[英]How to configure cloud SQL with GKE using cloud sql proxy?
我正在尝试使用CloudSQL proxy
在Google Cloud Postgres
和Google Kubernetes Engine
之间建立连接。 如果我查看两个工作负载的日志:
我正进入(状态:
2021-02-02T11:42:09.748706102Z2021/02/02 11:42:09 dial tcp 127.0.0.1:5432: connect: connection refused
我正在写下我使用所有真实文件关键字或文件名执行的所有步骤。
google cloud cluster
。Google Cloud SQL
的Postgres
实例。 添加一个新用户gothamuser
和密码gothampass
: Running on 5432 portgothamcity-gke@miles-789.iam.gserviceaccount.com
设置I am service
帐户并保存config.json
文件。Docker file
链接[.1]gcloud builds submit --tag gcr.io/miles-789/gothamcity:0.10.
Deployment.yaml
[.2]kubectl create -f deployment.yaml
执行部署文件service.yaml
[3]kubectl create -f service.yaml
执行服务文件kubectl create secret generic cloudsql-instance-credentials --from-file=cred.json=/Users/gotham/Downloads/cofig.json
创建云 SQL 实例cloudsql-db credentials using kubectl create secret generic cloudsql-db-credentials --from-literal=username=gothamuser --from-literal=password=gothampass
创建 cloudsql-db 凭据。 没有提到数据库名称,因为我要连接多个数据库。psql.yaml
文件中添加cloudsql-db-credentials
和cloudsql-instance-credentials
psql.yaml
文件链接[4]kubectl create -f psql.yaml
执行此文件Go
项目 [5] 上的 DB 配置 1 kubectl get nodes
2 kubectl get pods
[1.] Docker
FROM golang:alpine AS build-env
ENV GOPATH /go
WORKDIR /go/src
COPY . /go/src/gothamcity
RUN cd /go/src/gothamcity && go build .
FROM alpine
RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk*
WORKDIR /app
COPY --from=build-env /go/src/gothamcity/gothamcity /app
COPY .env /app
EXPOSE 5432
EXPOSE 8080
ENTRYPOINT [ "./gothamcity" ]
[2.] 部署.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: gothamcity-backend
spec:
replicas: 1
selector:
matchLabels:
app: gothamcity
template:
metadata:
labels:
app: gothamcity
spec:
containers:
- name: gothamcity-app
image: gcr.io/miles-789/gothamcity:0.10
ports:
- containerPort: 8080
env:
- name: PORT
value: "8080"
[3] 服务.yaml
apiVersion: v1
kind: Service
metadata:
name: gothamcity
spec:
type: LoadBalancer
selector:
app: gothamcity
ports:
- port: 80
targetPort: 8080
[4] psql.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: gothamcity-psql-proxy
spec:
selector:
matchLabels:
app: gothamcity
template:
metadata:
labels:
app: gothamcity
spec:
containers:
- image: gcr.io/miles-789/gothamcity:0.10
name: gothamcity-app
env:
- namee: DB_HOST
value: 127.0.0.1
- name: DB_USER
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: password
- name: DB_NAME
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: database
- name: cloud-sql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.17
command:
- "/cloud_sql_proxy"
- "-instances=miles-789:europe-east1:gotham-miles-v1=tcp:5432"
- "-credential_file=/secrets/config.json"
securityContext:
runAsNonRoot: true
volumeMounts:
- name: cloudsql-instance-credentials
mountPath: /secrets/
readOnly: true
volumes:
- name: cloudsql-instance-credentials
secret:
secretName: cloudsql-instance-credentials
[5] 数据库配置
package dataservices
import "os"
const (
dbhost = "DBHOST"
dbport = "DBPORT"
dbuser = "DBUSER"
dbpass = "DBPASS"
dbname = "DBNAME"
env = "ENV"
)
func dbConfig(database string) map[string]string {
var host = os.Getenv("DB_HOST")
var user = os.Getenv("DB_USER")
var password = os.Getenv("DB_PASS")
var name = database
var port = "5432"
conf := make(map[string]string)
conf[dbhost] = host
conf[dbport] = port
conf[dbuser] = user
conf[dbpass] = password
conf[dbname] = name
return conf
}
我不明白我在这里做错了什么。 是错字还是我在这里缺少某种配置。
这是私有集群吗? 如果是这样,您需要在同一个 VPC(或有 VPC 对等)上拥有 SQL DB,以便您的应用程序访问 SQL DB
或者您需要在您的 VPC 上为集群设置 Cloud NAT 到 SQL DB 以进行回复
这可能很有用
https://groups.google.com/g/google-cloud-sql-discuss/c/6lA0r6zRfeI/m/hr8mRt9AGgAJ
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.