django - (1045, "Access denied for user 'root'@'cloudsqlproxy~[cloudsql instance ip]' (using password: NO)")
问题描述
I'm trying to migrate a django app to google kubernetes engine and can't get it to work.
The response from the app is:
Exception Value:
(1045, "Access denied for user 'root'@'cloudsqlproxy~[cloudsql instance ip]' (using password: NO)")
If I fire up a bash shell into the running container in which the django app lives, I can connect to the cloud sql instance.
I have my database credentials in environment variables but django doesn't seem to care about the username and password specifically.
django connection settings from inside the container:
from django.db import connection
connection.settings_dict
{'ENGINE': 'django.db.backends.mysql', 'NAME': 'aesh_db', 'USER': None, 'PASSWORD': None, 'HOST': '127.0.0.1', 'PORT': '3306', 'OPTIONS': {'charset': 'utf8mb4'}, 'TEST': {'CHARSET': 'utf8mb4', 'COLLATION': 'utf8mb4_unicode_ci', 'NAME': None, 'MIRROR': None}, 'ATOMIC_REQUESTS': False, 'AUTOCOMMIT': True, 'CONN_MAX_AGE': 0, 'TIME_ZONE': None}
the env vars are set correctly in the container, this works:
>> import _mysql
>> import os
>> conn = _mysql.connect(db=os.getenv('DB_NAME'), user=os.getenv('DB_USER'), passwd=os.getenv('DB_PASS'), host=os.getenv('DB_HOST'))
django db settings:
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': os.getenv('DB_NAME'),
'USER': os.getenv('DB_USER'),
'PASSWORD': os.getenv('DB_PASS'),
'HOST': os.getenv('DB_HOST'),
'PORT': os.getenv('DB_PORT'),
'OPTIONS': {
# Tell MySQLdb to connect with 'utf8mb4' character set
'charset': 'utf8mb4',
},
'TEST': {
'CHARSET': 'utf8mb4',
'COLLATION': 'utf8mb4_unicode_ci',
}
}
}
deployment.yaml:
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
name: aesh-web
labels:
app: aesh-web
spec:
replicas: 1
template:
metadata:
labels:
app: aesh-web
spec:
containers:
- name: aesh-web
image: gcr.io/[my-project]/aesh_web:1.0.0
ports:
- containerPort: 8000
env:
- name: LOAD_BALANCER_IP
value: [service ip]
- name: DB_HOST
value: 127.0.0.1
- name: DB_PORT
value: "3306"
- name: DB_NAME
value: aesh_db
- name: DB_USER
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: username
- name: DB_PASS
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: password
- name: cloudsql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.11
command: ["/cloud_sql_proxy",
"-instances=[instance-connection-name]:aesh-web-db=tcp:3306",
"-credential_file=/secrets/cloudsql/credentials.json"]
volumeMounts:
- name: cloudsql-instance-credentials
mountPath: /secrets/cloudsql
readOnly: true
volumes:
- name: cloudsql-instance-credentials
secret:
secretName: cloudsql-instance-credentials
解决方案
谜团解决了,部署所基于的 docker 映像有一个启动 web 服务器的入口点脚本,deployment.yaml 中指定的 env 变量是在入口点脚本启动后设置的,所以 django 不知道它们。
推荐阅读
- scala - 有没有办法告诉 scala 编译器不要进行尾调用优化?
- angular - Angular DataTable:如何仅选择当前页面记录
- xml - XSL 基于所选选项的不同颜色
- android - 从最大值到最小值的 Android 材质滑块
- python - Python Popen() 阻塞
- python-3.x - 我无法导入函数
- reactjs - 有条件地添加需要数组的属性
- groovy - 关于在 Groovy 中省略 'return' 关键字以返回闭包块的不一致
- java - 将文本文件从文件夹移动到 Java 中的另一个文件夹
- kotlin - 从我的 recyclerView 中删除最后一项不起作用?