Kubernetes pod 如何连接到与主机在同一本地网络(集群外)中运行的数据库?
[英]How can a Kubernetes pod connect to database which is running in the same local network (outside the cluster) as the host?
问题描述
I have a Kubernetes cluster (K8s) running in a physical server A (internal network IP 192.168.200.10) and a PostgreSQL database running in another physical server B (internal network IP 192.168.200.20). 
I have a Kubernetes cluster (K8s) running in a physical server A (internal network IP 192.168.200.10) and a PostgreSQL database running in another physical server B (internal network IP 192.168.200.20). How can my Java app container (pod) running in the K8s be able to connect to the PostgreSQL DB in server B?我在 K8s 中运行的 Java 应用程序容器(pod)如何能够连接到服务器 B 中的 PostgreSQL 数据库?
OS: Ubuntu v16.04 Docker 18.09.7 Kubernetes v1.15.4 Calico v3.8.2 Pod base image: openjdk:8-jre-alpine操作系统:Ubuntu v16.04 Docker 18.09.7 Kubernetes v1.15.4 Calico 基础镜像:88 Podrepine.
I have tried following this example to create a service and endpoint我已尝试按照此示例创建服务和端点
kind: Service
apiVersion: v1
metadata:
name: external-postgres
spec:
ports:
- port: 5432
targetPort: 5432
---
kind: Endpoints
apiVersion: v1
metadata:
name: external-postgres
subsets:
- addresses:
- ip: 192.168.200.20
ports:
- port: 5432
And had my JDBC connection string as: jdbc:postgresql://external-postgres/MY_APPDB, but it doesn't work.并将我的 JDBC 连接字符串设置为:jdbc:postgresql://external-postgres/MY_APPDB,但它不起作用。 The pod cannot ping server B or telnet the DB using the said internal IP or ping external-postgres service name. pod 无法使用所述内部 IP 或 ping external-postgres 服务名称 ping 服务器 B 或 telnet 数据库。 I do not wish to use "hostNetwork: true" or connect server B via a public IP.我不希望使用“hostNetwork:true”或通过公共 IP 连接服务器 B。
Any advice is much appreciated.非常感谢任何建议。 Thanks.谢谢。
2 个解决方案
解决方案1
0 2019-10-01 05:33:07
I just found out the issue is due to the K8s network conflict with the server local network (192.168.200.x) subnet.我刚刚发现问题是由于 K8s 网络与服务器本地网络(192.168.200.x)子网冲突。
During the K8s cluster initialization K8s集群初始化期间kubadmin init --pod-network-cidr=192.168.0.0/16
The CIDR 192.168.0.0/16 IP range must be change to something else eg. CIDR 192.168.0.0/16 IP 范围必须更改为其他内容,例如。 10.123.0.0/16 10.123.0.0/16
And this IP range must be also changed in the calico.yaml file before applying the Calico plugin:在应用 Calico 插件之前,还必须在 calico.yaml 文件中更改此 IP 范围:
# The default IPv4 pool to create on startup if none exists. Pod IPs will be
# chosen from this range. Changing this value after installation will have
# no effect. This should fall within `--cluster-cidr`.
- name: CALICO_IPV4POOL_CIDR
value: "10.123.0.0/16"
Can now ping and telnet server B after reset and re-init the K8s cluster with the different CIDR.现在可以在重置后 ping 和 telnet 服务器 B 并使用不同的 CIDR 重新初始化 K8s 集群。
解决方案2
0 2019-10-02 08:25:02
I guess you can replace CALICO_IPV4POOL_CIDR without re-spawning K8s cluster via kubeadm builder tool, maybe it can be useful in some circumstances.我想您可以通过kubeadm builder 工具替换CALICO_IPV4POOL_CIDR而无需重新生成 K8s 集群,也许它在某些情况下会很有用。
Remove current Calico CNI plugin installation, eg.:删除当前 Calico CNI插件安装,例如:
$ kubectl delete -f https://docs.projectcalico.org/v3.8/manifests/calico.yaml
Install Calico CNI addon, supplying CALICO_IPV4POOL_CIDR parameter with a desired value:安装Calico CNI 插件,为CALICO_IPV4POOL_CIDR参数提供所需的值:
$ curl -k https://docs.projectcalico.org/v3.8/manifests/calico.yaml --output some_file.yaml && sed -i "s~$old_ip~$new_ip~" some_file.yaml && kubectl apply -f some_file.yaml
Re-spin CoreDNS pods:重新旋转CoreDNS pod:
$ kubectl delete pod --selector=k8s-app=kube-dns -n kube-system
Wait until CoreDNS pods obtain IP address from a new network CIDR pool.等到 CoreDNS pod 从新的网络 CIDR 池中获取 IP 地址。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.