带有Kubernetes Istio的Bitnami Postgresql

编程问答 2022-06-07

问题描述

我开始使用服务网格istio在Kubernetes上构建一个Postgresql Ha集群。在命名空间中启用istion注入之前,我没有istio尝试过它。运行良好。在启用istio注入后,有状态集中的第二个容器无法通过无头服务连接到集群中的第一个容器。

postgreslq-test-postgresql-ha-pgpool-779d7f588-qmbmf   1/1     Running   9          69m
postgreslq-test-postgresql-ha-postgresql-0             3/3     Running   0          10m
postgreslq-test-postgresql-ha-postgresql-1             2/3     Running   6          9m50s

删除了在helm安装下创建的networkpolicy。

kubectl logs postgreslq-test-postgresql-ha-postgresql-1 postgresql

postgresql-repmgr 13:00:54.29 DEBUG ==> Host 'postgreslq-test-postgresql-ha-postgresql-0.postgreslq-test-postgresql-ha-postgresql-headless.gitlab-test.svc.cluster.local:5432' is not accessible
psql: error: Could not connect to server: server closed the connection unexpectedly
    This probably means the server terminated abnormally
    before or while processing the request.

为了进行自我测试,我使用postgresql-client创建了一个pod 

root@testpod:/# psql -h postgreslq-test-postgresql-ha-postgresql-0.postgreslq-test-postgresql-ha-postgresql-headless.gitlab-test.svc.cluster.local -U posgres
psql: server closed the connection unexpectedly
    This probably means the server terminated abnormally
    before or while processing the request.

Istio代理日志:

"response_flags": "UF,URX","start_time": "2020-10-19T14:21:44.631Z","method": "-","request_id": "-","upstream_host": "10.93.202.188:5432","x_forwarded_for": "-","requested_server_name": "-","bytes_received": "0","istio_policy_status": "-","bytes_sent": "0","upstream_cluster": "outbound|5432||postgresql-ha-postgresql-headless.gitlab-prod.svc.cluster.local","downstream_remote_address": "10.93.203.197:42222","authority": "-","path": "-","protocol": "-","upstream_service_time": "-","upstream_local_address": "-","duration": "3","upstream_transport_failure_reason": "-","route_name": "-","downstream_local_address": "10.93.202.188:5432","user_agent": "-","response_code": "0"

Kubernetes版本:k8s.gcr.io/hyperkube:v1.18.4

Istio版本:1.6.3

头盔图:bitnami / postgresql-ha图表版本:5.0.0应用版本:11.9.1

我认为某种Istio配置会导致此问题,因为它无需Istio即可工作。

有什么主意吗?

解决方法

我发现了一个问题和解决方案。端口名称引起的问题。

apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/instance: pg-istio
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: postgresql-ha
    helm.sh/chart: postgresql-ha-6.5.0
  namespace: postgre-test-istio
spec:
  clusterIP: None
  ports:
  - name: postgresql
    port: 5432
    protocol: TCP
    targetPort: 5432
  selector:
    app.kubernetes.io/component: postgresql
    app.kubernetes.io/instance: pg-istio
    app.kubernetes.io/name: postgresql-ha
  sessionAffinity: None
  type: ClusterIP

更改为:

apiVersion: v1
kind: Service
metadata:
  labels:
    app.kubernetes.io/instance: pg-istio
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: postgresql-ha
    helm.sh/chart: postgresql-ha-6.5.0
  namespace: postgre-test-istio
spec:
  clusterIP: None
  ports:
  - name: tcp-postgresql
    port: 5432
    protocol: TCP
    targetPort: 5432
  selector:
    app.kubernetes.io/component: postgresql
    app.kubernetes.io/instance: pg-istio
    app.kubernetes.io/name: postgresql-ha
  sessionAffinity: None
  type: ClusterIP
bitnamiistiokubernetes