堆栈内存溢出
  简体   繁体   English

在Google Kubernetes Engine上访问Redis集群

[英]Accessing Redis cluster on Google Kubernetes Engine

 原文  2017-11-28 15:22:12       redis/ kubernetes/ google-kubernetes-engine

问题描述

I have deployed a Redis cluster on Google Kubernetes Engine using Kubernetes's provided examples . 我已经使用Kubernetes提供的示例Google Kubernetes Engine上部署了Redis集群。 It works as expected. 它按预期工作。

I am attempting to connect to this cluster from client applications. 我正在尝试从客户端应用程序连接到此群集。 I am aware that Redis does not provide encryption, nor is the recommended practice to expose the cluster to the world, and it's intended to be accessed from private and trusted networks. 我知道Redis不提供加密,也没有建议将群集公开给外界的做法,并且可以从私有和受信任的网络访问它。

If by default, redis binds to the loopback interface, how can I connect with standard (Go or Python) client libraries to the cluster? 如果默认情况下,redis绑定到环回接口,如何将标准(Go或Python)客户端库连接到群集?

1 个解决方案

解决方案1
 2 已采纳  2017-12-14 18:20:11

As Carlos described kubectl proxy might be an approach. 正如Carlos所述, kubectl proxy可能是一种方法。 Here are some alternatives. 这里有一些选择。

  1. I would say that look at how cloud services providing Redis-as-a-Service are doing this. 我要说的是,看看提供Redis即服务的云服务是如何做到的。 Do they have a password auth model? 他们有密码验证模型吗? Do they have TLS certificates? 他们有TLS证书吗? Figure out how they provide auth and you can configure it that way too. 弄清楚他们如何提供身份验证,您也可以通过这种方式进行配置。

  2. If there's no authentication, kubectl proxy and kubectl port-forward will give you a secure tunnel into the cluster, so you don't have to expose the redis Service to public internet. 如果没有身份验证,则kubectl proxykubectl port-forward将为您提供进入群集的安全隧道,因此您不必将redis服务公开到公共Internet。

  3. Use new feature Internal Load Balancer https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing . 使用新功能Internal Load Balancer https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing This lets you access your Redis cluster (running on GKE with a non-public IP address) to other GCE VMs in your network. 这使您可以将Redis群集(在具有非公共IP地址的GKE上运行)访问网络中的其他GCE VM。 This still doesn't do authentication/authorization, but at least it's not exposed to the public Internet. 这仍然没有进行身份验证/授权,但至少它没有公开的Internet。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Kubernetes Redis Cluster问题 - Kubernetes Redis Cluster issue Redis集群在kubernetes上 - Redis cluster on kubernetes 在 Kubernetes 上设置 redis 集群 - setup redis cluster on Kubernetes 有没有办法在Kubernetes上自动扩展Redis集群? - Is there a way to autoscale a Redis cluster on Kubernetes? REDIS 集群在 KUBERNETES 上没有持久性 - REDIS cluster without persistence on KUBERNETES Azure Kubernetes 上的 Redis 分片集群 - Redis sharded cluster on Azure Kubernetes 在Kubernetes上使用哨兵连接到Redis集群 - Connecting to redis cluster with sentinel on kubernetes 生产 Redis 集群,在 Kubernetes 中分片 - Production Redis cluster with sharding in Kubernetes Redis 集群 HA 在 kubernetes 中不起作用 - Redis cluster HA not working in kubernetes 将 redis db 导入 kubernetes 上的其他 redis 集群 - import redis db to other redis cluster on kubernetes
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM