2
我試圖在Google的容器引擎(GKE)上部署我的Spring Boot/JHipster應用程序。我已經想出了大部分內容,但是我的數據庫實例(通過Google SQL代理運行在Google Cloud SQL上的PostgreSQL實例)遇到問題。雲SQL代理和權限不足
- 我在雲中設置了我的PostreSQL實例,並創建了我的應用程序的數據庫和用戶。
- 我已經創建了一個具有Cloud SQL Client角色的SQL服務 - 我抓住了JSON密鑰,並用它來創建我的cloudsql-instance-credentials。我也創建了我的cloudsql-db-credentials。
- 我已將額外的位添加到我的部署yaml文件。我基本上從this GitHub sample克隆了yaml文件,並用我自己的Docker鏡像(託管在Google Container Registry中)替換了所有對wordpress的引用。我還更新了代理塊,像這樣:
deployment.yaml片段:
- image: gcr.io/cloudsql-docker/gce-proxy:1.09
name: cloudsql-proxy
command: ["/cloud_sql_proxy", "--dir=/cloudsql",
"-instances=[my-project]:us-central1:[my-sql-instance-id]=tcp:5432",
"-credential_file=/secrets/cloudsql/credentials.json"]
最後,我已經更新了我的春節,引導配置YAML文件中,就像這樣:
datasource:
type: com.zaxxer.hikari.HikariDataSource
url: jdbc:postgresql://google/[my-database]?socketFactory=com.google.cloud.sql.postgres.SocketFactory&socketFactoryArg=[my-project]:us-central1:[my-sql-instance-id]
username: ${DB_USER}
password: ${DB_PASSWORD}
當我部署了kubectl create時,圖像部署了,但未能啓動應用程序。下面是從我的日誌突出位:
Caused by: java.lang.RuntimeException: Unable to retrieve information about Cloud SQL instance [[my-project]:us-central1:[my-sql-instance-id]]
at com.google.cloud.sql.core.SslSocketFactory.obtainInstanceMetadata(SslSocketFactory.java:411)
at com.google.cloud.sql.core.SslSocketFactory.fetchInstanceSslInfo(SslSocketFactory.java:284)
at com.google.cloud.sql.core.SslSocketFactory.getInstanceSslInfo(SslSocketFactory.java:264)
at com.google.cloud.sql.core.SslSocketFactory.createAndConfigureSocket(SslSocketFactory.java:183)
at com.google.cloud.sql.core.SslSocketFactory.create(SslSocketFactory.java:152)
at com.google.cloud.sql.postgres.SocketFactory.createSocket(SocketFactory.java:50)
at org.postgresql.core.PGStream.<init>(PGStream.java:60)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:144)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216)
at org.postgresql.Driver.makeConnection(Driver.java:404)
at org.postgresql.Driver.connect(Driver.java:272)
... 37 common frames omitted
Caused by: com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
"code" : 403,
"errors" : [ {
"domain" : "global",
"message" : "Insufficient Permission",
"reason" : "insufficientPermissions"
} ],
"message" : "Insufficient Permission"
}
at com.google.api.client.googleapis.json.GoogleJsonResponseException.from(GoogleJsonResponseException.java:146)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:113)
at com.google.api.client.googleapis.services.json.AbstractGoogleJsonClientRequest.newExceptionOnError(AbstractGoogleJsonClientRequest.java:40)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest$1.interceptResponse(AbstractGoogleClientRequest.java:321)
at com.google.api.client.http.HttpRequest.execute(HttpRequest.java:1065)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:419)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.executeUnparsed(AbstractGoogleClientRequest.java:352)
at com.google.api.client.googleapis.services.AbstractGoogleClientRequest.execute(AbstractGoogleClientRequest.java:469)
at com.google.cloud.sql.core.SslSocketFactory.obtainInstanceMetadata(SslSocketFactory.java:372)
... 48 common frames omitted
這種「權限不足」的錯誤彈出了很多在計算器上,但我還沒有發現一個問題,那是相當的相同的情況我的。這看起來像一個通用的OAuth級錯誤。我覺得我已經根據說明再次檢查了我的設置,並且我不確定在哪裏可以找到任何其他線索。
任何想法?
更新:
由於瓦迪姆的指針,我已經成功地讓過去的「權限不足」的問題。可悲的是,當我的應用程序試圖建立與數據庫的連接時(特別是當Liquibase試圖開始連接到數據庫以運行遷移腳本時),我的應用程序在啓動時仍然失敗。
我的新的錯誤是在駕駛員座級:
liquibase.exception.DatabaseException: org.postgresql.util.PSQLException: The connection attempt failed.
at liquibase.integration.spring.SpringLiquibase.afterPropertiesSet(SpringLiquibase.java:390)
at io.github.jhipster.config.liquibase.AsyncSpringLiquibase.initDb(AsyncSpringLiquibase.java:82)
at io.github.jhipster.config.liquibase.AsyncSpringLiquibase.afterPropertiesSet(AsyncSpringLiquibase.java:72)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1687)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1624)
... 24 common frames omitted
Caused by: org.postgresql.util.PSQLException: The connection attempt failed.
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:272)
at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52)
at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216)
at org.postgresql.Driver.makeConnection(Driver.java:404)
at org.postgresql.Driver.connect(Driver.java:272)
at java.sql.DriverManager.getConnection(DriverManager.java:664)
at java.sql.DriverManager.getConnection(DriverManager.java:247)
at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:86)
at org.postgresql.ds.common.BaseDataSource.getConnection(BaseDataSource.java:71)
at liquibase.integration.spring.SpringLiquibase.afterPropertiesSet(SpringLiquibase.java:385)
... 28 common frames omitted
Caused by: java.net.SocketException: already connected
at java.net.Socket.connect(Socket.java:569)
at sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:673)
at org.postgresql.core.PGStream.<init>(PGStream.java:61)
at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:144)
... 37 common frames omitted
仔細檢查您是否在設置GKE時啓用了Cloud SQL範圍:https://medium.com/google-cloud/updating-google-container-engine-vm-scopes-with-zero-downtime-50bff87e5f80 – Vadim
這絕對改變了事情。我仍然遇到JDBC問題,但它不再是權限不足的問題。我的新錯誤是一個'java.net.SocketException:已連接'錯誤,我猜是某種池化問題。我對如何繼續前進有一些想法。謝謝! – bcholmes