[英]tunnel or proxy from app in one kubernetes cluster (local/minikube) to a database inside a different kubernetes cluster (on Google Container Engine)
I have a large read-only elasticsearch database running in a kubernetes cluster on Google Container Engine, and am using minikube to run a local dev instance of my app. 我在Google Container Engine的kubernetes集群中运行着一个大型只读elasticsearch数据库,并且正在使用minikube运行我的应用程序的本地dev实例。 Is there a way I can have my app connect to the cloud elasticsearch instance so that I don't have to create a local test database with a subset of the data?
有没有一种方法可以让我的应用程序连接到cloud elasticsearch实例,从而不必用数据的子集创建本地测试数据库?
The database contains sensitive information, so can't be visible outside it's own cluster or VPC. 该数据库包含敏感信息,因此在其自己的群集或VPC外部无法看到。
My fall-back is to run kubectl port-forward inside the local pod: 我的后备方法是在本地pod内运行kubectl port-forward:
kubectl --cluster=<gke-database-cluster-name> --token='<token from ~/.kube/config>' port-forward elasticsearch-pod 9200
but this seems suboptimal. 但这似乎不是最理想的。
I'd use a ExternalName Service like 我会使用外部名称服务,例如
kind: Service
apiVersion: v1
metadata:
name: elastic-db
namespace: prod
spec:
type: ExternalName
externalName: your.elastic.endpoint.com
According to the docs 根据文档
An ExternalName service is a special case of service that does not have selectors.
ExternalName服务是没有选择器的服务的特例。 It does not define any ports or endpoints.
它没有定义任何端口或端点。 Rather, it serves as a way to return an alias to an external service residing outside the cluster.
相反,它用作将别名返回到驻留在群集外部的外部服务的一种方式。
If you need to expose the elastic database, there are two ways of exposing applications to outside the cluster: 如果需要公开弹性数据库,有两种方法可以将应用程序公开给集群之外:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.