I'm trying to run SQL Server on my local Docker Desktop instance, and when run in Kubernetes mode, I get a strange error. Is there an error in my k8s.yaml file?
If I start it with docker-compose up
and this yaml, it works fine:
version: '3'
services:
db:
image: "mcr.microsoft.com/mssql/server:2019-latest"
environment:
- ACCEPT_EULA=Y
- SA_PASSWORD=C@mpl3xEn0#gh!
ports:
- "1433:1433"
network_mode: bridge
Then I test the connection with sqlcmd -U sa -PC@mpl3xEn0#gh! -S localhost,1433
sqlcmd -U sa -PC@mpl3xEn0#gh! -S localhost,1433
and it connects just fine.
If I start it with kubectl apply -f k8s.yaml
following the instructions from https://docs.microsoft.com/en-us/sql/linux/tutorial-sql-server-containers-kubernetes I get an error connecting:
# based loosely on https://docs.microsoft.com/en-us/sql/linux/tutorial-sql-server-containers-kubernetes#create-the-deployment
apiVersion: v1
kind: Pod
metadata:
name: db
spec:
containers:
- name: db
image: mcr.microsoft.com/mssql/server:2019-latest
ports:
- containerPort: 1433
env:
- name: ACCEPT_EULA
value: 'Y'
- name: SA_PASSWORD
value: C@mpl3xEn0#gh!
resources: {}
---
apiVersion: v1
kind: Service
metadata:
name: db
spec:
type: NodePort
selector:
app: db
ports:
- protocol: TCP
port: 1433
targetPort: 1433
Then I try to connect from my local machine using sqlcmd -U sa -PC@mpl3xEn0#gh! -S localhost,31043
sqlcmd -U sa -PC@mpl3xEn0#gh! -S localhost,31043
(swapping in the NodePort from kubectl get svc/db
), and I get the error:
A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 0 - An existing connection was forcibly closed by the remote host.)
I get the same error from Azure Data Studio and SSMS.
If I kubectl exec ...
into the container and run /opt/mssql-tools/bin/sqlcmd -U sa -PC@mpl3xEn0#gh! -S localhost,1433
/opt/mssql-tools/bin/sqlcmd -U sa -PC@mpl3xEn0#gh! -S localhost,1433
it connects just fine.
Where's the error in my k8s.yaml file that causes SQL Server not accept connections when run in Kubernetes?
I've tried setting encrypt=false;trustServerCertificate=true;
and results don't change.
Typo gets me again. Here's the missing piece of yaml:
...
metadata:
name: db
labels: # <--
app: db # <--
spec:
...
I forgot the labels:
part. So the service carefully forwarded the traffic on to nothing, which didn't do a TLS handshake, and yielded me the erroneous error.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.