Kubernetes:无法从EKS pod到RDS Postgres [英] Kubernetes: Have no access from EKS pod to RDS Postgres
问题描述
我正在尝试在AWS上设置kubernetes.为此,我根据官方的AWS教程创建了一个具有3个节点(t2.small)的EKS集群.然后,我想用一些与Postgres(不同VPC中的RDS)通信的应用程序运行一个pod.
I'm trying to setup kubernetes on AWS. For this I created an EKS cluster with 3 nodes (t2.small) according to official AWS tutorial. Then I want to run a pod with some app which communicates with Postgres (RDS in different VPC).
但不幸的是,该应用程序未连接到数据库.
But unfortunately the app doesn't connect to the database.
我所拥有的:
- 具有自己的VPC(CIDR:192.168.0.0/16)的EKS集群
- 具有自己的VPC的RDS(Postgres)(CIDR:172.30.0.0/16)
- 从RDS VPC到EKS VPC的对等连接
- 更新了EKS群集的3个公共子网的路由表:目标为172.30.0.0/16且目标为目标的路由—添加了步骤3中的对等连接.
- RDS的路由表已更新:目的地为192.168.0.0/16且目标为的路由—添加了来自步骤3的对等连接.
- RDS安全组已更新,添加了新的入站规则:允许来自192.168.0.0/16的所有流量
所有这些步骤之后,我执行kubectl命令:
After all these steps I execute kubectl command:
kubectl exec -it my-pod-app-6vkgm nslookup rds-vpc.unique_id.us-east-1.rds.amazonaws.com
nslookup: can't resolve '(null)': Name does not resolve
Name: rds-vpc.unique_id.us-east-1.rds.amazonaws.com
Address 1: 52.0.109.113 ec2-52-0-109-113.compute-1.amazonaws.com
然后我连接到3个节点之一并执行命令:
Then I connect to one of the 3 nodes and execute a command:
getent hosts rds-vpc.unique_id.us-east-1.rds.amazonaws.com
52.0.109.113 ec2-52-0-109-113.compute-1.amazonaws.com rds-vpc.unique_id.us-east-1.rds.amazonaws.com
为了从Pod访问RDS,我在EKS设置中错过了什么?
What I missed in EKS setup in order to have access from pods to RDS?
更新:
我试图通过Service解决问题:
apiVersion: v1
kind: Service
metadata:
name: postgres-service
spec:
type: ExternalName
externalName: rds-vpc.unique_id.us-east-1.rds.amazonaws.com
因此,我在EKS中创建了此服务,然后尝试将postgres-service称为DB URL,而不是直接RDS主机地址.
So I created this service in EKS, and then tried to refer to postgres-service as DB URL instead of direct RDS host address.
此修复程序无效:(
推荐答案
您是否尝试在对等连接中启用"dns传播"?看来您没有获得内部可路由的dns.您可以通过进入对等连接设置并选中dns传播复选框来启用它.通常,我将执行我控制的所有对等连接.
Have you tried to enable "dns propagation" in the peering connection? It looks like you are not getting the internally routable dns. You can enable it by going into the setting for the peering connection and checking the box for dns propagation. I generally do this will all of the peering connections that I control.
这篇关于Kubernetes:无法从EKS pod到RDS Postgres的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
