GLPI - 在 GLPI 设置期间无法连接到我的数据库。服务器回答:连接被拒绝
问题描述 投票:0回答:1
我是在云中编码和部署基础设施的新手。我想在 AKS 群集中部署 GLPI。它与数据库 MariaDB 位于不同的命名空间中。我创建了一个 DNS 来连接到 GLPI,并使用 Let's Encrypt 配置了 TLS(我使用测试服务器进行练习)。
我的 AKS 集群服务和 Pod 正在运行且有效(我使用
kubectl describe pods [podName] -n [namespaceName]当我使用
glpi-v1.projetpro.spaceCan't connect to the database The server answered: Connection refused
对于数据库设置,我提供了数据库主机:
db1-service.database1.svc.cluster.localglpi1-user我使用数据库主机的 FQDN,因为我的数据库和 GLPI 的部署和服务位于不同的命名空间中。如果我希望它们能够连接,我需要使用 FQDN(根据我找到的 Kubernetes 文档)。
这是我的代码:
# glpi-v1.yaml
# Deployment of Redis
apiVersion: apps/v1
kind: Deployment
metadata:
name: redis
namespace: glpi-one
spec:
replicas: 1
selector:
matchLabels:
app: redis-glpi
template:
metadata:
labels:
app: redis-glpi
spec:
volumes:
- name: redis-vol
persistentVolumeClaim:
claimName: redis-pvc
containers:
- name: redis
image: redis:latest
args: ["--requirepass", "$(REDIS_PWD)"]
volumeMounts:
- name: redis-vol
mountPath: /data
env:
- name: ALLOW_EMPTY_PASSWORD
value: "no"
- name: REDIS_PWD
valueFrom:
secretKeyRef:
name: redis-secret
key: password
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
ports:
- containerPort: 6379
name: redis
---
# Service for Redis (Cluster IP)
apiVersion: v1
kind: Service
metadata:
name: redis-service
namespace: glpi-one
spec:
ports:
- port: 6379
selector:
app: redis-glpi
---
# ConfigMap for Environment Variables for Mariadb for GLPI v1
apiVersion: v1
kind: ConfigMap
metadata:
name: dbone-config
namespace: database1
data:
MARIADB_DATABASE: glpidb1
MARIADB_USER: glpi1_user
MARIADB_ROOT_HOST: db1-service.database1.svc.cluster.local # % per default
---
# Secret for Sensitive Data for Mariadb for GLPI v1
apiVersion: v1
kind: Secret
metadata:
name: dbone-secret
namespace: database1
type: Opaque
data:
MARIADB_ROOT_PASSWORD:
MARIADB_PASSWORD:
---
# Service for Maria database for GLPI v1
apiVersion: v1
kind: Service
metadata:
name: db1-service
namespace: database1
spec:
ports:
- protocol: TCP
port: 3306
targetPort: 3306
selector:
app: mariadb-one
---
# Deployment of MariaDB for GLPI v1
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mariadb-one
namespace: database1
spec:
serviceName: db1-service
replicas: 1
selector:
matchLabels:
app: mariadb
template:
metadata:
labels:
app: mariadb
spec:
volumes:
- name: dbone-vol
persistentVolumeClaim:
claimName: dbone-pvc
containers:
- name: mariadb
image: dunvael/db_v10.0.9 # Spécifier ici le nom de l'image mariadb utilisée. Format : compteDocker/nomRepertoire:tagImage dunvael/db_v10.0.9:latest
imagePullPolicy: Always
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
ports:
- containerPort: 3306
volumeMounts:
- name: dbone-vol
mountPath: /data # /var/lib/mysql
envFrom:
- configMapRef:
name: dbone-config
- secretRef:
name: dbone-secret
restartPolicy: Always
---
# PV Claim creation for Mariadb for GLPI v1
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dbone-pvc
namespace: database1
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
# ConfigMap for Environment Variables for GLPI v1
apiVersion: v1
kind: ConfigMap
metadata:
name: glpi-one-config
namespace: glpi-one
data:
MARIADB_DATABASE: glpidb1
MARIADB_USER: glpi1_user
DB_HOST: db1-service.database1.svc.cluster.local # Points to MariaDB service, default = localhost
DB_PORT: '3306'
DEFAULT_LANGUAGE: FR
---
# Secret for Sensitive Data for GLPI v1
apiVersion: v1
kind: Secret
metadata:
name: dbone-secret
namespace: glpi-one
type: Opaque
data:
MARIADB_ROOT_PASSWORD:
MARIADB_PASSWORD:
---
# Deployment of GLPI v1
apiVersion: apps/v1
kind: Deployment
metadata:
name: glpi-one
namespace: glpi-one
spec:
selector:
matchLabels:
app: glpi-one
replicas: 1
template:
metadata:
labels:
app: glpi-one
spec:
initContainers:
- name: init-chown-data
image: busybox
command: ["sh", "-c", "chown -R www-data:www-data /var/www/glpi /var/log/glpi /var/lib/glpi"]
volumeMounts:
- name: glpi-data
mountPath: /var/www/glpi
- name: glpi-logs
mountPath: /var/log/glpi
- name: glpi-var
mountPath: /var/lib/glpi
containers:
- name: glpi
image: dunvael/glpi_v10.0.9 # Spécifier ici le nom de l'image GLPI utilisée
imagePullPolicy: Always
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
envFrom:
- configMapRef:
name: glpi-one-config
- secretRef:
name: dbone-secret
ports:
- containerPort: 80
- containerPort: 443
volumeMounts:
- name: glpi-data
mountPath: /var/www/glpi
- name: glpi-logs
mountPath: /var/log/glpi
- name: glpi-var
mountPath: /var/lib/glpi
env:
- name: REDIS
value: "redis-service"
- name: REDIS_PWD
valueFrom:
secretKeyRef:
name: redis-secret
key: password
volumes:
- name: glpi-data
emptyDir: {}
- name: glpi-logs
emptyDir: {}
- name: glpi-var
emptyDir: {}
restartPolicy: Always
---
# Service for GLPI v1 (Cluster IP)
apiVersion: v1
kind: Service
metadata:
name: glpi-service
namespace : glpi-one
spec:
ports:
- name: http
port: 80 # Port accessible inside cluster
targetPort: 80 # Port to forward to inside the pod
- name: https
port: 443 # Expose the additional port
targetPort: 443 # Set the target port for the additional port
selector:
app: glpi-one
---
# PV Claim creation for GLPI v1
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: redis-pvc
namespace: glpi-one
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
---
# Autoscale for GLPI v1
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: scale-glpi-one
namespace: glpi-one
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: glpi-one
minReplicas: 1
maxReplicas: 10
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 70
- type: Resource
resource:
name: memory
target:
type: AverageValue
averageValue: 200Mi
我查了很多出版物,似乎找不到答案。你能给我建议吗?如果这是由于我的经验不足或误解造成的,我提前道歉。非常感谢。
我检查了所有服务和 pod,并描述了它们(使用 kubectl 命令)。
我尝试使用 mariadb 部署中的 initcontainer 中的命令向我的用户授予权限,但是 initcontainer 不断崩溃,我的 pod 无法启动。
# Deployment of MariaDB for GLPI v1
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: mariadb-one
namespace: database1
spec:
serviceName: db1-service
replicas: 1
selector:
matchLabels:
app: mariadb
template:
metadata:
labels:
app: mariadb
spec:
volumes:
- name: dbone-vol
persistentVolumeClaim:
claimName: dbone-pvc
initContainers:
- name: init-database
image: mariadb:latest # Use an image with MySQL/MariaDB client tools
command: ["sh", "-c", "mysql -h db1-service -u root -p$MARIADB_ROOT_PASSWORD -e 'GRANT ALL PRIVILEGES ON glpidb1.* TO ''glpi1_user''@''%'';'"]
env:
- name: MARIADB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
name: dbone-secret
key: MARIADB_ROOT_PASSWORD # Use the root password stored in your secret
envFrom:
- configMapRef:
name: dbone-config
volumeMounts:
- name: dbone-vol
mountPath: /data
containers:
- name: mariadb
image: dunvael/db_v10.0.9
imagePullPolicy: Always
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 250m
memory: 256Mi
ports:
- containerPort: 3306
volumeMounts:
- name: dbone-vol
mountPath: /data
envFrom:
- configMapRef:
name: dbone-config
- secretRef:
name: dbone-secret
restartPolicy: Always
我尝试使用 localhost 而不是 FQDN,但收到错误消息:找不到数据库。
我尝试直接从我的 pod 连接到数据库,但一直失败 (
kubectl exc -it [podName] -n [namespaceName]1个回答
0
投票
投票
首先,不需要
initContainersGRANT ALL ON database.* TO user连接被拒绝很可能是在容器准备好之前尝试连接。使用 healthcheck.sh 作为 readiness 探针
command其他事项:
- MARIADB_ROOT_HOST 是连接的来源,不一定与容器本身相同。
在容器中不是必需的,从 11.0+ 开始,mysql
可执行文件将发挥其作用(这从 10.4+ 开始就存在)。mariadb
最新问题
- NPM shasum、完整性和签名字段之间的区别和用途是什么?
- ASP.NET Core 应用程序中的 Azure AD B2C 身份验证
- 超简单GCD的时间复杂度
- ASP.NET Core 6.0 表单验证错误:“fieldNameHere 字段是必需的。”即使不存在这样的字段
- 检查 id 是否存在并在触发函数中采取相应行动
- 如何通过 SPI 发送超过 ESP32 RAM 数量的数据?
- 检查触发函数中是否存在id并采取相应行动
- 构建容器在缓存node_modules时内存不足
- SwiftUI 三元集主题在重新打开视图之前不会更新
- 分支定界算法寻找带约束的最短路径
- 检查 plpgsql 中是否存在 id 并采取相应行动
- 为什么 Maven 会警告我有关编码的问题?
- 如何使用dexie.js 添加新条目
- 通过 AzureDevOps Services REST API 将二进制文件上传到 git LFS?
- 将数组值作为参数传递给 azure devops yaml 模板
- 我是 Flutter 新手,我正在尝试运行我的应用程序,并且我得到这个“kotlin-android”插件需要 Android Gradle 插件之一
- F# Array.tryFindIndex 从索引开始搜索
- 如何通过 SPI 发送比 ESP32 内存更多的数据
- 稍后将类型替换为另一种类型
- 在Linux上获取共享内存大小的便捷方法
© www.soinside.com 2019 - 2024. All rights reserved.