尽管遵循了文档,但仍无法使用代理连接到云 SQL
Failed to connect to cloud SQL using proxy despite following the documentation
我在 PHP 框架 Symfony 中使用 doctrine ORM。尝试使用 GKE 连接到云 SQL 时,我遇到了奇怪的行为。
我可以通过命令行上的 doctrine 连接到数据库,例如 php bin/console doctrine:database:create
成功并且我可以在代理 pod 日志中看到打开的连接。
但是当我在我的应用程序中尝试通过学说连接到数据库时,我 运行 毫无例外地陷入了这个错误:
An exception occurred in driver: SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed: Name or service not known
我一直在努力解决这个问题,但这没有意义,为什么我可以通过命令行连接但不能在我的应用程序中连接?
我按照文档 here 使用云代理设置数据库连接。这是我的 Kubernetes 部署:
---
apiVersion: "extensions/v1beta1"
kind: "Deployment"
metadata:
name: "riptides-api"
namespace: "default"
labels:
app: "riptides-api"
microservice: "riptides"
spec:
replicas: 3
selector:
matchLabels:
app: "riptides-api"
microservice: "riptides"
template:
metadata:
labels:
app: "riptides-api"
microservice: "riptides"
spec:
containers:
- name: "api-sha256"
image: "eu.gcr.io/riptides/api@sha256:ce0ead9d1dd04d7bfc129998eca6efb58cb779f4f3e41dcc3681c9aac1156867"
env:
- name: DB_HOST
value: 127.0.0.1:3306
- name: DB_USER
valueFrom:
secretKeyRef:
name: riptides-mysql-user-skye
key: user
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: riptides-mysql-user-skye
key: password
- name: DB_NAME
value: riptides
lifecycle:
postStart:
exec:
command: ["/bin/bash", "-c", "php bin/console doctrine:migrations:migrate -n"]
volumeMounts:
- name: keys
mountPath: "/app/config/jwt"
readOnly: true
- name: cloudsql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.11
command: ["/cloud_sql_proxy",
"-instances=riptides:europe-west4:riptides-sql=tcp:3306",
"-credential_file=/secrets/cloudsql/credentials.json"]
# [START cloudsql_security_context]
securityContext:
runAsUser: 2 # non-root user
allowPrivilegeEscalation: false
# [END cloudsql_security_context]
volumeMounts:
- name: riptides-mysql-service-account
mountPath: /secrets/cloudsql
readOnly: true
volumes:
- name: keys
secret:
secretName: riptides-api-keys
items:
- key: private.pem
path: private.pem
- key: public.pem
path: public.pem
- name: riptides-mysql-service-account
secret:
secretName: riptides-mysql-service-account
---
apiVersion: "autoscaling/v2beta1"
kind: "HorizontalPodAutoscaler"
metadata:
name: "riptides-api-hpa"
namespace: "default"
labels:
app: "riptides-api"
microservice: "riptides"
spec:
scaleTargetRef:
kind: "Deployment"
name: "riptides-api"
apiVersion: "apps/v1beta1"
minReplicas: 1
maxReplicas: 5
metrics:
- type: "Resource"
resource:
name: "cpu"
targetAverageUtilization: 70
如果有人有任何建议,我将永远感激
看起来您的 k8s yaml 没有任何问题,但更有可能是您使用 Symfony 进行连接的方式有问题。根据文档 here,Symfony 期望通过名为 "DATABASE_URL" 的环境变量传入 DB URI。请参阅以下示例:
# customize this line!
DATABASE_URL="postgres://db_user:db_password@127.0.0.1:5432/db_name"
这是因为 doctrine 使用的是默认值而不是我在部署中设置的(应该是覆盖的)环境变量。我将环境变量名称更改为与默认名称不同并且有效
我在 PHP 框架 Symfony 中使用 doctrine ORM。尝试使用 GKE 连接到云 SQL 时,我遇到了奇怪的行为。
我可以通过命令行上的 doctrine 连接到数据库,例如 php bin/console doctrine:database:create
成功并且我可以在代理 pod 日志中看到打开的连接。
但是当我在我的应用程序中尝试通过学说连接到数据库时,我 运行 毫无例外地陷入了这个错误:
An exception occurred in driver: SQLSTATE[HY000] [2002] php_network_getaddresses: getaddrinfo failed: Name or service not known
我一直在努力解决这个问题,但这没有意义,为什么我可以通过命令行连接但不能在我的应用程序中连接?
我按照文档 here 使用云代理设置数据库连接。这是我的 Kubernetes 部署:
---
apiVersion: "extensions/v1beta1"
kind: "Deployment"
metadata:
name: "riptides-api"
namespace: "default"
labels:
app: "riptides-api"
microservice: "riptides"
spec:
replicas: 3
selector:
matchLabels:
app: "riptides-api"
microservice: "riptides"
template:
metadata:
labels:
app: "riptides-api"
microservice: "riptides"
spec:
containers:
- name: "api-sha256"
image: "eu.gcr.io/riptides/api@sha256:ce0ead9d1dd04d7bfc129998eca6efb58cb779f4f3e41dcc3681c9aac1156867"
env:
- name: DB_HOST
value: 127.0.0.1:3306
- name: DB_USER
valueFrom:
secretKeyRef:
name: riptides-mysql-user-skye
key: user
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: riptides-mysql-user-skye
key: password
- name: DB_NAME
value: riptides
lifecycle:
postStart:
exec:
command: ["/bin/bash", "-c", "php bin/console doctrine:migrations:migrate -n"]
volumeMounts:
- name: keys
mountPath: "/app/config/jwt"
readOnly: true
- name: cloudsql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.11
command: ["/cloud_sql_proxy",
"-instances=riptides:europe-west4:riptides-sql=tcp:3306",
"-credential_file=/secrets/cloudsql/credentials.json"]
# [START cloudsql_security_context]
securityContext:
runAsUser: 2 # non-root user
allowPrivilegeEscalation: false
# [END cloudsql_security_context]
volumeMounts:
- name: riptides-mysql-service-account
mountPath: /secrets/cloudsql
readOnly: true
volumes:
- name: keys
secret:
secretName: riptides-api-keys
items:
- key: private.pem
path: private.pem
- key: public.pem
path: public.pem
- name: riptides-mysql-service-account
secret:
secretName: riptides-mysql-service-account
---
apiVersion: "autoscaling/v2beta1"
kind: "HorizontalPodAutoscaler"
metadata:
name: "riptides-api-hpa"
namespace: "default"
labels:
app: "riptides-api"
microservice: "riptides"
spec:
scaleTargetRef:
kind: "Deployment"
name: "riptides-api"
apiVersion: "apps/v1beta1"
minReplicas: 1
maxReplicas: 5
metrics:
- type: "Resource"
resource:
name: "cpu"
targetAverageUtilization: 70
如果有人有任何建议,我将永远感激
看起来您的 k8s yaml 没有任何问题,但更有可能是您使用 Symfony 进行连接的方式有问题。根据文档 here,Symfony 期望通过名为 "DATABASE_URL" 的环境变量传入 DB URI。请参阅以下示例:
# customize this line!
DATABASE_URL="postgres://db_user:db_password@127.0.0.1:5432/db_name"
这是因为 doctrine 使用的是默认值而不是我在部署中设置的(应该是覆盖的)环境变量。我将环境变量名称更改为与默认名称不同并且有效