Here is my docker image
FROM mcr.microsoft.com/dotnet/core/aspnet:2.2-alpine3.8 AS base WORKDIR /app EXPOSE 80 EXPOSE 443 COPY ./xyz/publish . ENV ASPNETCORE_URLS=https://+:443;http://+80 ENTRYPOINT ["dotnet","abc/xyz.dll"]
Here is my Deployment.yaml file
apiVersion: apps/v1 kind: Deployment metadata: name: xyzdemo namespace: default spec: replicas: 1 selector: matchLabels: papi: web template: metadata: labels: papi: web spec: containers: - name: xyzdemo-site image: xyz.azurecr.io/abc:31018 ports: - containerPort: 443 imagePullSecrets: - name: secret --- apiVersion: v1 kind: Service metadata: name: xyzdemo-entrypoint namespace: default spec: type: LoadBalancer selector: papi: web ports: - port: 44328 targetPort: 443
Here is my appsettings file
"Server": "xyz.database.windows.net", "Database": "pp", "User": "ita", "Password": "password",
using all these i deployed the application in to the k8s cluster and am able to open the application from the browser, however when i try to get the info from the database, application is getting the network related error after a while.
System.Data.SqlClient.SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server
I tried going inside to POD and did the ls command, i can see my application setting file as well as when Cat the application settings, i can see the correct credentials and i dont know what to do and not sure why is not able to connect to the database.
So finally i tried adding the sql connections as the env variables to the pod , then it started working. when i remove those its not connecting.
Now i removed the env variables which has the sql connections then did the log on the pod.
it says can't connect to the database: 'Empty' and server: 'Empty' not sure why is it taking the empty when it has the details inside the
Well, I do not see what is the config for your k8's application to connect to database. Importantly, where is your database hosted? How can
papi:web connect to database?
I also suspect your service is not having appropriate port re-direction. From your
https port of 443 is internally mapped to 44328. What is 44328? What is listening on that port? Your application seems to have no mention of 44328. (Refer Dockerfile)
I would improvise your
service.yaml to look something like this:
apiVersion: v1 kind: Service metadata: name: xyzdemo-entrypoint namespace: default //This is inferred anyways spec: selector: papi: web ports: - name: http protocol: TCP port: 80 targetPort: xxxx //Where your web-server is listening. (From your dockerfile, this is also 80 but it can be any valid TCP port) - name: https protocol: TCP port: 443 targetPort: xxxx //https for your web-server. (From your dockerfile, this is also 443. Again, can be any TCP port)
Opening up database server to internet is not a good practise. It's a big security threat. Good pattern is to facilitate your web-server communicate to database-server via internal dns that k8's maintain (This is assuming your database server is also a container - something like kubedb. If not, you're database server will have to be available via some sort of proxy that whitelists known hosts and only allows known hosts. eg - cloudsql proxy in GCP).
Depending on how your database server is hosted, you'll have to configure your db config to allow or whitelist your containerised application (The IP you get after applying
service.yaml) Only then will your k8's app be able to talk/achieve connectivity to respective db.
I suspect you need to Allow connections on the Azure SQL firewall for this to work. Using the portal would be the easiest way. You can just
allow all or
allow Azure services for starters (assuming your Kubernetes is inside Azure). And narrow it down later (if this is the culprit).
User contributions licensed under CC BY-SA 3.0