I have such a mysql configuration for kubernetes. But I can not connect to database with my local mysql. I am doing port-forward: kubectl port-forward svc/mysql 3307 and then try to connect with command: mysql -h 127.0.0.1 -P 3307 -uroot -p
with password: pass
This password is defined in secret file for the root user. The error is: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
Do you have idea what could be wrong?
mysql-deployment:
apiVersion: v1
kind: Service
metadata:
name: mysql
labels:
app: mysql
tier: database
spec:
ports:
- port: 3307
targetPort: 3306
selector:
app: mysql
tier: database
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pv-claim
labels:
app: mysql
tier: database
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
#
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
tier: database
spec:
selector:
matchLabels:
app: mysql
tier: database
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
tier: database
spec:
containers:
- image: mysql:5.7 # image from docker-hub
args:
- "--ignore-db-dir=lost+found"
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: db-root-credentials
key: password
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: db-credentials
key: username
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: db-credentials
key: password
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: db-conf
key: name
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath:
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pv-claim
mysqldb-root-credentials:
apiVersion: v1
kind: Secret
metadata:
name: db-root-credentials
data:
password: cGFzcwo=
mysqldb-credentials:
apiVersion: v1
kind: Secret
metadata:
name: db-credentials
data:
username: c2ViYQo=
password: c2ViYQo=
I've reproduced your issue and solve it by changing the way secrets are created. I used kubectl
CLI to create secrets:
kubectl create secret generic db-credentials --from-literal=password=xyz --from-literal=username=xyz
kubectl create secret generic mysql-pass --from-literal=password=pass
Then deployed PVC, Deployment and Service
:
apiVersion: v1
kind: Service
metadata:
name: mysql
labels:
app: mysql
tier: database
spec:
ports:
- port: 3306
targetPort: 3306
selector:
app: mysql
tier: database
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: mysql-pv-claim
labels:
app: mysql
tier: database
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: mysql
labels:
app: mysql
tier: database
spec:
selector:
matchLabels:
app: mysql
tier: database
strategy:
type: Recreate
template:
metadata:
labels:
app: mysql
tier: database
spec:
containers:
- image: mysql:5.7 # image from docker-hub
args:
- "--ignore-db-dir=lost+found"
name: mysql
env:
- name: MYSQL_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: mysql-pass
key: password
- name: MYSQL_USER
valueFrom:
secretKeyRef:
name: db-credentials
key: username
- name: MYSQL_PASSWORD
valueFrom:
secretKeyRef:
name: db-credentials
key: password
ports:
- containerPort: 3306
name: mysql
volumeMounts:
- name: mysql-persistent-storage
mountPath: /var/lib/mysql
volumes:
- name: mysql-persistent-storage
persistentVolumeClaim:
claimName: mysql-pv-claim
Exec to pod:
kubectl exec -it mysql-78d9b7b765-2ms5n -- mysql -h 127.0.0.1 -P 3306 -uroot -p
Once I enter the root
password everything works fine:
Welcome to the MySQL monitor. Commands end with ; or \g.
[...]
mysql>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.