Kubernetes pod 上的 Firebase Emulator Auth 未收到请求
Firebase Emulator Auth on Kubernetes pod not receiving request
我在本地部署了k8s集群kind。 firebase 模拟器在集群内的一个 pod 上运行,并分配了一个 ClusterIp 服务。当我从 kind-firebase.yaml pod 发送请求时 service.yaml pod,请求失败,无法建立连接
错误:
failed to establish a connection:
Post \"http://firebase-service:9099/identitytoolkit.googleapis.com/v1/projects/demo-test
配置:
- firebase.json:
{
"emulators": {
"auth": {
"port": 9099,
"host": "0.0.0.0"
},
"ui": {
"enabled": true,
"host": "0.0.0.0",
"port": 4000
}
}
}
- 种类-firebase.yaml:
apiVersion: v1
kind: Namespace
metadata:
name: firebase-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: firebase-depl
namespace: firebase-system
spec:
selector:
matchLabels:
app: firebase-emulator
replicas: 1
template:
metadata:
labels:
app: firebase-emulator
spec:
containers:
- name: firebase-emulator
image: fb-emulator
resources:
limits:
cpu: "1000m" # Up to 1 full core
requests:
cpu: "1000m" # Use 1 full core
imagePullPolicy: IfNotPresent
ports:
- name: auth
containerPort: 9099
- name: emulator-ui
containerPort: 4000
---
apiVersion: v1
kind: Service
metadata:
name: firebase-service
namespace: firebase-system
spec:
type: ClusterIP
selector:
app: firebase-emulator
ports:
- name: auth
port: 9099
targetPort: auth
- name: emulator-ui
port: 4000
targetPort: emulator-ui
- service.yaml:
apiVersion: v1
kind: Namespace
metadata:
name: auth-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: auth-depl
namespace: auth-system
spec:
selector:
matchLabels:
app: auth
template:
metadata:
labels:
app: auth
spec:
terminationGracePeriodSeconds: 60
volumes:
- name: google-cloud-key
secret:
secretName: firebase-sacc
containers:
# auth-api container configuration
- name: auth-api
image: auth-api-image
volumeMounts:
- name: google-cloud-key
mountPath: /var/secrets/google
readOnly: true
ports:
- name: auth-api
containerPort: 3000
- name: auth-api-debug
containerPort: 8080
readinessProbe: # readiness probes mark the service available to accept traffic.
httpGet:
path: /debug/readiness
port: 8080
initialDelaySeconds: 15
periodSeconds: 15
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
livenessProbe: # liveness probes mark the service alive or dead (to be restarted).
httpGet:
path: /debug/liveness
port: 8080
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES_PODNAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: KUBERNETES_NAMESPACE_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: KUBERNETES_NODENAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /var/secrets/google/sacc.json
- name: FIREBASE_AUTH_EMULATOR_HOST
value: firebase-service:9099
- name: GCLOUD_PROJECT
value: demo-test
---
apiVersion: v1
kind: Service
metadata:
name: auth-service
namespace: auth-system
spec:
type: ClusterIP
selector:
app: auth
ports:
- name: auth-api
port: 3000
targetPort: auth-api
- name: auth-api-debug
port: 8080
targetPort: auth-api-debug
- 在文件中您将看到这些环境变量:
- name: FIREBASE_AUTH_EMULATOR_HOST
value: firebase-service:9099
- name: GCLOUD_PROJECT
value: demo-test
通过使用它们,表示service.yaml的应用程序内部使用的firebase sdk将设置sdk以供使用firebase 模拟器,而不是云中的模拟器。
集群截图:
- 在这里我们可以看到可用的命名空间。
- 在授权系统中,service.yaml pod 将出现。
- 在 firebase 系统中,kind-firebase.yaml pod 将出现。
- service.yaml荚
- 种类-firebase.yaml豆荚
- 在这里我们可以看到 service.yaml pod 当我向 发送请求时的日志kind-firebase.yaml pod...错误:
failed to establish a connection:
Post \"http://firebase-service:9099/identitytoolkit.googleapis.com/v1/projects/demo-test
感谢任何帮助!
连接到 firebase pod 并检查 DNS 解析后,服务名称必须是:
firebase-service.firebase-system.svc.cluster.local:9099
所以来自 kind-firebase.yaml 的环境变量必须是:
- name: FIREBASE_AUTH_EMULATOR_HOST
value: firebase-service.firebase-system.svc.cluster.local:9099
现在一切正常。
我在本地部署了k8s集群kind。 firebase 模拟器在集群内的一个 pod 上运行,并分配了一个 ClusterIp 服务。当我从 kind-firebase.yaml pod 发送请求时 service.yaml pod,请求失败,无法建立连接
错误:
failed to establish a connection:
Post \"http://firebase-service:9099/identitytoolkit.googleapis.com/v1/projects/demo-test
配置:
- firebase.json:
{
"emulators": {
"auth": {
"port": 9099,
"host": "0.0.0.0"
},
"ui": {
"enabled": true,
"host": "0.0.0.0",
"port": 4000
}
}
}
- 种类-firebase.yaml:
apiVersion: v1
kind: Namespace
metadata:
name: firebase-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: firebase-depl
namespace: firebase-system
spec:
selector:
matchLabels:
app: firebase-emulator
replicas: 1
template:
metadata:
labels:
app: firebase-emulator
spec:
containers:
- name: firebase-emulator
image: fb-emulator
resources:
limits:
cpu: "1000m" # Up to 1 full core
requests:
cpu: "1000m" # Use 1 full core
imagePullPolicy: IfNotPresent
ports:
- name: auth
containerPort: 9099
- name: emulator-ui
containerPort: 4000
---
apiVersion: v1
kind: Service
metadata:
name: firebase-service
namespace: firebase-system
spec:
type: ClusterIP
selector:
app: firebase-emulator
ports:
- name: auth
port: 9099
targetPort: auth
- name: emulator-ui
port: 4000
targetPort: emulator-ui
- service.yaml:
apiVersion: v1
kind: Namespace
metadata:
name: auth-system
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: auth-depl
namespace: auth-system
spec:
selector:
matchLabels:
app: auth
template:
metadata:
labels:
app: auth
spec:
terminationGracePeriodSeconds: 60
volumes:
- name: google-cloud-key
secret:
secretName: firebase-sacc
containers:
# auth-api container configuration
- name: auth-api
image: auth-api-image
volumeMounts:
- name: google-cloud-key
mountPath: /var/secrets/google
readOnly: true
ports:
- name: auth-api
containerPort: 3000
- name: auth-api-debug
containerPort: 8080
readinessProbe: # readiness probes mark the service available to accept traffic.
httpGet:
path: /debug/readiness
port: 8080
initialDelaySeconds: 15
periodSeconds: 15
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
livenessProbe: # liveness probes mark the service alive or dead (to be restarted).
httpGet:
path: /debug/liveness
port: 8080
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 5
successThreshold: 1
failureThreshold: 2
env:
- name: KUBERNETES_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: KUBERNETES_PODNAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: KUBERNETES_NAMESPACE_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: KUBERNETES_NODENAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /var/secrets/google/sacc.json
- name: FIREBASE_AUTH_EMULATOR_HOST
value: firebase-service:9099
- name: GCLOUD_PROJECT
value: demo-test
---
apiVersion: v1
kind: Service
metadata:
name: auth-service
namespace: auth-system
spec:
type: ClusterIP
selector:
app: auth
ports:
- name: auth-api
port: 3000
targetPort: auth-api
- name: auth-api-debug
port: 8080
targetPort: auth-api-debug
- 在文件中您将看到这些环境变量:
- name: FIREBASE_AUTH_EMULATOR_HOST
value: firebase-service:9099
- name: GCLOUD_PROJECT
value: demo-test
通过使用它们,表示service.yaml的应用程序内部使用的firebase sdk将设置sdk以供使用firebase 模拟器,而不是云中的模拟器。
集群截图:
- 在这里我们可以看到可用的命名空间。
- 在授权系统中,service.yaml pod 将出现。
- 在 firebase 系统中,kind-firebase.yaml pod 将出现。
- service.yaml荚
- 种类-firebase.yaml豆荚
- 在这里我们可以看到 service.yaml pod 当我向 发送请求时的日志kind-firebase.yaml pod...错误:
failed to establish a connection:
Post \"http://firebase-service:9099/identitytoolkit.googleapis.com/v1/projects/demo-test
感谢任何帮助!
连接到 firebase pod 并检查 DNS 解析后,服务名称必须是:
firebase-service.firebase-system.svc.cluster.local:9099
所以来自 kind-firebase.yaml 的环境变量必须是:
- name: FIREBASE_AUTH_EMULATOR_HOST
value: firebase-service.firebase-system.svc.cluster.local:9099
现在一切正常。