从集群外的应用程序访问 kube.netes 中的 postgres
[英]access postgres in kubernetes from an application outside the cluster
问题描述
Am trying to access postgres db deployed in kube.netes(kubeadm) on centos vms from another application running on another centos vm.
我正在尝试从另一个 centos 虚拟机上运行的另一个应用程序访问部署在 centos 虚拟机上的 kube.netes(kubeadm) 中的 postgres 数据库。 I have deployed postgres service as 'NodePort' type.我已将 postgres 服务部署为“NodePort”类型。 My understanding is we can deploy it as LoadBalancer type only on cloud providers like AWS/Azure and not on baremetal vm.我的理解是,我们只能将其作为 LoadBalancer 类型部署在 AWS/Azure 等云提供商上,而不能部署在裸机虚拟机上。 So now am trying to configure 'ingress' with NodePort type service.所以现在我正在尝试使用 NodePort 类型服务配置“入口”。 But am still unable to access my db other than using kubectl exec $Pod-Name on kube.netes master.但是除了在 kube.netes master 上使用 kubectl exec $Pod-Name 之外,我仍然无法访问我的数据库。
My ingress.yaml is我的 ingress.yaml 是
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
name: postgres-ingress
spec:
backend:
serviceName: postgres
servicePort: 5432
which does not show up any address as below没有显示任何地址如下
NAME HOSTS ADDRESS PORTS AGE
postgres-ingress * 80 4m19s
am not even able to access it from pgadmin on my local mac.我什至无法从本地 Mac 上的 pgadmin 访问它。 Am I missing something?我错过了什么吗?
Any help is highly appreciated.非常感谢任何帮助。
1 个解决方案
解决方案1
22 已采纳 2020-02-03 23:22:28
Ingress won't work, it's only designed for HTTP traffic, and the Postgres protocol is not HTTP. You want solutions that deal with just raw TCP traffic: Ingress 不会工作,它只为 HTTP 流量设计,而 Postgres 协议不是 HTTP。你想要的解决方案只处理原始 TCP 流量:
- A NodePort service alone should be enough.一个 NodePort 服务就足够了。 It's probably the simplest solution.这可能是最简单的解决方案。 Find out the port by doing
kubectl describeon the service, and then connect your Postgres client to the IP of the node VM (not the pod or service) on that port.通过在服务上执行kubectl describe找出端口,然后将您的 Postgres 客户端连接到该端口上的节点 VM(不是 pod 或服务)的 IP。 - You can use port-forwarding:
kubectl port-forward pod/your-postgres-pod 5432:5432, and then connect your Postgres client tolocalhost:5432.您可以使用端口转发: kubectl port-forward pod/your-postgres-pod 5432:5432,然后将您的 Postgres 客户端连接到localhost:5432。 This is my preferred way for accessing the database from your local machine (it's very handy and secure) but I wouldn't use it for production workloads (kubectl must be always running so it's somewhat fragile and you don't get the best performance).这是我从本地机器访问数据库的首选方式(它非常方便和安全),但我不会将它用于生产工作负载(kubectl 必须始终运行,所以它有点脆弱,你得不到最佳性能) . - If you do special.networking configuration, it is possible to directly access the service or pod IPs from outside the cluster.如果您进行特殊的网络配置,则可以直接从集群外部访问服务或 pod IP。 You have to route traffic for the pod and service CIDR ranges to the k8s nodes, this will probably involve configuring your VM hypervisors, routers and firewalls, and is highly dependent on what.networking (CNI) plugin are you using for your Kube.netes cluster.您必须将 pod 和服务 CIDR 范围的流量路由到 k8s 节点,这可能涉及配置您的 VM 管理程序、路由器和防火墙,并且高度依赖于您为 Kube.netes 使用的网络(CNI)插件簇。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.