3

我在我的 kubernetes 集群(1.19.1)中运行了一些 dotnet 核心微服务,它们都在运行 istio sidecar 代理(1.9.1),并且在调用连接到外部的微服务时,我看到了一些不稳定的连接行为SQL 集群。如果我查看边车日志,我可以在连接失败时看到:

istio 边车日志:

[2021-05-26T15:00:04.585Z] "- - -" 0 UF,URX - - "-" 0 0 9909 - "-" "-" "-" "-" "11.11.11.11:1433" PassthroughCluster - 11.11.11.11:1433 100.96.13.10:51662 - -
[2021-05-26T15:00:04.585Z] "- - -" 0 UF,URX - - "-" 0 0 9910 - "-" "-" "-" "-" "22.22.22.22:1433" PassthroughCluster - 22.22.22.22:1433 100.96.13.10:59498 - -
[2021-05-26T15:00:04.491Z] "- - -" 0 UF,URX - - "-" 0 0 10003 - "-" "-" "-" "-" "22.22.22.22:1433" PassthroughCluster - 22.22.22.22:1433 100.96.13.10:59484 - -
[2021-05-26T15:00:04.491Z] "- - -" 0 UF,URX - - "-" 0 0 10003 - "-" "-" "-" "-" "33.33.33.33:1433" PassthroughCluster - 33.33.33.33:1433 100.96.13.10:51648 - -
[2021-05-26T15:00:04.491Z] "- - -" 0 UF,URX - - "-" 0 0 10003 - "-" "-" "-" "-" "44.44.44.44:1433" PassthroughCluster - 44.44.44.44:1433 100.96.13.10:58482 - -
[2021-05-26T15:00:04.585Z] "- - -" 0 UF,URX - - "-" 0 0 10001 - "-" "-" "-" "-" "44.44.44.44:1433" PassthroughCluster - 44.44.44.44:1433 100.96.13.10:58496 - -

应用程序日志异常:

Unhandled exception: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)
System.Data.SqlClient.SqlException (0x80131904): A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: TCP Provider, error: 35 - An internal exception was caught)

关于 SQL 集群的注意事项:在应用程序配置中,我们使用可用性组侦听器的 DNS 名称,例如 ag_listener.mydomain.com 来指向 HA SQL 集群。

这一切都在我们的 nonprod 中正常工作,我们也在其中运行 istio,尽管我们在 nonprod 中只运行一个 sql 实例。

目前,我确保将 outboundTrafficPolicy 设置为 ALLOW_ANY,但我仍然看到这种不稳定的连接行为。它不会一直发生,但它只是高度不一致。我的团队试图解决这个问题真的很痛苦。istio 上是否有适当的方法来处理与具有多个 IP 的 mssql 数据库集群的连接?谢谢你

addtl note:我尝试了以下 ServiceEntry 没有任何运气:

apiVersion: networking.istio.io/v1beta1
kind: ServiceEntry
metadata:
  name: prod-sql-service-entry
spec:
  addresses:
  - 11.11.11.11/32
  - 22.22.22.22/32
  - 33.33.33.33/32
  - 44.44.44.44/32
  hosts:
  - '*.mydomain.com'
  location: MESH_EXTERNAL
  ports:
  - name: tcp
    number: 1433
    protocol: TCP
4

0 回答 0