如何使用本地开发 minikube 进入 Kubernetes 中的 postgres
How to get into postgres in Kubernetes with local dev minikube
有人可以帮助我吗?这是我第一次 post 来这里,我真的很高兴开始 post 在这里帮助别人,但我首先需要帮助。
我正在 Minikube 上部署我自己的 Postgres 数据库。对于数据库、密码和用户名,我使用的是机密。
数据使用base64编码
- POSTGRES_USER = website_user
- POSTGRES_DB = 网站
- POSTGRES_PASSWORD = 通过
我还执行到容器中,看看是否可以看到这些环境,它们就在那里。
问题是当我尝试使用 psql 进入 postgres 时。我检查了 minikube ip 并在此命令后输入了正确的密码(pass):
pqsl -h 192.168.99.100 -U website_user -p 31315 website
错误
Password for user website_user:
psql: FATAL: password authentication failed for user "website_user"
此外,如果我执行到我的 pod 中:
kubectl exec -it postgres-deployment-744fcdd5f5-7f7vx bash
然后尝试进入 postgres 我得到:
psql -h $(hostname -i) -U website_user -p 5432 website
错误:
Password for user website_user:
psql: FATAL: password authentication failed for user "website_user"
我缺少一些东西 here.I 也在容器中尝试 ps aux,似乎一切都已找到 postgres 进程是 运行
kubectl get all
输出:
NAME READY STATUS RESTARTS AGE
pod/postgres-deployment-744fcdd5f5-7f7vx 1/1 Running 0 18m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19m
service/postgres-service NodePort 10.109.235.114 <none> 5432:31315/TCP 18m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/postgres-deployment 1/1 1 1 18m
NAME DESIRED CURRENT READY AGE
replicaset.apps/postgres-deployment-744fcdd5f5 1 1 1 18m
# Secret store
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
type: Opaque
data:
POSTGRES_USER: d2Vic2l0ZV91c2VyCg==
POSTGRES_PASSWORD: cGFzcwo=
POSTGRES_DB: d2Vic2l0ZQo=
---
# Persistent Volume
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-pv
labels:
type: local
spec:
storageClassName: manual
capacity:
storage: 2Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/postgres-pv
---
# Persistent Volume Claim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
labels:
type: local
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
volumeName: postgres-pv
---
# Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres-deployment
spec:
selector:
matchLabels:
app: postgres-container
template:
metadata:
labels:
app: postgres-container
spec:
containers:
- name: postgres-container
image: postgres:9.6.6
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_USER
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_DB
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_PASSWORD
ports:
- containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: postgres-volume-mount
volumes:
- name: postgres-volume-mount
persistentVolumeClaim:
claimName: postgres-pvc
---
apiVersion: v1
kind: Service
metadata:
name: postgres-service
spec:
selector:
app: postgres-container
ports:
- port: 5432
protocol: TCP
targetPort: 5432
type: NodePort
您创建了所有值:
$ echo "value" | base64- 你应该使用:
$ echo -n "value" | base64
遵循 echo 的官方手册页:
Description
Echo the STRING(s) to standard output.
-n = do not output the trailing newline
TL;DR:您需要使用新值编辑 Secret 定义:
$ echo -n "website_user" | base64$ echo -n "website" | base64$ echo -n "pass" | base64
您创建了带有尾随换行符的 Secret。请看下面的例子:
POSTGRES_USER:
$ echo "website_user" | base64
- 输出:
d2Vic2l0ZV91c2VyCg== 与你的相同
$ echo -n "website_user" | base64
- 输出:
d2Vic2l0ZV91c2Vy 这是 正确的 值
POSTGRES_PASSWORD:
$ echo "pass" | base64
- 输出:
cGFzcwo= 与你的相同
$ echo -n "pass" | base64
- 输出:
cGFzcw== 这是 正确的 值
POSTGRES_DB:
$ echo "website" | base64
- 输出:
d2Vic2l0ZQo= 与你的相同
$ echo -n "website" | base64
- 输出:
d2Vic2l0ZQ== 这是 正确的 值
您的 Secret 应如下所示:
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
type: Opaque
data:
POSTGRES_USER: d2Vic2l0ZV91c2Vy
POSTGRES_PASSWORD: cGFzcw==
POSTGRES_DB: d2Vic2l0ZQ==
如果您使用新的 Secret 创建它,您应该能够连接到数据库:
root@postgres-deployment-64d697868c-njl7q:/# psql -h $(hostname -i) -U website_user -p 5432 website
Password for user website_user:
psql (9.6.6)
Type "help" for help.
website=#
请查看其他链接:
有人可以帮助我吗?这是我第一次 post 来这里,我真的很高兴开始 post 在这里帮助别人,但我首先需要帮助。
我正在 Minikube 上部署我自己的 Postgres 数据库。对于数据库、密码和用户名,我使用的是机密。
数据使用base64编码
- POSTGRES_USER = website_user
- POSTGRES_DB = 网站
- POSTGRES_PASSWORD = 通过
我还执行到容器中,看看是否可以看到这些环境,它们就在那里。
问题是当我尝试使用 psql 进入 postgres 时。我检查了 minikube ip 并在此命令后输入了正确的密码(pass):
pqsl -h 192.168.99.100 -U website_user -p 31315 website
错误
Password for user website_user:
psql: FATAL: password authentication failed for user "website_user"
此外,如果我执行到我的 pod 中:
kubectl exec -it postgres-deployment-744fcdd5f5-7f7vx bash
然后尝试进入 postgres 我得到:
psql -h $(hostname -i) -U website_user -p 5432 website
错误:
Password for user website_user:
psql: FATAL: password authentication failed for user "website_user"
我缺少一些东西 here.I 也在容器中尝试 ps aux,似乎一切都已找到 postgres 进程是 运行
kubectl get all
输出:
NAME READY STATUS RESTARTS AGE
pod/postgres-deployment-744fcdd5f5-7f7vx 1/1 Running 0 18m
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
service/kubernetes ClusterIP 10.96.0.1 <none> 443/TCP 19m
service/postgres-service NodePort 10.109.235.114 <none> 5432:31315/TCP 18m
NAME READY UP-TO-DATE AVAILABLE AGE
deployment.apps/postgres-deployment 1/1 1 1 18m
NAME DESIRED CURRENT READY AGE
replicaset.apps/postgres-deployment-744fcdd5f5 1 1 1 18m
# Secret store
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
type: Opaque
data:
POSTGRES_USER: d2Vic2l0ZV91c2VyCg==
POSTGRES_PASSWORD: cGFzcwo=
POSTGRES_DB: d2Vic2l0ZQo=
---
# Persistent Volume
apiVersion: v1
kind: PersistentVolume
metadata:
name: postgres-pv
labels:
type: local
spec:
storageClassName: manual
capacity:
storage: 2Gi
accessModes:
- ReadWriteOnce
hostPath:
path: /data/postgres-pv
---
# Persistent Volume Claim
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
labels:
type: local
spec:
storageClassName: manual
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 2Gi
volumeName: postgres-pv
---
# Deployment
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres-deployment
spec:
selector:
matchLabels:
app: postgres-container
template:
metadata:
labels:
app: postgres-container
spec:
containers:
- name: postgres-container
image: postgres:9.6.6
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_USER
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_DB
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_PASSWORD
ports:
- containerPort: 5432
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: postgres-volume-mount
volumes:
- name: postgres-volume-mount
persistentVolumeClaim:
claimName: postgres-pvc
---
apiVersion: v1
kind: Service
metadata:
name: postgres-service
spec:
selector:
app: postgres-container
ports:
- port: 5432
protocol: TCP
targetPort: 5432
type: NodePort
您创建了所有值:
$ echo "value" | base64- 你应该使用:
$ echo -n "value" | base64
遵循 echo 的官方手册页:
Description
Echo the STRING(s) to standard output.
-n = do not output the trailing newline
TL;DR:您需要使用新值编辑 Secret 定义:
$ echo -n "website_user" | base64$ echo -n "website" | base64$ echo -n "pass" | base64
您创建了带有尾随换行符的 Secret。请看下面的例子:
POSTGRES_USER:$ echo "website_user" | base64- 输出:
d2Vic2l0ZV91c2VyCg==与你的相同
- 输出:
$ echo -n "website_user" | base64- 输出:
d2Vic2l0ZV91c2Vy这是 正确的 值
- 输出:
POSTGRES_PASSWORD:$ echo "pass" | base64- 输出:
cGFzcwo=与你的相同
- 输出:
$ echo -n "pass" | base64- 输出:
cGFzcw==这是 正确的 值
- 输出:
POSTGRES_DB:$ echo "website" | base64- 输出:
d2Vic2l0ZQo=与你的相同
- 输出:
$ echo -n "website" | base64- 输出:
d2Vic2l0ZQ==这是 正确的 值
- 输出:
您的 Secret 应如下所示:
apiVersion: v1
kind: Secret
metadata:
name: postgres-credentials
type: Opaque
data:
POSTGRES_USER: d2Vic2l0ZV91c2Vy
POSTGRES_PASSWORD: cGFzcw==
POSTGRES_DB: d2Vic2l0ZQ==
如果您使用新的 Secret 创建它,您应该能够连接到数据库:
root@postgres-deployment-64d697868c-njl7q:/# psql -h $(hostname -i) -U website_user -p 5432 website
Password for user website_user:
psql (9.6.6)
Type "help" for help.
website=#
请查看其他链接: