问题描述
我一直在尝试使用docker compose在安全模式下运行cockroachdb,我想我现在可以正常运行了,但是nakama似乎无法连接到它。剂量有人知道如何解决吗?
https://github.com/SirBuildsALot/NakamaDockerCompose
这只是docker-compose文件
version: '3.5'
volumes:
certs-roach-0:
certs-client:
services:
roach-cert:
container_name: roach-cert
hostname: roach-cert
build: roach-cert
volumes:
- certs-roach-0:/certs/roach-0
- certs-client:/certs/client
roach-0:
container_name: roach-0
hostname: roach-0
image: cockroachdb/cockroach:latest
command: start-single-node --cluster-name=example-secure-Nginx --logtostderr=WARNING --log-file-verbosity=WARNING --certs-dir=/certs
volumes:
- certs-roach-0:/certs
depends_on:
- roach-cert
lb:
container_name: lb
hostname: lb
build: haproxy
ports:
- "5432:5432"
- "8080:8080"
- "8081:8081"
depends_on:
- roach-0
roach-init:
container_name: roach-init
hostname: roach-init
image: timveil/cockroachdb-remote-client:latest
environment:
- COCKROACH_HOST=lb:5432
- COCKROACH_INSECURE=false
- COCKROACH_CERTS_DIR=/certs
- DATABASE_NAME=admin
- DATABASE_USER=admin
- DATABASE_PASSWORD=password
volumes:
- certs-client:/certs
depends_on:
- lb
- roach-cert
nakama:
container_name: nakama
image: heroiclabs/nakama:2.12.0
entrypoint:
- "/bin/sh"
- "-ecx"
- >
/nakama/nakama migrate up --database.address root@roach-0:26257 &&
exec /nakama/nakama --config /nakama/data/my-special-config.yml
restart: always
links:
- "roach-cert:db"
depends_on:
- roach-cert
volumes:
- ./:/nakama/data
expose:
- "7349"
- "7350"
- "7351"
ports:
- "7349:7349"
- "7350:7350"
- "7351:7351"
healthcheck:
test: ["CMD","curl","-f","http://localhost:7350/"]
interval: 10s
timeout: 5s
retries: 5
#volumes:
# data:
这是来自中岛的错误消息
nakama | + /nakama/nakama migrate up --database.address root@roach-0:26257
nakama | {"level":"info","ts":"2020-11-01T23:10:28.764Z","caller":"migrate/migrate.go:139","msg":"Database connection","dsn":"root@roach-0:26257"}
nakama | {"level":"fatal","ts":"2020-11-01T23:10:31.008Z","caller":"migrate/migrate.go:147","msg":"Error pinging database","error":"ERROR: node is running secure mode,SSL connection required (sqlSTATE 08P01)"}
nakama | + /nakama/nakama migrate up --database.address root@roach-0:26257
nakama | {"level":"info","ts":"2020-11-01T23:10:36.951Z","ts":"2020-11-01T23:10:36.952Z","ts":"2020-11-01T23:10:40.471Z","ts":"2020-11-01T23:10:40.472Z","ts":"2020-11-01T23:10:44.023Z","ts":"2020-11-01T23:10:44.025Z","ts":"2020-11-01T23:10:47.469Z","ts":"2020-11-01T23:10:47.471Z","ts":"2020-11-01T23:10:50.564Z","ts":"2020-11-01T23:10:50.565Z",SSL connection required (sqlSTATE 08P01)"}
解决方法
我为您的存储库创建了一个pull request,用于修复您的连接。您的代码存在一些问题。
最重要的问题是您的database.address不正确。要连接到安全的CockroachDB群集,您必须提供其他详细信息,例如sslmode,sslrootcert路径,sslcert路径和sslkey路径。更多详细信息,请参见here。此外,您的docker compose文件包含一个负载均衡器,但是您的原始配置没有利用它,而是尝试直接连接到LB前面的CockroachDB节点。在您的docker-compose.yml文件和my-special-config.yml文件中都发现了这些问题。
这是您database.address中原始docker-compose.yml的相关部分...
/nakama/nakama migrate up --database.address root@roach-0:26257
这是正确的database.address ...
/nakama/nakama migrate up --database.address 'lb:5432?sslmode=require&sslrootcert=/certs/ca.crt&sslcert=/certs/client.root.crt&sslkey=/certs/client.root.key'