运行 云构建上的数据库迁移连接到云 sql 使用私有 IP
Run DB migrations on cloud build connecting to cloud sql using private IP
我正在尝试为云构建上的 Nodejs 应用程序设置数据库迁移,通过云 sql 代理使用私有 IP 连接到云 sql。
云 SQL 云构建连接总是失败。
目前我正在运行从计算引擎手动迁移。
我按照这个 SO 来设置构建步骤。
cloudbuild.yaml
steps:
- name: node:12-slim
args: ["npm", "install"]
env:
- "NODE_ENV=${_NODE_ENV}"
- name: alpine:3.10
entrypoint: sh
args:
- -c
- "wget -O /workspace/cloud_sql_proxy https://storage.googleapis.com/cloudsql-proxy/v1.16/cloud_sql_proxy.linux.386 && chmod +x /workspace/cloud_sql_proxy"
- name: node:12
timeout: 100s
entrypoint: sh
args:
- -c
- "(/workspace/cloud_sql_proxy -dir=/workspace -instances=my-project-id:asia-south1:postgres-master=tcp:5432 & sleep 3) && npm run migrate"
env:
- "NODE_ENV=${_NODE_ENV}"
- "DB_NAME=${_DB_NAME}"
- "DB_PASS=${_DB_PASS}"
- "DB_USER=${_DB_USER}"
- "DB_HOST=${_DB_HOST}"
- "DB_PORT=${_DB_PORT}"
- name: "gcr.io/cloud-builders/gcloud"
entrypoint: "bash"
args:
[
"-c",
"gcloud secrets versions access latest --secret=backend-api-env > credentials.yaml",
]
- name: "gcr.io/cloud-builders/gcloud"
args: ["app", "deploy", "--stop-previous-version", "-v", "$SHORT_SHA"]
timeout: "600s"
错误:
KnexTimeoutError: Knex: Timeout acquiring a connection. The pool is probably full. Are you missing a .transacting(trx) call?
Step #2: at Client_PG.acquireConnection (/workspace/node_modules/knex/lib/client.js:349:26)
云构建角色:
Cloud Build Service Account
Cloud SQL Admin
Compute Network User
Service Account User
Secret Manager Secret Accessor
Serverless VPC Access Admin
CLOUD SQL ADMIN API 也已启用。
版本:
NPM libs:
"pg": "8.0.3"
"knex": "0.21.1"
云 SQL 私有 IP 功能使用托管在 VPC network 中的内部 IP 地址,这些地址只能从同一 VPC 网络中的其他资源访问。
由于 Cloud Build 不支持 VPC 网络,因此无法从 Cloud Build 连接到 Cloud SQL 实例的私有 IP。
您可能想查看有关此主题的 official Cloud SQL documentation 以选择适合您的用例的其他替代方案。
正在连接到 public 云 sql
我使用 docker-compose & cloud sql proxy.
设置 docker-compose 用于云构建,here.
创建服务帐户(json 文件)。
docker-编写文件:
version: '3.7'
services:
app:
build:
context: .
dockerfile: Dockerfile
restart: "no"
links:
- database
tty: true
volumes:
- app:/var/www/html
env_file:
- ./.env
depends_on:
- database
database:
image: gcr.io/cloudsql-docker/gce-proxy
restart: on-failure
command:
- "/cloud_sql_proxy"
- "-instances=<INSTANCE_CONNECTION_NAME>=tcp:0.0.0.0:3306"
- "-credential_file=/config/sql_proxy.json"
volumes:
- ./sql_proxy.json:/config/sql_proxy.json:ro
volumes:
app:
- cloudbuild.yml
- name: 'gcr.io/$PROJECT_ID/docker-compose'
id: Compose-build-cloudProxy
args: ['build']
- name: 'gcr.io/$PROJECT_ID/docker-compose'
id: Compose-up-cloudProxy
args: ['up', '--timeout', '1', '--no-build', '-d']
- name: 'bash'
id: Warm-up-cloudProxy
args: ['sleep', '5s']
- name: 'gcr.io/cloud-builders/docker'
id: Artisan-Migrate
args: ['exec', '-i', 'workspace_app_1', 'php', 'artisan', 'migrate']
- name: 'gcr.io/$PROJECT_ID/docker-compose'
id: Compose-down-cloudProxy
args: ['down', '-v']
build-success.png
我正在尝试为云构建上的 Nodejs 应用程序设置数据库迁移,通过云 sql 代理使用私有 IP 连接到云 sql。 云 SQL 云构建连接总是失败。
目前我正在运行从计算引擎手动迁移。
我按照这个 SO 来设置构建步骤。
cloudbuild.yaml
steps:
- name: node:12-slim
args: ["npm", "install"]
env:
- "NODE_ENV=${_NODE_ENV}"
- name: alpine:3.10
entrypoint: sh
args:
- -c
- "wget -O /workspace/cloud_sql_proxy https://storage.googleapis.com/cloudsql-proxy/v1.16/cloud_sql_proxy.linux.386 && chmod +x /workspace/cloud_sql_proxy"
- name: node:12
timeout: 100s
entrypoint: sh
args:
- -c
- "(/workspace/cloud_sql_proxy -dir=/workspace -instances=my-project-id:asia-south1:postgres-master=tcp:5432 & sleep 3) && npm run migrate"
env:
- "NODE_ENV=${_NODE_ENV}"
- "DB_NAME=${_DB_NAME}"
- "DB_PASS=${_DB_PASS}"
- "DB_USER=${_DB_USER}"
- "DB_HOST=${_DB_HOST}"
- "DB_PORT=${_DB_PORT}"
- name: "gcr.io/cloud-builders/gcloud"
entrypoint: "bash"
args:
[
"-c",
"gcloud secrets versions access latest --secret=backend-api-env > credentials.yaml",
]
- name: "gcr.io/cloud-builders/gcloud"
args: ["app", "deploy", "--stop-previous-version", "-v", "$SHORT_SHA"]
timeout: "600s"
错误:
KnexTimeoutError: Knex: Timeout acquiring a connection. The pool is probably full. Are you missing a .transacting(trx) call?
Step #2: at Client_PG.acquireConnection (/workspace/node_modules/knex/lib/client.js:349:26)
云构建角色:
Cloud Build Service Account
Cloud SQL Admin
Compute Network User
Service Account User
Secret Manager Secret Accessor
Serverless VPC Access Admin
CLOUD SQL ADMIN API 也已启用。
版本:
NPM libs:
"pg": "8.0.3"
"knex": "0.21.1"
云 SQL 私有 IP 功能使用托管在 VPC network 中的内部 IP 地址,这些地址只能从同一 VPC 网络中的其他资源访问。
由于 Cloud Build 不支持 VPC 网络,因此无法从 Cloud Build 连接到 Cloud SQL 实例的私有 IP。
您可能想查看有关此主题的 official Cloud SQL documentation 以选择适合您的用例的其他替代方案。
正在连接到 public 云 sql
我使用 docker-compose & cloud sql proxy.
设置 docker-compose 用于云构建,here.
创建服务帐户(json 文件)。
docker-编写文件:
version: '3.7'
services:
app:
build:
context: .
dockerfile: Dockerfile
restart: "no"
links:
- database
tty: true
volumes:
- app:/var/www/html
env_file:
- ./.env
depends_on:
- database
database:
image: gcr.io/cloudsql-docker/gce-proxy
restart: on-failure
command:
- "/cloud_sql_proxy"
- "-instances=<INSTANCE_CONNECTION_NAME>=tcp:0.0.0.0:3306"
- "-credential_file=/config/sql_proxy.json"
volumes:
- ./sql_proxy.json:/config/sql_proxy.json:ro
volumes:
app:
- cloudbuild.yml
- name: 'gcr.io/$PROJECT_ID/docker-compose'
id: Compose-build-cloudProxy
args: ['build']
- name: 'gcr.io/$PROJECT_ID/docker-compose'
id: Compose-up-cloudProxy
args: ['up', '--timeout', '1', '--no-build', '-d']
- name: 'bash'
id: Warm-up-cloudProxy
args: ['sleep', '5s']
- name: 'gcr.io/cloud-builders/docker'
id: Artisan-Migrate
args: ['exec', '-i', 'workspace_app_1', 'php', 'artisan', 'migrate']
- name: 'gcr.io/$PROJECT_ID/docker-compose'
id: Compose-down-cloudProxy
args: ['down', '-v']
build-success.png