我在 Golang 中有一个 Web 服务器,它作为 StatefulSet 连接到 Postgres。但是,我在连接时遇到错误,没有找到这样的主机。 Web 服务器是使用 ClusterIP 作为网络服务和用于创建 Pod 的部署来创建的。 Postgres 是使用 Headless Service 和 StatefulSet 创建的。以下是我的k8s配置文件以及错误信息:
# headless-service.yml
apiVersion: v1
kind: Service
metadata:
name: authentication-headless-service
labels:
ims: authentication
spec:
clusterIP: None # headless service
selector:
ims: authentication-postgres
ports:
- name: authentication-postgres-h
port: 5432
targetPort: 5432
# statefulset.yml
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: authentication-postgres-statefulset
spec:
serviceName: authentication-headless-service
replicas: 1
selector:
matchLabels:
ims: authentication-postgres
template:
metadata:
labels:
ims: authentication-postgres
spec:
containers:
- name: postgres
image: postgres:14.2
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: authentication-secret
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: authentication-secret
key: POSTGRES_PASSWORD
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: authentication-secret
key: POSTGRES_HOST
ports:
- containerPort: 5432
name: postgres
volumeMounts:
- name: postgres-authentication-data
mountPath: /var/lib/postgresql/data
subPath: postgres # specific to postgres
livenessProbe:
tcpSocket:
port: 5432
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 3
readinessProbe:
tcpSocket:
port: 5432
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 3
volumeClaimTemplates:
- metadata:
name: postgres-authentication-data
spec:
accessModes:
- "ReadWriteOnce"
resources:
requests:
storage: 500Mi
storageClassName: ims-storage-class
apiVersion: v1
kind: Secret
metadata:
name: authentication-secret
type: Opaque
data:
POSTGRES_USER: YXV0aGVudGljYXRpb24tcG9zdGdyZXM=
POSTGRES_PASSWORD: cGFzc3dvcmQ=
# base64 encoded 'authentication-postgres-0.authentication-headless-service.default.svc.cluster.local'
POSTGRES_HOST: YXV0aGVudGljYXRpb24tcG9zdGdyZXMtMC5hdXRoZW50aWNhdGlvbi1oZWFkbGVzcy1zZXJ2aWNlLmRlZmF1bHQuc3ZjLmNsdXN0ZXIubG9jYWw=
---
apiVersion: v1
kind: Service
metadata:
name: authentication-clusterip
spec:
type: ClusterIP
ports:
- targetPort: 8001
port: 8001
selector:
ims: authentication
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: authentication-deployment
namespace: default
spec:
replicas: 4
selector:
matchLabels:
ims: authentication
template:
metadata:
labels:
ims: authentication
spec:
containers:
- name: authentication
image: localhost:5050/ims-authentication:latest
ports:
- containerPort: 8001
env:
- name: MODE
value: docker
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: authentication-secret
key: POSTGRES_USER
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: authentication-secret
key: POSTGRES_PASSWORD
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: authentication-secret
key: POSTGRES_HOST
- name: POSTGRES_PORT
valueFrom:
configMapKeyRef:
name: authentication-configmap
key: POSTGRES_PORT
- name: POSTGRES_DB
valueFrom:
configMapKeyRef:
name: authentication-configmap
key: POSTGRES_DB
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
这是错误消息:
kubectl logs authentication-deployment-99c845645-vr48p
2024/09/18 17:16:10 failed to connect to postgres db: failed to connect to `user=authentication-postgres database=imsdb`: hostname resolving error: lookup authentication-postgres-0.authentication-headless-service.default.svc.cluster.local on 10.96.0.10:53: no such host
我注意到
$.metadata.namespace
仅指定为 default
部署的 authentication-deployment
,而不是 StatefulSet 或服务。请验证所有资源都是在同一命名空间中创建的,可以直接在 YAML 中指定,也可以通过 kubectl
和 -n <namespace>
。否则,DNS 记录将无法按预期解析,因为它们的构建方式类似于 <name>.<namespace>.svc.cluster.local
。