我正在从aws迁移到gke,但是为什么我无法达到自己的IP地址
cescoferraro@g7: ~/go/src/github.com/cescoferraro/mongo-k8s-sidecar on develop [!]
$ k exec -it mongo-0 -c mongo bash
root@mongo-0:/# curl 10.32.2.70:27017^C
root@mongo-0:/# ifconfig
eth0 Link encap:Ethernet HWaddr 0a:58:0a:20:02:46
inet addr:10.32.2.70 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::4820:f6ff:fe60:a655/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1460 Metric:1
RX packets:13433 errors:0 dropped:0 overruns:0 frame:0
TX packets:13192 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:65150095 (65.1 MB) TX bytes:4359632 (4.3 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:13924 errors:0 dropped:0 overruns:0 frame:0
TX packets:13924 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2303174 (2.3 MB) TX bytes:2303174 (2.3 MB)
root@mongo-0:/# curl 10.32.2.70:27017
curl: (7) Failed to connect to 10.32.2.70 port 27017: Connection refused
root@mongo-0:/# curl 127.0.0.1:27017
It looks like you are trying to access MongoDB over HTTP on the native driver port.
root@mongo-0:/# curl 10.35.251.6
<!DOCTYPE html>
<html lang="pt" id="boss">
<head>
<meta charset="UTF-8">
<meta name="mobile-web-app-capable" content="yes">
<meta name="google-site-verification" content="xMFg9XEP67BGHFJRngurli0aSWzW5axaha2DYHhBaag">
<meta name="viewport" content="width=device-width,maximum-scale=5">
...
k8s配置
## Generate a key
# openssl rand -base64 741 > mongodb-keyfile
## Create k8s secrets
# kubectl create secret generic mongo-key --from-file=mongodb-keyfile
---
apiVersion: v1
kind: Service
metadata:
name: mongo
labels:
name: mongo
spec:
ports:
- port: 27017
targetPort: 27017
clusterIP: None
selector:
role: mongo
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: mongo
spec:
serviceName: "mongo"
replicas: 1
template:
metadata:
labels:
role: mongo
environment: test
spec:
terminationGracePeriodSeconds: 10
containers:
- name: mongo
image: mongo
command:
- /bin/sh
- -c
- >
if [ -f /data/db/admin-user.lock ]; then
mongod --replSet rs0 --bind_ip 0.0.0.0 --setParameter authenticationMechanisms=SCRAM-SHA-1;
else
mongod --auth;
fi;
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- >
if [ ! -f /data/db/admin-user.lock ]; then
sleep 5;
touch /data/db/admin-user.lock
if [ "$HOSTNAME" = "mongo-0" ]; then
mongo --eval 'db = db.getSiblingDB("admin"); db.createUser({ user: "admin", pwd: "pass", roles: [{ role: "root", db: "admin" }]});';
fi;
mongod --shutdown;
fi;
ports:
- containerPort: 27017
volumeMounts:
- name: mongo-persistent-storage
mountPath: /data/db
- name: mongo-sidecar
image: onnidev/mongosidecar
env:
- name: MONGO_SIDECAR_POD_LABELS
value: "role=mongo,environment=test"
- name: MONGODB_USERNAME
value: admin
- name: MONGODB_PASSWORD
value: pass
- name: MONGODB_DATABASE
value: admin
volumeClaimTemplates:
- metadata:
name: mongo-persistent-storage
annotations:
volume.beta.kubernetes.io/storage-class: "fast"
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 4Gi
答案 0 :(得分:0)
我试图基于此document在GKE上实施有状态set mongo部署
但是不幸的是这个例子已经过时了。
马修在上述评论中提到了这个问题,并指出蒙哥陈述了以下here
从MongoDB 3.6开始,默认情况下,mongos或mongod绑定到localhost。
因此解决方法是使用诸如bind_ip标志启动服务器
mongod --replSet rs0 --bind_ip 127.0.0.1,$(hostname -I) --setParameter authenticationMechanisms=SCRAM-SHA-1
mongo 3.6弃用了cvallance/mongo-k8s-sidecar项目使用用户名和密码进行身份验证的方式,因此我制作了一个PR以对其进行修复,并构建了自己的位于onnidev/mongosidecar的容器化版本。 / p>
## Generate a key
# openssl rand -base64 741 > mongodb-keyfile
## Create k8s secrets
# kubectl create secret generic mongo-key --from-file=mongodb-keyfile
---
apiVersion: v1
kind: Service
metadata:
name: mongo
labels:
name: mongo
spec:
ports:
- port: 27017
targetPort: 27017
selector:
role: mongo
---
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
name: mongo
spec:
serviceName: "mongo"
replicas: 1
template:
metadata:
labels:
role: mongo
environment: test
spec:
terminationGracePeriodSeconds: 10
containers:
- name: mongo
image: mongo
command:
- /bin/sh
- -c
- >
if [ -f /data/db/admin-user.lock ]; then
export IP=$(hostname -I)
mongod --replSet rs0 --bind_ip 127.0.0.1,$IP --setParameter authenticationMechanisms=SCRAM-SHA-1;
else
mongod --auth;
fi;
lifecycle:
postStart:
exec:
command:
- /bin/sh
- -c
- >
if [ ! -f /data/db/admin-user.lock ]; then
sleep 5;
touch /data/db/admin-user.lock
if [ "$HOSTNAME" = "mongo-0" ]; then
mongo --eval 'db = db.getSiblingDB("admin"); db.createUser({ user: "admin", pwd: "pass", roles: [{ role: "root", db: "admin" }]});';
fi;
mongod --shutdown;
fi;
ports:
- containerPort: 27017
volumeMounts:
- name: mongo-persistent-storage
mountPath: /data/db
- name: mongo-sidecar
image: onnidev/mongosidecar
env:
- name: MONGO_SIDECAR_POD_LABELS
value: "role=mongo,environment=test"
- name: MONGODB_USERNAME
value: admin
- name: MONGODB_PASSWORD
value: pass
- name: MONGODB_DATABASE
value: admin
volumeClaimTemplates:
- metadata:
name: mongo-persistent-storage
annotations:
volume.beta.kubernetes.io/storage-class: "fast"
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 4Gi