尽管遵循了文档,但仍无法使用代理连接到云 SQL

Failed to connect to cloud SQL using proxy despite following the documentation

我在 PHP 框架 Symfony 中使用 doctrine ORM。尝试使用 GKE 连接到云 SQL 时,我遇到了奇怪的行为。

我可以通过命令行上的 doctrine 连接到数据库,例如 php bin/console doctrine:database:create 成功并且我可以在代理 pod 日志中看到打开的连接。

但是当我在我的应用程序中尝试通过学说连接到数据库时,我 运行 毫无例外地陷入了这个错误:

An exception occurred in driver: SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed: Name or service not known

我一直在努力解决这个问题,但这没有意义,为什么我可以通过命令行连接但不能在我的应用程序中连接?

我按照文档 here 使用云代理设置数据库连接。这是我的 Kubernetes 部署:

---
apiVersion: "extensions/v1beta1"
kind: "Deployment"
metadata:
  name: "riptides-api"
  namespace: "default"
  labels:
    app: "riptides-api"
    microservice: "riptides"
spec:
  replicas: 3
  selector:
    matchLabels:
      app: "riptides-api"
      microservice: "riptides"
  template:
    metadata:
      labels:
        app: "riptides-api"
        microservice: "riptides"
    spec:
      containers:
        - name: "api-sha256"
          image: "eu.gcr.io/riptides/api@sha256:ce0ead9d1dd04d7bfc129998eca6efb58cb779f4f3e41dcc3681c9aac1156867"
          env:
            - name: DB_HOST
              value: 127.0.0.1:3306
            - name: DB_USER
              valueFrom:
                secretKeyRef:
                  name: riptides-mysql-user-skye
                  key: user
            - name: DB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: riptides-mysql-user-skye
                  key: password
            - name: DB_NAME
              value: riptides
          lifecycle:
            postStart:
              exec:
                command: ["/bin/bash", "-c", "php bin/console doctrine:migrations:migrate -n"]
          volumeMounts:
            - name: keys
              mountPath: "/app/config/jwt"
              readOnly: true
        - name: cloudsql-proxy
          image: gcr.io/cloudsql-docker/gce-proxy:1.11
          command: ["/cloud_sql_proxy",
                    "-instances=riptides:europe-west4:riptides-sql=tcp:3306",
                    "-credential_file=/secrets/cloudsql/credentials.json"]
          # [START cloudsql_security_context]
          securityContext:
            runAsUser: 2  # non-root user
            allowPrivilegeEscalation: false
          # [END cloudsql_security_context]
          volumeMounts:
            - name: riptides-mysql-service-account
              mountPath: /secrets/cloudsql
              readOnly: true
      volumes:
        - name: keys
          secret:
            secretName: riptides-api-keys
            items:
            - key: private.pem
              path: private.pem
            - key: public.pem
              path: public.pem
        - name: riptides-mysql-service-account
          secret:
            secretName: riptides-mysql-service-account
---
apiVersion: "autoscaling/v2beta1"
kind: "HorizontalPodAutoscaler"
metadata:
  name: "riptides-api-hpa"
  namespace: "default"
  labels:
    app: "riptides-api"
    microservice: "riptides"
spec:
  scaleTargetRef:
    kind: "Deployment"
    name: "riptides-api"
    apiVersion: "apps/v1beta1"
  minReplicas: 1
  maxReplicas: 5
  metrics:
    - type: "Resource"
      resource:
        name: "cpu"
        targetAverageUtilization: 70

如果有人有任何建议,我将永远感激

看起来您的 k8s yaml 没有任何问题,但更有可能是您使用 Symfony 进行连接的方式有问题。根据文档 here,Symfony 期望通过名为 "DATABASE_URL" 的环境变量传入 DB URI。请参阅以下示例:

# customize this line!
DATABASE_URL="postgres://db_user:db_password@127.0.0.1:5432/db_name"

这是因为 doctrine 使用的是默认值而不是我在部署中设置的(应该是覆盖的)环境变量。我将环境变量名称更改为与默认名称不同并且有效