pubsub.NewClient方法卡在GKE golang上 [英] pubsub.NewClient method stuck on GKE golang
问题描述
我正在开发使用Google Pub/Sub客户端库的golang应用程序.我正在使用Google容器引擎进行部署.我按照以下步骤进行了部署-
I am developing a golang app that uses Google Pub/Sub client library. I am using Google container engine for deployment. I followed the following steps for deployment -
- 使用
CGO_ENABLED = 0 GOOS = linux构建golang二进制文件go build -o bin/app app.go - 使用下面显示的dockerfile构建docker映像.
- 创建kubernetes部署.
Dockerfile-
Dockerfile -
FROM scratch
ADD bin/app /
CMD ["/app"]
应用启动正常,我可以看到一些初始调试日志.但是,当我尝试使用 client,err:= pubsub.NewClient(ctx,projectId)实例化发布/订阅客户端时,该方法调用将永远不会返回.在此声明之后,我没有看到打印出的日志消息.
The app starts fine and I can see some initial debug logs. However, when I try to instantiate a pub/sub client using client, err := pubsub.NewClient(ctx, projectId), the method call never returns. I do not see the log message printed right after this statement.
我在我的GKE群集上启用了云发布/订阅"权限.此外,该应用程序在我的本地计算机上运行也没有任何问题.
I have "Cloud Pub/Sub" permission enabled on my GKE cluster. Also, the app runs without any issues on my local machine.
可能是什么问题?
推荐答案
好的,所以我终于找到了问题及其解决方案.我的映像不包含发布/订阅客户端(当然还有许多其他库)进行通信所需的任何SSL证书.
Okay so I finally found the problem and its solution. My image does not contain any SSL certificates which are required for the pub/sub client (and many other libraries of course) to communicate.
将本地计算机的/etc/ssl/certs/ca-certificates.crt 文件添加到Docker映像的/etc/ssl/certs/位置即可解决此问题.
Adding my local machine's /etc/ssl/certs/ca-certificates.crt file to the docker image's /etc/ssl/certs/ location solved the problem.
在代码船上的这篇很棒的帖子是我在哪里学到了这个解决方案.
This awesome post at codeship is where I learned this solution.
这篇关于pubsub.NewClient方法卡在GKE golang上的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
