如何从 `project` 连接到 docker swarm 中的 `mysql` 容器?
How can I connect from `project` to `mysql` container in docker swarm?
我正在尝试通过以下命令使用具有以下配置 docker-compose.yaml 文件的 docker 群部署一个堆栈:
docker stack deploy --with-registry-auth -c docker-compose.yaml project
version: "3.9"
services:
mysql:
image: mysql:8.0
deploy:
replicas: 1
volumes:
- mysql_data:/var/lib/mysql
networks:
- internal
ports:
- 3306:3306
environment:
MYSQL_ROOT_HOST: '%'
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: project_production
MYSQL_USER: username
MYSQL_PASSWORD: password
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.13.4
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es02,es03
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- data01:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- internal
website:
image: registry.gitlab.com/project/project-website:latest
networks:
- internal
deploy:
replicas: 1
ports:
- 3000:3000
environment:
- RAILS_ENV=production
- MYSQL_HOST=mysql
- ES_HOST=http://es01
- project_DATABASE_USERNAME=root
- project_DATABASE_PASSWORD=root
depends_on:
- es01
- mysql
volumes:
data01:
driver: local
data02:
driver: local
data03:
driver: local
mysql_data:
networks:
internal:
external: true
name: project
在部署堆栈之前,我还通过以下命令为项目创建了网络:
docker network create -d overlay project
但是当我使用 docker logs 命令查看 project 的日志时,我看到以下错误阻止了我的 project 启动:
Mysql2::Error: Host '10.0.2.202' is not allowed to connect to this MySQL server
我完全按照文档中的建议进行操作我不确定我的设置有什么问题!
问题:
如何从 project 连接到 docker 群中的 mysql 容器?
根据文档,DockerSwarm 会自动为您创建覆盖网络。所以我认为你不需要默认创建外网,除非你有特殊需求:
When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host:
- an overlay network called ingress, which handles the control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.
- a bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm.
正如 Chris 在评论中也提到的,数据库凭据也不匹配。
可选:仅当您想以 root 用户身份连接时才需要 MYSQL_ROOT_HOST,这在生产环境中是不推荐的。也不需要向主机公开端口,因为数据库服务只会在集群内部使用。因此,如果您仍想使用 root 用户,则可以将变量设置为仅允许来自集群内部的连接,例如 MYSQL_ROOT_HOST=10.*.*.*.
我正在尝试通过以下命令使用具有以下配置 docker-compose.yaml 文件的 docker 群部署一个堆栈:
docker stack deploy --with-registry-auth -c docker-compose.yaml project
version: "3.9"
services:
mysql:
image: mysql:8.0
deploy:
replicas: 1
volumes:
- mysql_data:/var/lib/mysql
networks:
- internal
ports:
- 3306:3306
environment:
MYSQL_ROOT_HOST: '%'
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: project_production
MYSQL_USER: username
MYSQL_PASSWORD: password
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:7.13.4
environment:
- node.name=es01
- cluster.name=es-docker-cluster
- discovery.seed_hosts=es02,es03
- cluster.initial_master_nodes=es01,es02,es03
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms1024m -Xmx1024m"
ulimits:
memlock:
soft: -1
hard: -1
volumes:
- data01:/usr/share/elasticsearch/data
ports:
- 9200:9200
networks:
- internal
website:
image: registry.gitlab.com/project/project-website:latest
networks:
- internal
deploy:
replicas: 1
ports:
- 3000:3000
environment:
- RAILS_ENV=production
- MYSQL_HOST=mysql
- ES_HOST=http://es01
- project_DATABASE_USERNAME=root
- project_DATABASE_PASSWORD=root
depends_on:
- es01
- mysql
volumes:
data01:
driver: local
data02:
driver: local
data03:
driver: local
mysql_data:
networks:
internal:
external: true
name: project
在部署堆栈之前,我还通过以下命令为项目创建了网络:
docker network create -d overlay project
但是当我使用 docker logs 命令查看 project 的日志时,我看到以下错误阻止了我的 project 启动:
Mysql2::Error: Host '10.0.2.202' is not allowed to connect to this MySQL server
我完全按照文档中的建议进行操作我不确定我的设置有什么问题!
问题:
如何从 project 连接到 docker 群中的 mysql 容器?
根据文档,DockerSwarm 会自动为您创建覆盖网络。所以我认为你不需要默认创建外网,除非你有特殊需求:
When you initialize a swarm or join a Docker host to an existing swarm, two new networks are created on that Docker host:
- an overlay network called ingress, which handles the control and data traffic related to swarm services. When you create a swarm service and do not connect it to a user-defined overlay network, it connects to the ingress network by default.
- a bridge network called docker_gwbridge, which connects the individual Docker daemon to the other daemons participating in the swarm.
正如 Chris 在评论中也提到的,数据库凭据也不匹配。
可选:仅当您想以 root 用户身份连接时才需要 MYSQL_ROOT_HOST,这在生产环境中是不推荐的。也不需要向主机公开端口,因为数据库服务只会在集群内部使用。因此,如果您仍想使用 root 用户,则可以将变量设置为仅允许来自集群内部的连接,例如 MYSQL_ROOT_HOST=10.*.*.*.