如何从Google Kubernetes Engine中的Prisma连接到cloudSQL代理?

huangapple go评论90阅读模式
英文:

How to connect to cloudSQL proxy from Prisma in Google Kubernetes Engine?

问题

以下是翻译好的部分:

我有一个微服务项目,其中包括:

  • 用户服务(user-service)
  • 帖子服务(post-service)

让我们讨论一下用户服务,以解释问题:

在部署了像包含用户镜像的 k8s 对象之后,会创建 pod,每个 pod 都包含用户容器和云 SQL 代理容器,以 sidecar 模式运行在同一 pod 中。

现在在这个 pod 内部,我正在使用 Prisma 在用户容器内连接到同一 pod 内的云 SQL 代理容器上的以下 URL:postgresql://username:password@localhost/db_name?host=/cloudsql/gcp_project:us-central1:db

问题:

当我记录用户服务 pod 时,我发现了这个错误:

Error: P1013: The provided database string is invalid. invalid port number in database URL. Please refer to the documentation in https://www.prisma.io/docs/reference/database-reference/connection-urls for constructing a correct connection string. In some cases, certain characters must be escaped. Please check the string for any illegal characters.

我的 Dockerfile:

FROM node:alpine

WORKDIR /app

COPY . .

RUN npm install

# 将 start.sh 复制到容器内
COPY start.sh .

# 使 shell 脚本可执行
RUN chmod +x start.sh

# 执行 shell 脚本
CMD ["/bin/sh", "start.sh"]

在 start.sh 内部

#!/bin/bash

cd src/

npx prisma db push

cd ..

npm start

在 src/ 目录内我有 prisma/ 目录。

注意:我也尝试将数据库字符串参数中的 ':' 替换为 %3A,但没有成功。

部署文件(Deployment File)

apiVersion: apps/v1
kind: Deployment
metadata:
  name: user-depl
  namespace: social-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: user
  template:
    metadata:
      labels:
        app: user
    spec:
      containers:
        - name: user
          image: <image_name>
          resources:
            limits:
              cpu: "500m"
              memory: "512Mi"
            requests:
              cpu: "250m"
              memory: "256Mi"
        - name: cloud-sql-proxy
          image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.1.0
          args:
            - "--structured-logs"
            - "--port=5432"
            - "PROJECT_ID:asia-south1:POSTGRES_INSTANCE_NAME"
            - "--credentials-file=/secrets/service_account.json"

          securityContext:
            runAsNonRoot: true
          volumeMounts:
            - name: cloudsql-sa-volume
              mountPath: /secrets/
              readOnly: true
          resources:
            requests:
              memory: "768Mi"
              cpu: "500m"

      volumes:
        - name: cloudsql-sa-volume
          secret:
            secretName: cloudsql-sa
---

# 用于用户服务的集群 IP 服务
apiVersion: v1
kind: Service
metadata:
  name: user-srv
  namespace: social-app
spec:
  selector:
    app: user
  ports:
    - name: user
      protocol: TCP
      port: 5001
      targetPort: 5001

我还通过记录来检查云 SQL 代理容器是否正在运行,它的消息显示它已准备好连接。

当我运行以下命令时:npx prisma db push 使用 shell 脚本,我期望 Prisma 能够成功连接到云 SQL 代理容器,后者将连接到 Google Cloud 上的云 SQL 实例。

英文:

I have a microservices project which has:

  • user-service
  • post-service

Let's talk about the user-service to explain the problem:

After deploying the k8s objects like deployment that contains the user image, pods are created and each pod contains the user container and the cloud-sql-proxy container in a sidecar pattern.

Now inside this pod, I am using Prisma inside the user container to connect to the cloud sql proxy container inside the same pod on this url: postgresql://username:password@localhost/db_name?host=/cloudsql/gcp_project:us-central1:db

Problem:

When I log the user-service pod, I find this error:

Error: P1013: The provided database string is invalid. invalid port number in database URL. Please refer to the documentation in https://www.prisma.io/docs/reference/database-reference/connection-urls for constructing a correct connection string. In some cases, certain characters must be escaped. Please check the string for any illegal characters.

My Dockerfile:

FROM node:alpine

WORKDIR /app

COPY . .

RUN npm install

# Copy the start.sh into the container
COPY start.sh .

# Make the shell script executable
RUN chmod +x start.sh

# Execute the shell script
CMD [&quot;/bin/sh&quot;, &quot;start.sh&quot;]

Inside start.sh

#!/bin/bash

cd src/

npx prisma db push

cd ..

npm start

Inside the src/ directory I have the prisma/ dir.

Note: I have also tried replacing ':' with %3A in the DB string param, but it did not work.

Deployment File

apiVersion: apps/v1
kind: Deployment
metadata:
  name: user-depl
  namespace: social-app
spec:
  replicas: 1
  selector:
    matchLabels:
      app: user
  template:
    metadata:
      labels:
        app: user
    spec:
      containers:
        - name: user
          image: &lt;image_name&gt;
          resources:
            limits:
              cpu: &quot;500m&quot;
              memory: &quot;512Mi&quot;
            requests:
              cpu: &quot;250m&quot;
              memory: &quot;256Mi&quot;
        - name: cloud-sql-proxy
          image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.1.0
          args:
            - &quot;--structured-logs&quot;
            - &quot;--port=5432&quot;
            - &quot;PROJECT_ID:asia-south1:POSTGRES_INSTANCE_NAME&quot;
            - &quot;--credentials-file=/secrets/service_account.json&quot;

          securityContext:
            runAsNonRoot: true
          volumeMounts:
            - name: cloudsql-sa-volume
              mountPath: /secrets/
              readOnly: true
          resources:
            requests:
              memory: &quot;768Mi&quot;
              cpu: &quot;500m&quot;

      volumes:
        - name: cloudsql-sa-volume
          secret:
            secretName: cloudsql-sa

---
# Cluster IP service for user service
apiVersion: v1
kind: Service
metadata:
  name: user-srv
  namespace: social-app
spec:
  selector:
    app: user
  ports:
    - name: user
      protocol: TCP
      port: 5001
      targetPort: 5001

I have also checked if the cloud-sql-proxy container is running or not by logging it, and the message that it is ready for connections.

When I run this command: npx prisma db push using the shell script, I am expecting prisma to successfully connect to the cloudsql proxy container which will connect to the cloudsql instance on google cloud.

答案1

得分: 1

这里似乎出现了一些混淆。

Cloud SQL 代理可以通过两种不同的选项部署以连接到 Cloud SQL:

a) 通过端口进行的 TCP 连接(默认)

b) Unix 域套接字(使用 --unix-socket 标志)

看起来你的配置是部署 Cloud SQL 代理以通过 TCP 连接(使用 --port)连接,但你的应用程序(Prisma 配置)正在尝试通过 Unix 套接字连接(通过将主机作为查询参数,Prisma 文档)。

在我看来,你的部署 YAML 看起来没问题,它应该成功设置代理以在你的 pod 上的 127.0.0.1:5432 上监听 TCP 连接。你只需要相应地更新你的应用程序和 Prisma URL 如下:

postgresql://username:password@127.0.0.1:5432/db_name
英文:

There seems to be a bit of confusion happening here.

The Cloud SQL Proxy can be deployed to connect to Cloud SQL via two different options:

a) TCP connection over a port (default)

b) Unix domain socket (using the --unix-socket flag)

It seems as though your configuration is deploying the Cloud SQL Proxy to connect via TCP connection (using --port) but your application (Prisma config) is attempting to connect via a Unix socket (by using host as query param, Prisma docs).

Your deployment YAML looks fine as is to me, it should successfully setup the proxy to listen for a TCP connection on 127.0.0.1:5432 of your pod. You should be able to just update your application and Prisma URL accordingly to the following:

postgresql://username:password@127.0.0.1:5432/db_name

huangapple
  • 本文由 发表于 2023年8月10日 23:18:22
  • 转载请务必保留本文链接:https://go.coder-hub.com/76877138.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定