postgres-operator无法连接到数据库

时间:2020-05-17 10:05:12

标签: postgresql kubernetes

我在命名空间 postgres

的K8S集群上安装了https://github.com/zalando/postgres-operator 
helm install postgres-operator -n postgres ./charts/postgres-operator 
helm install postgres-operator-ui -n postgres ./charts/postgres-operator-ui

并创建了如下数据库:

kind: "postgresql"
apiVersion: "acid.zalan.do/v1"

metadata:
  name: "acid-databaker-db"
  namespace: "dev"
  labels:
    team: acid

spec:
  teamId: "acid"
  postgresql:
    version: "12"
  numberOfInstances: 2
  volume:
    size: "5Gi"
  users:
    admin: []
  databases:
    keycloak: admin
  allowedSourceRanges:
    # IP ranges to access your cluster go here

  resources:
    requests:
      cpu: 100m
      memory: 100Mi
    limits:
      cpu: 500m
      memory: 500Mi

数据库实例已在 namespace dev 上启动并运行:

NAME                       TYPE        CLUSTER-IP       EXTERNAL-IP   PORT(S)    AGE
acid-databaker-db          ClusterIP   10.245.205.143   <none>        5432/TCP   10h
acid-databaker-db-config   ClusterIP   None             <none>        <none>     10h
acid-databaker-db-repl     ClusterIP   10.245.152.182   <none>        5432/TCP   10h

以及Postgres服务的输出:

Name:              acid-databaker-db
Namespace:         dev
Labels:            application=spilo
                   cluster-name=acid-databaker-db
                   spilo-role=master
                   team=acid
Annotations:       <none>
Selector:          <none>
Type:              ClusterIP
IP:                10.245.205.143
Port:              postgresql  5432/TCP
TargetPort:        5432/TCP
Endpoints:         10.244.1.49:5432
Session Affinity:  None
Events:            <none>

我还尝试通过本地计算机上的PSQL客户端连接到创建的数据库,如下所示:

export PGMASTER=$(kubectl get pods -o jsonpath={.items..metadata.name} -l application=spilo,cluster-name=acid-databaker-db,spilo-role=master)
export PGPASSWORD=$(kubectl get secret  postgres.acid-databaker-db.credentials.postgresql.acid.zalan.do -o 'jsonpath={.data.password}' | base64 -d)

kubectl port-forward $PGMASTER 5432:5432
Forwarding from 127.0.0.1:5432 -> 5432
Forwarding from [::1]:5432 -> 5432

,我尝试连接到数据库并列出所有创建的数据库:

psql (12.2 (Ubuntu 12.2-4))
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.

postgres=# \dt
            List of relations
 Schema |     Name     | Type  |  Owner   
--------+--------------+-------+----------
 public | postgres_log | table | postgres
(1 row)

为什么我在上面创建的密钥斗篷不存在?

1 个答案:

答案 0 :(得分:2)

似乎您错过了数据库所有者权限和应用程序角色,这是正确的清单:

kind: "postgresql"
apiVersion: "acid.zalan.do/v1"

metadata:
  name: "acid-databaker-db"
  namespace: "postgres"
  labels:
    team: acid

spec:
  teamId: "acid"
  postgresql:
    version: "12"
  numberOfInstances: 2
  volume:
    size: "5Gi"
  users:
    admin: # database owner
      - superuser
      - createdb
    keycloak: [] # role for application
  databases:
    keycloakDB: keycloak # dbname: owner

  allowedSourceRanges:
    # IP ranges to access your cluster go here

  resources:
    requests:
      cpu: 100m
      memory: 100Mi
    limits:
      cpu: 500m
      memory: 500Mi
相关问题
最新问题