我试图在Google的容器引擎(GKE)上部署我的Spring Boot/JHipster应用程序。我已经想出了大部分内容,但是我的数据库实例(通过Google SQL代理运行在Google Cloud SQL上的PostgreSQL实例)遇到问题。云SQL代理和权限不足
- 我在云中设置了我的PostreSQL实例,并创建了我的应用程序的数据库和用户。
- 我已经创建了一个具有Cloud SQL Client角色的SQL服务 - 我抓住了JSON密钥,并用它来创建我的cloudsql-instance-credentials。我也创建了我的cloudsql-db-credentials。
- 我已将额外的位添加到我的部署yaml文件。我基本上从this GitHub sample克隆了yaml文件,并用我自己的Docker镜像(托管在Google Container Registry中)替换了所有对wordpress的引用。我还更新了代理块,像这样:
deployment.yaml片段:
- image: gcr.io/cloudsql-docker/gce-proxy:1.09
name: cloudsql-proxy
command: ["/cloud_sql_proxy", "--dir=/cloudsql",
"-instances=[my-project]:us-central1:[my-sql-instance-id]=tcp:5432",
"-credential_file=/secrets/cloudsql/credentials.json"]
最后,我已经更新了我的春节,引导配置YAML文件中,就像这样:
datasource:
type: com.zaxxer.hikari.HikariDataSource
url: jdbc:postgresql://google/[my-database]?socketFactory=com.google.cloud.sql.postgres.SocketFactory&socketFactoryArg=[my-project]:us-central1:[my-sql-instance-id]
username: ${DB_USER}
password: ${DB_PASSWORD}
当我部署了kubectl create
时,图像部署了,但未能启动应用程序。下面是从我的日志突出位:
Caused by: java.lang.RuntimeException: Unable to retrieve information about Cloud SQL instance [[my-project]:us-central1:[my-sql-instance-id]]
at com.google.cloud.sql.core.SslSocketFactory.obtainInstanceMetadata(SslSocketFactory.java:411)
at com.google.cloud.sql.core.SslSocketFactory.fetchInstanceSslInfo(SslSocketFactory.java:284)
at com.google.cloud.sql.core.SslSocketFactory.getInstanceSslInfo(SslSocketFactory.java:264)
at com.google.cloud.sql.core.SslSocketFactory.createAndConfigureSocket(SslSocketFactory.java:183)
at com.google.cloud.sql.core.SslSocketFactory.create(SslSocketFactory.java:152)
at com.google.cloud.sql.postgres.SocketFactory.createSocket(SocketFactory.java:50)
at org.postgresql.core.PGStream.<init>(PGStream.java:60)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:144)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216)
at org.postgresql.Driver.makeConnection(Driver.java:404)
at org.postgresql.Driver.connect(Driver.java:272)
... 37 common frames omitted
Caused by: com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "Insufficient Permission",
"reason" : "insufficientPermissions"
} ],
"message" : "Insufficient Permission"
}
at com.google.api.client.googleapis.json.GoogleJsonResponseException.from(GoogleJsonResponseException.java:146)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse(AbstractGoogleClientRequest.java:321)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1065)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:419)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)
at com.google.cloud.sql.core.SslSocketFactory.obtainInstanceMetadata(SslSocketFactory.java:372)
... 48 common frames omitted
这种“权限不足”的错误弹出了很多在计算器上,但我还没有发现一个问题,那是相当的相同的情况我的。这看起来像一个通用的OAuth级错误。我觉得我已经根据说明再次检查了我的设置,并且我不确定在哪里可以找到任何其他线索。
任何想法?
更新:
由于瓦迪姆的指针,我已经成功地让过去的“权限不足”的问题。可悲的是,当我的应用程序试图建立与数据库的连接时(特别是当Liquibase试图开始连接到数据库以运行迁移脚本时),我的应用程序在启动时仍然失败。
我的新的错误是在驾驶员座级:
liquibase.exception.DatabaseException: org.postgresql.util.PSQLException: The connection attempt failed.
at liquibase.integration.spring.SpringLiquibase.afterPropertiesSet(SpringLiquibase.java:390)
at io.github.jhipster.config.liquibase.AsyncSpringLiquibase.initDb(AsyncSpringLiquibase.java:82)
at io.github.jhipster.config.liquibase.AsyncSpringLiquibase.afterPropertiesSet(AsyncSpringLiquibase.java:72)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1687)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1624)
... 24 common frames omitted
Caused by: org.postgresql.util.PSQLException: The connection attempt failed.
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:272)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216)
at org.postgresql.Driver.makeConnection(Driver.java:404)
at org.postgresql.Driver.connect(Driver.java:272)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:247)
at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:86)
at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:71)
at liquibase.integration.spring.SpringLiquibase.afterPropertiesSet(SpringLiquibase.java:385)
... 28 common frames omitted
Caused by: java.net.SocketException: already connected
at java.net.Socket.connect(Socket.java:569)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673)
at org.postgresql.core.PGStream.<init>(PGStream.java:61)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:144)
... 37 common frames omitted
仔细检查您是否在设置GKE时启用了Cloud SQL范围:https://medium.com/google-cloud/updating-google-container-engine-vm-scopes-with-zero-downtime-50bff87e5f80 – Vadim
这绝对改变了事情。我仍然遇到JDBC问题,但它不再是权限不足的问题。我的新错误是一个'java.net.SocketException:已连接'错误,我猜是某种池化问题。我对如何继续前进有一些想法。谢谢! – bcholmes