当我将 SQL 代理用作我在 Kubernetes 集群上部署的 sidecar 时,我遇到了一个奇怪的问题。总而言之,它会不断关闭客户端的连接,然后立即打开一个新连接,而不会导致任何致命异常!
我的部署
我有一个具有 2 个图像的部署对象,(1) Spring Boot App和 (2) SQL Cloud Proxy。我使用 SQL 代理从不同的 GCP 项目访问数据库(我有我的理由)。此部署中对公开服务的所有请求都可以正常工作,但我在日志中不断收到错误消息,指出正在从 SQL 代理关闭连接并重新建立!
我的部署 YAML 文件
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-app
namespace: my-namespace
spec:
replicas: 1
selector:
matchLabels:
app: my-app
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
labels:
app: my-app
log_forwarding: "true"
spec:
imagePullSecrets:
- name: artifactory-secret
nodeSelector:
apps: run
containers:
- name: db-proxy
image: my-artifactory/cloudsql-docker/gce-proxy:1.17
command:
- "/cloud_sql_proxy"
- "-instances=project:europe-north1:slm-preview=tcp:5432"
- "-credential_file=/secrets/service_account.json"
securityContext:
runAsNonRoot: true
volumeMounts:
- name: sql-proxy-sa-secret
mountPath: /secrets/
readOnly: true
- image: my-artifactory/my-app/app:dev-c3235e9bf3473e61cb3c496e4fb2a69f4f54b07f
imagePullPolicy: Always
name: my-app
securityContext:
runAsNonRoot: true
env:
- name: SPRING_PROFILES_ACTIVE
value: gcp_dev
- name: SPRING_CONFIG_LOCATION
value: file:/config-repo/application.yml,file:/config-repo/core-service.yml
envFrom:
- secretRef:
name: db-sercret
ports:
- containerPort: 8001
protocol: TCP
resources:
limits:
ephemeral-storage: "1Gi"
memory: 1Gi
requests:
ephemeral-storage: "1Gi"
memory: 1Gi
livenessProbe:
failureThreshold: 20
httpGet:
path: /actuator/info
port: 8001
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 60
successThreshold: 1
timeoutSeconds: 2
readinessProbe:
failureThreshold: 3
httpGet:
path: /actuator/health
port: 8001
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 60
successThreshold: 1
timeoutSeconds: 30
# terminationMessagePath: /dev/termination-log
# terminationMessagePolicy: File
volumeMounts:
- mountPath: /config-repo
name: config-repo-volume
volumes:
- name: sql-proxy-sa-secret
secret:
secretName: sa-sql-user
- configMap:
defaultMode: 420
name: my-app-config
name: config-repo-volume
我在找什么?
我正在尝试找到一种方法来解决每天数千次重新启动连接的问题!如果我可以强制代理不重置连接并使其保持活动状态,我做了一些研究,但我一无所获!
我会很感激你们的帮助!