Laravel Docker 容器无法连接到远程 AWS RDS 数据库 [英] Laravel Docker Container Cannot connect to remote AWS RDS Database
问题描述
我正在使用一个容器化的 Laravel 应用程序,它应该连接到远程 rds 数据库,这里是一个示例 .env
I'm working with a containerized Laravel app that is supposed to be connecting to a remote rds database, here is a sample .env
DB_HOST=xxxxxx.rds.amazonaws.com
DB_DATABASE=sample
DB_USERNAME=sample
DB_PASSWORD=sample
DB_PORT=3306
DATABASE_DRIVER=mysql
容器正常工作,但问题是,当我尝试运行 composer ie 时,它无法连接到远程 rds 数据库:
The container works as it should but the problem is, it cannot connect to the remote rds database, when I try running composer ie:
$ docker exec -ti laravel-php bash
$ composer install
我收到此错误:
[PDOException]
SQLSTATE[HY000] [1045] Access denied for user 'sample'@'192.168.66.1' (using password: YES)
Script php artisan clear-compiled handling the post-install-cmd event returned with error code 1
192.168.66.1 作为我的 docker 容器的 ip,我怀疑数据库策略是通过 @localhost 访问打开的,因为我的开发人员确认它对公共连接开放.
192.168.66.1 as my docker container's ip, I suspect that the db policy is open via @localhost access since my dev ops confirmed that it's open for public connections.
顺便说一句,我正在使用 docker-compose 版本 2,这是一个示例 docker-compose:
I'm using docker-compose version 2 btw, here's a sample docker-compose:
version: '2'
services:
sample-server:
build:
context: ./
dockerfile: sample.server.docker
volumes:
- ../backend:/var/www
ports:
- "8081:80"
environment:
- VIRTUAL_HOST=sample.local
links:
- sample-php
depends_on:
- sample-php
sample-php:
build:
context: ./
dockerfile: sample.php.docker
volumes:
- .:/var/www
links:
- sample-database
environment:
- "DB_PORT=3306"
- "DB_HOST=sample-database"
sample-database:
image: mysql:5.7
environment:
- "MYSQL_ROOT_PASSWORD=samplepassword"
- "MYSQL_DATABASE=sample"
ports:
- "33081:3306"
sample-nginx-proxy:
image: jwilder/nginx-proxy
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
networks:
default:
external:
name: sample-nginx-proxy
我该如何解决这个问题?
How can I fix this?
推荐答案
检查以下内容:
数据库可公开访问:在数据库所在的 VPC 外部进行连接,更具体地说是通过 Internet 访问,需要将数据库配置为公共可访问性.你说的已经完成了.由于您有内部 IP,而数据库没有公共 IP,因此这不是真正必需的.
Database is publicly accessible: Connecting outside the VPC that the database resides, more specifically accessed over the internet, requires that the database is configured for Public Accessibility. Which you said is already done. As you have an internal IP, and the database does not have a public IP, this is not really required.
基本配置:检查数据库名称和端口是否设置正确,我相信你已经完成了.
Basic Configuration: Check that the database name, and port is set correctly, which I am sure you have done.
安全组入站规则:这很可能是这种情况,数据库将有一个或多个 安全组.确保安全组配置为允许从您的案例中的客户端进行入站访问:192.168.66.1
Security Group Inbound Rules: This is most likely the case, the database will have one or more security groups. Ensure that the security group is configured to allow inbound access from the client in your case: 192.168.66.1
确认客户端的IP地址:192.168.66.1 是容器的奇怪 IP,VPC 子网的前 4 个 IP 地址是 保留.
Confirm the IP address of the client: 192.168.66.1 is a strange IP for the container, the first 4 IP Addresses of a VPC Subnet are reserved.
确认网络路由:确认包含客户端的 VPC 可以连接到数据库.当客户端在 docker 容器中运行时,请确保容器可以访问数据库.简单的方法是在数据库子网中的 EC2 实例上启用 ICMP 数据包,并检查您是否可以 Ping 或使用 VPC 路由 分析器.
Confirm the network routing: Confirm that the VPC that contains the client can connect to the database. As the client is running within a docker container ensure that the container can access the database. Easy way to do this is enable ICMP packets on an EC2 instance in the database subnet, and check you can Ping it or use the VPC route analyser.
检查数据库用户权限:数据库用户可以连接任何地址而不是 localhost.
Check the database user rights: Can the database user connect for any address not localhost.
VPC 的安全性:检查两个子网的 ACL入站和出站
Security on the VPC: Check the ACLs of the subnets for both inbound and outbound
更新:这是来自 AWS 的链接:故障排除用于亚马逊 RDS.
UPDATE: Here is a link from AWS: Troubleshooting for Amazon RDS.
这篇关于Laravel Docker 容器无法连接到远程 AWS RDS 数据库的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
