[英]Connect to Postgresql from inside kubernetes cluster
I setup a series of VM 192.168.2.(100,105,101,104)
where kubernetes master is on 100
and two workers on 101,104
.我设置了一系列 VM
192.168.2.(100,105,101,104)
其中 kubernetes master 在100
,两个 worker 在101,104
。 Also setup the postgres on 192.168.2.105
, followed this tutorial but it is still unreachable from within.还在
192.168.2.105
上设置 postgres,遵循本教程,但它仍然无法从内部访问。 Tried it in minikube inside a test VM where minikube and postgres were installed in the same VM, worked just fine.在 minikube 和 postgres 安装在同一个 VM 中的测试 VM 中的 minikube 中进行了尝试,效果很好。
Changed the postgers config file from localhost
to *
, changed listen at pg_hba.conf to 0.0.0.0/0
将 postgers 配置文件从
localhost
更改为*
,将 pg_hba.conf 的监听更改为0.0.0.0/0
Installed postgesql-12 and postgresql-client-12 in the VM 192.168.2.105:5432
, now i added headless service to kubernetes which is as follows在 VM
192.168.2.105:5432
安装了 postgesql-12 和 postgresql-client-12 ,现在我向 kubernetes 添加了 headless 服务,如下所示
apiVersion: v1
kind: Service
metadata:
name: my-service
spec:
ports:
- protocol: TCP
port: 5432
targetPort: 5432
------
apiVersion: v1
kind: Endpoints
metadata:
name: my-service
subsets:
- addresses:
- ip: 192.168.2.105
ports:
- port: 5432
in my deployment I am defining this to access database在我的部署中,我将其定义为访问数据库
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak
spec:
ports:
- name: http
port: 8080
targetPort: 8080
selector:
app: keycloak
type: LoadBalancer
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
namespace: default
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:11.0.0
env:
- name: KEYCLOAK_USER
value: "admin"
- name: KEYCLOAK_PASSWORD
value: "admin"
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: DB_ADDR
value: 'my-service:5432'
- name: DB_DATABASE
value: postgres
- name: DB_PASSWORD
value: admin
- name: DB_SCHEMA
value: public
- name: DB_USER
value: postgres
- name: DB_VENDOR
value: POSTGRES
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
Also the VMs are bridged, not on NAT.此外,VM 是桥接的,而不是在 NAT 上。
What i am doing wrong here ?我在这里做错了什么?
The first thing we have to do is create the headless service with custom endpoint.我们要做的第一件事是使用自定义端点创建无头服务。 The IP in my solution is only specific for my machine.
我的解决方案中的IP仅特定于我的机器。
Endpoint with service:具有服务的端点:
apiVersion: v1
kind: Service
metadata:
name: postgres-service
spec:
ports:
- protocol: TCP
port: 5432
targetPort: 5432
---
apiVersion: v1
kind: Endpoints
metadata:
name: postgres-service
subsets:
- addresses:
- ip: 192.168.2.105
ports:
- port: 5432
As for my particular specs, I haven't defined any ingress or loadbalancer so i'll change the selector type from LoadBalancer to NodePort in the service after its deployed.至于我的特定规范,我还没有定义任何入口或负载均衡器,因此我将在部署后将服务中的选择器类型从LoadBalancer更改为NodePort 。
Now i deployed the keycloak with the the mentioned .yaml file现在我使用提到的 .yaml 文件部署了 keycloak
apiVersion: v1
kind: Service
metadata:
name: keycloak
labels:
app: keycloak
spec:
ports:
- name: http
port: 8080
targetPort: 8080
- name: https
port: 8443
targetPort: 8443
selector:
app: keycloak
type: NodePort
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: keycloak
namespace: default
labels:
app: keycloak
spec:
replicas: 1
selector:
matchLabels:
app: keycloak
template:
metadata:
labels:
app: keycloak
spec:
containers:
- name: keycloak
image: quay.io/keycloak/keycloak:11.0.0
env:
- name: KEYCLOAK_USER
value: "admin" # TODO give username for master realm
- name: KEYCLOAK_PASSWORD
value: "admin" # TODO give password for master realm
- name: PROXY_ADDRESS_FORWARDING
value: "true"
- name: DB_ADDR
value: # <Node-IP>:<LoadBalancer-Port/ NodePort>
- name: DB_DATABASE
value: "keycloak" # Database to use
- name: DB_PASSWORD
value: "admin" # Database password
- name: DB_SCHEMA
value: public
- name: DB_USER
value: "postgres" # Database user
- name: DB_VENDOR
value: POSTGRES
ports:
- name: http
containerPort: 8080
- name: https
containerPort: 8443
readinessProbe:
httpGet:
path: /auth/realms/master
port: 8080
After mentioning all the possible values, it connects successfully to the postgres server that is hosted on another server away from kubernetes master and workers node !在提到所有可能的值后,它成功连接到托管在另一台服务器上的 postgres 服务器,远离 kubernetes 主节点和工作节点!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.