英文:
How to connect to cloudSQL proxy from Prisma in Google Kubernetes Engine?
问题
以下是翻译好的部分:
我有一个微服务项目,其中包括:
- 用户服务(user-service)
- 帖子服务(post-service)
让我们讨论一下用户服务,以解释问题:
在部署了像包含用户镜像的 k8s 对象之后,会创建 pod,每个 pod 都包含用户容器和云 SQL 代理容器,以 sidecar 模式运行在同一 pod 中。
现在在这个 pod 内部,我正在使用 Prisma 在用户容器内连接到同一 pod 内的云 SQL 代理容器上的以下 URL:postgresql://username:password@localhost/db_name?host=/cloudsql/gcp_project:us-central1:db
问题:
当我记录用户服务 pod 时,我发现了这个错误:
Error: P1013: The provided database string is invalid. invalid port number in database URL. Please refer to the documentation in https://www.prisma.io/docs/reference/database-reference/connection-urls for constructing a correct connection string. In some cases, certain characters must be escaped. Please check the string for any illegal characters.
我的 Dockerfile:
FROM node:alpine
WORKDIR /app
COPY . .
RUN npm install
# 将 start.sh 复制到容器内
COPY start.sh .
# 使 shell 脚本可执行
RUN chmod +x start.sh
# 执行 shell 脚本
CMD ["/bin/sh", "start.sh"]
在 start.sh 内部
#!/bin/bash
cd src/
npx prisma db push
cd ..
npm start
在 src/ 目录内我有 prisma/ 目录。
注意:我也尝试将数据库字符串参数中的 ':' 替换为 %3A,但没有成功。
部署文件(Deployment File)
apiVersion: apps/v1
kind: Deployment
metadata:
name: user-depl
namespace: social-app
spec:
replicas: 1
selector:
matchLabels:
app: user
template:
metadata:
labels:
app: user
spec:
containers:
- name: user
image: <image_name>
resources:
limits:
cpu: "500m"
memory: "512Mi"
requests:
cpu: "250m"
memory: "256Mi"
- name: cloud-sql-proxy
image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.1.0
args:
- "--structured-logs"
- "--port=5432"
- "PROJECT_ID:asia-south1:POSTGRES_INSTANCE_NAME"
- "--credentials-file=/secrets/service_account.json"
securityContext:
runAsNonRoot: true
volumeMounts:
- name: cloudsql-sa-volume
mountPath: /secrets/
readOnly: true
resources:
requests:
memory: "768Mi"
cpu: "500m"
volumes:
- name: cloudsql-sa-volume
secret:
secretName: cloudsql-sa
---
# 用于用户服务的集群 IP 服务
apiVersion: v1
kind: Service
metadata:
name: user-srv
namespace: social-app
spec:
selector:
app: user
ports:
- name: user
protocol: TCP
port: 5001
targetPort: 5001
我还通过记录来检查云 SQL 代理容器是否正在运行,它的消息显示它已准备好连接。
当我运行以下命令时:npx prisma db push
使用 shell 脚本,我期望 Prisma 能够成功连接到云 SQL 代理容器,后者将连接到 Google Cloud 上的云 SQL 实例。
英文:
I have a microservices project which has:
- user-service
- post-service
Let's talk about the user-service to explain the problem:
After deploying the k8s objects like deployment that contains the user image, pods are created and each pod contains the user container and the cloud-sql-proxy container in a sidecar pattern.
Now inside this pod, I am using Prisma inside the user container to connect to the cloud sql proxy container inside the same pod on this url: postgresql://username:password@localhost/db_name?host=/cloudsql/gcp_project:us-central1:db
Problem:
When I log the user-service pod, I find this error:
Error: P1013: The provided database string is invalid. invalid port number in database URL. Please refer to the documentation in https://www.prisma.io/docs/reference/database-reference/connection-urls for constructing a correct connection string. In some cases, certain characters must be escaped. Please check the string for any illegal characters.
My Dockerfile:
FROM node:alpine
WORKDIR /app
COPY . .
RUN npm install
# Copy the start.sh into the container
COPY start.sh .
# Make the shell script executable
RUN chmod +x start.sh
# Execute the shell script
CMD ["/bin/sh", "start.sh"]
Inside start.sh
#!/bin/bash
cd src/
npx prisma db push
cd ..
npm start
Inside the src/ directory I have the prisma/ dir.
Note: I have also tried replacing ':' with %3A in the DB string param, but it did not work.
Deployment File
apiVersion: apps/v1
kind: Deployment
metadata:
name: user-depl
namespace: social-app
spec:
replicas: 1
selector:
matchLabels:
app: user
template:
metadata:
labels:
app: user
spec:
containers:
- name: user
image: <image_name>
resources:
limits:
cpu: "500m"
memory: "512Mi"
requests:
cpu: "250m"
memory: "256Mi"
- name: cloud-sql-proxy
image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.1.0
args:
- "--structured-logs"
- "--port=5432"
- "PROJECT_ID:asia-south1:POSTGRES_INSTANCE_NAME"
- "--credentials-file=/secrets/service_account.json"
securityContext:
runAsNonRoot: true
volumeMounts:
- name: cloudsql-sa-volume
mountPath: /secrets/
readOnly: true
resources:
requests:
memory: "768Mi"
cpu: "500m"
volumes:
- name: cloudsql-sa-volume
secret:
secretName: cloudsql-sa
---
# Cluster IP service for user service
apiVersion: v1
kind: Service
metadata:
name: user-srv
namespace: social-app
spec:
selector:
app: user
ports:
- name: user
protocol: TCP
port: 5001
targetPort: 5001
I have also checked if the cloud-sql-proxy container is running or not by logging it, and the message that it is ready for connections.
When I run this command: npx prisma db push
using the shell script, I am expecting prisma to successfully connect to the cloudsql proxy container which will connect to the cloudsql instance on google cloud.
答案1
得分: 1
这里似乎出现了一些混淆。
Cloud SQL 代理可以通过两种不同的选项部署以连接到 Cloud SQL:
a) 通过端口进行的 TCP 连接(默认)
b) Unix 域套接字(使用 --unix-socket
标志)
看起来你的配置是部署 Cloud SQL 代理以通过 TCP 连接(使用 --port
)连接,但你的应用程序(Prisma 配置)正在尝试通过 Unix 套接字连接(通过将主机作为查询参数,Prisma 文档)。
在我看来,你的部署 YAML 看起来没问题,它应该成功设置代理以在你的 pod 上的 127.0.0.1:5432
上监听 TCP 连接。你只需要相应地更新你的应用程序和 Prisma URL 如下:
postgresql://username:password@127.0.0.1:5432/db_name
英文:
There seems to be a bit of confusion happening here.
The Cloud SQL Proxy can be deployed to connect to Cloud SQL via two different options:
a) TCP connection over a port (default)
b) Unix domain socket (using the --unix-socket
flag)
It seems as though your configuration is deploying the Cloud SQL Proxy to connect via TCP connection (using --port
) but your application (Prisma config) is attempting to connect via a Unix socket (by using host as query param, Prisma docs).
Your deployment YAML looks fine as is to me, it should successfully setup the proxy to listen for a TCP connection on 127.0.0.1:5432
of your pod. You should be able to just update your application and Prisma URL accordingly to the following:
postgresql://username:password@127.0.0.1:5432/db_name
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论