sql 代理通过 GKE 配置 Cloud SQL?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66010013/