K
Q

pubsub.NewClient method stuck on GKE golang

10/7/2017

I am developing a golang app that uses Google Pub/Sub client library. I am using Google container engine for deployment. I followed the following steps for deployment -

  1. Build golang binary using CGO_ENABLED=0 GOOS=linux go build -o bin/app app.go
  2. Build a docker image using dockerfile shown below.
  3. Create kubernetes deployment.

Dockerfile -

FROM scratch 
ADD bin/app /
CMD ["/app"]

The app starts fine and I can see some initial debug logs. However, when I try to instantiate a pub/sub client using client, err := pubsub.NewClient(ctx, projectId), the method call never returns. I do not see the log message printed right after this statement.

I have "Cloud Pub/Sub" permission enabled on my GKE cluster. Also, the app runs without any issues on my local machine.

What might be the issue?

-- Kakaji
go
google-cloud-platform
google-cloud-pubsub
google-kubernetes-engine

Similar Questions

Kubernetes minikube, cannot expose service on public ip range
How to config simple login/pass authentication for kubernetes desktop UI
Exec into Pods/containers in kubernetes/Docker, created from images that does not contain bash pre-installed
Kubectl connecting to Azure ACS cluster

1 Answer

10/7/2017

Okay so I finally found the problem and its solution. My image does not contain any SSL certificates which are required for the pub/sub client (and many other libraries of course) to communicate.

Adding my local machine's /etc/ssl/certs/ca-certificates.crt file to the docker image's /etc/ssl/certs/ location solved the problem.

This awesome post at codeship is where I learned this solution.

-- Kakaji
Source: StackOverflow