CLoud Run:访问服务时出现禁止的错误

时间:2020-11-04 16:35:17

标签: google-cloud-platform google-cloud-sql google-cloud-run

我已经使用Wordpress创建了CLoudRun服务。我使用以下命令进行部署

        gcloud beta run deploy wp --image gcr.io/<project>/wp:v1 \
        --add-cloudsql-instances <project>:us-central1:mysql2  \
        --update-env-vars DB_HOST='127.0.0.1',DB_NAME=mysql2,DB_USER=wordpress,DB_PASSWORD=password,CLOUDSQL_INSTANCE='<project>:us-central1:mysql2'

该服务已正常部署,但在尝试访问该服务时显示以下错误

 <h1>Error: Forbidden</h1>
<h2>Your client does not have permission to get URL <code>/</code> from this server.</h2>

更新:

Dockerfile如下。我正在关注... https://github.com/acadevmy/cloud-run-wordpress 

 FROM wordpress:5.2.1-php7.3-apache
 EXPOSE 80
 # Use the PORT environment variable in Apache configuration files.
 RUN sed -i 's/80/${PORT}/g' /etc/apache2/sites-available/000-default.conf /etc/apache2/ports.conf
 # wordpress conf
 COPY wordpress/wp-config.php /var/www/html/wp-config.php

 # download and install cloud_sql_proxy
 RUN apt-get update && apt-get -y install net-tools wget && \
 wget https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 -O /usr/local/bin/cloud_sql_proxy && \ 
 chmod +x /usr/local/bin/cloud_sql_proxy


 COPY wordpress/cloud-run-entrypoint.sh /usr/local/bin/docker-entrypoint.sh

 ENTRYPOINT ["docker-entrypoint.sh"]
 CMD ["/usr/local/sbin/apache2ctl -D FOREGROUND"]

## docker-entrypoint.sh 

  #!/usr/bin/env bash
  # Start the sql proxy
  cloud_sql_proxy -instances=$CLOUDSQL_INSTANCE=tcp:3306 &

   # Execute the rest of your ENTRYPOINT and CMD as expected.

以下内容可以在控制台日志中看到

Cloud Run Log

我们允许未经身份验证的身份验证,现在错误是

建立数据库连接时出错

其他更新:

数据库正在以private IP运行,因此使用Serverless VPC

数据库信息如下:

     gcloud sql instances list
     NAME    DATABASE_VERSION  LOCATION       TIER         PRIMARY_ADDRESS  PRIVATE_ADDRESS  STATUS
     mysql2  MYSQL_5_7         us-central1-b  db-f1-micro  -                10.0.100.5       RUNNABLE

这是Serverless VPC访问范围

 testserverlessvpc  kube-shared-vpc us-central1     192.168.60.0/28     200     300

现在,我在两个gcloud run deploy and gcloud run service命令中都添加了如下所示的附加参数

-vpc连接器项目/ <主机项目> / locations / us-central1 / connectors / testserverlessvpc

但是在gcloud run deploy期间失败,并显示以下错误

    ⠏ Deploying new service... Internal system error, system will retry.

0 个答案:

没有答案
相关问题
最新问题