docker - 无法让谷歌身份验证在 docker 内工作以发布到 pubsub
问题描述
我试图让我的小型 go 应用程序(pub/sub)在 docker 内工作,所以我把它放在 GKE 中,但由于某种原因我无法让身份验证工作。
docker run --rm -it gcr.io/snappy-premise-118915/sensorgen:v1
{"pressure":24.10712641247902,"temperature":70.24302653595491,"dewpoint":41.3666446148299,"timecollected":"","latitude":-121.47104803040895,"longitude":0.007102469057958554,"humidity":19.463373213885937,"sensorId":"","zipcode":0}
2018/08/02 07:37:14 Failed to publish: context deadline exceeded
我正在创建这样的dockerfile:
FROM golang:1.8-alpine
COPY ./ /src
ENV LATITUDE = "-121.464"
ENV LONGITUDE = "36.9397"
ENV SENSORID = "sensor1234"
ENV ZIPCODE = "95023"
ENV INTERVAL = "3"
ENV GOOGLE_CLOUD_PROJECT = "snappy-premise-118915"
RUN apk add --no-cache git && \
cd /src && \
go get -t -v cloud.google.com/go/pubsub && \
CGO_ENABLED=0 GOOS=linux go build main.go
# final stage
FROM alpine
ENV LATITUDE "-121.464"
ENV LONGITUDE "36.9397"
ENV SENSORID "sensor1234"
ENV ZIPCODE "95023"
ENV INTERVAL "3"
ENV GOOGLE_CLOUD_PROJECT "snappy-premise-118915"
ENV GOOGLE_APPLICATION_CREDENTIALS "/app/key.json"
WORKDIR /app
COPY --from=0 /src/main /app/
COPY --from=0 /src/key.json /app/
ENTRYPOINT /app/main
该应用程序确实在我获得数据输出时启动,但是当它尝试发布到 pubsub 时,它似乎先手然后抛出此错误:2018/08/02 07:37:14 Failed to publish: context deadline exceeded
- - - - 更新 - - - - -
我更改了 Dockerfile 以添加 x509 证书,但仍然存在证书问题,看起来像:
{"pressure":24.13764705280961,"temperature":70.30698990487159,"dewpoint":40.44394673486464,"timecollected":"","latitude":-121.47166212174045,"longitude":0.005826195394839833,"humidity":19.821878333280246,"sensorId":"","zipcode":0}
INFO: 2018/08/02 13:58:09 ccResolverWrapper: sending new addresses to cc: [{pubsub.googleapis.com:443 0 <nil>}]
INFO: 2018/08/02 13:58:09 balancerWrapper: got update addr from Notify: [{pubsub.googleapis.com:443 0} {pubsub.googleapis.com:443 1} {pubsub.googleapis.com:443 2} {pubsub.googleapis.com:443 3}]
WARNING: 2018/08/02 13:58:09 grpc: addrConn.createTransport failed to connect to {pubsub.googleapis.com:443 0 3}. Err :connection error: desc = "transport: authentication handshake failed: x509: failed to load system roots and no roots provided". Reconnecting...
码头工人文件:
FROM golang:1.8-alpine
COPY ./ /src
ENV LATITUDE = "-121.464"
ENV LONGITUDE = "36.9397"
ENV SENSORID = "sensor1234"
ENV ZIPCODE = "95023"
ENV INTERVAL = "3"
ENV GOOGLE_CLOUD_PROJECT = "snappy-premise-118915"
RUN apk add --no-cache git && \
apk --no-cache --update add ca-certificates && \
cd /src && \
go get -t -v cloud.google.com/go/pubsub && \
CGO_ENABLED=0 GOOS=linux go build main.go
# final stage
FROM alpine
ENV LATITUDE "-121.464"
ENV LONGITUDE "36.9397"
ENV SENSORID "sensor1234"
ENV ZIPCODE "95023"
ENV INTERVAL "3"
ENV GOOGLE_CLOUD_PROJECT "snappy-premise-118915"
ENV GOOGLE_APPLICATION_CREDENTIALS "/app/key.json"
ENV GRPC_GO_LOG_SEVERITY_LEVEL "INFO"
WORKDIR /app
COPY --from=0 /src/main /app/
COPY --from=0 /src/key.json /app/
ENTRYPOINT /app/main
EXPOSE 8080
- - - - - 更新 - - - - - - - -
在图像上更改了我的 docker 文件,但仍然不行:
2018/08/02 14:10:40 Could not create pubsub Client: pubsub: google: error getting credentials using GOOGLE_APPLICATION_CREDENTIALS environment variable: open /key.json: no such file or directory
dockerfile
FROM golang:1.8 as build-env
WORKDIR /go/src/app
ADD . /go/src/app
COPY key.json /
RUN go-wrapper download # "go get -d -v ./..."
RUN go-wrapper install
# final stage
FROM gcr.io/distroless/base
ENV LATITUDE "-121.464"
ENV LONGITUDE "36.9397"
ENV SENSORID "sensor1234"
ENV ZIPCODE "95023"
ENV INTERVAL "3"
ENV GOOGLE_CLOUD_PROJECT "snappy-premise-118915"
ENV GOOGLE_APPLICATION_CREDENTIALS "/key.json"
ENV GRPC_GO_LOG_SEVERITY_LEVEL "INFO"
COPY --from=build-env /go/bin/app /
CMD ["/app"]
解决方案
看起来您正在使用多阶段构建(https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds)。
在原始版本中,您添加了一些文件。但是,当您进入下一阶段时,您需要将它们复制过来。因此,您可以使用COPY --from=0
语句来执行此操作,或者您可以简单地将 ADD 和 COPY 语句移到最后阶段。
推荐阅读
- r - 使用 R 为 xml 文件中的所有节点提取具有相同名称的属性
- json - 由于 CSRF 检查,REST API 同时发布具有不同属性的两个请求失败并显示 403 状态代码
- google-sheets - 转置多列的唯一值
- python - 如何递归组合列表中的元素对?
- flutter - 如何在不使用构建器的情况下自动滚动页面视图并产生一些延迟?
- r - 需要向量化字符串上的函数
- laravel - Laravel 与多个函数的多对多关系
- android - Kotlin 中有垃圾收集器吗?
- javascript - Javascript:按值对对象进行排序
- powershell - 在一次尝试/捕获中捕获多个错误