I have been following this guide - Connecting from Kubernetes Engine
And having an errors after all:
$ kubectl describe pod | grep Warning
Warning FailedMount 4m (x15 over 19m) kubelet, gke-bar-dev-default-pool-a6045c50-dg5z MountVolume.SetUp failed for volume "cloudsql-instance-credentials" : secrets "cloudsql-instance-credentials" not found
Warning FailedMount 3m (x7 over 17m) kubelet, gke-bar-dev-default-pool-a6045c50-dg5z Unable to mount volumes for pod "bar-dev-556d7c4f6f-5c2nx_default(9a06b84a-7dcb-11e8-bca8-42010a8e0060)": timeout expired waiting for volumes to attach/mount for pod "default"/"bar-dev-556d7c4f6f-5c2nx". list of unattached/unmounted volumes=[cloudsql-instance-credentials]
Warning Failed 2m kubelet, gke-bar-dev-default-pool-a6045c50-dg5z Error: secrets "cloudsql-db-credentials" not found
My deployment.yaml file:
apiVersion: apps/v1beta2
kind: Deployment
metadata:
name: bar-dev
labels:
app: bar-dev
spec:
replicas: 1
selector:
matchLabels:
app: bar-dev
template:
metadata:
labels:
app: bar-dev
spec:
containers:
- name: nginx
image: gcr.io/foo/bar-dev-nginx:v9
ports:
- containerPort: 80
readinessProbe:
httpGet:
path: /health-check
port: 80
initialDelaySeconds: 10
periodSeconds: 60
env:
- name: POSTGRES_DB_HOST
value: 127.0.0.1:5432
# [START cloudsql_secrets]
- name: POSTGRES_DB_USER
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: username
- name: POSTGRES_DB_PASSWORD
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: password
# [END cloudsql_secrets]
- name: php-fpm
image: gcr.io/foo/bar-dev-php-fpm:v9
ports:
- containerPort: 9000
env:
- name: POSTGRES_DB_HOST
value: 127.0.0.1:5432
# [START cloudsql_secrets]
- name: POSTGRES_DB_USER
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: username
- name: POSTGRES_DB_PASSWORD
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: password
# [END cloudsql_secrets]
# [START proxy_container]
- name: cloudsql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.11
command: ["/cloud_sql_proxy",
"-instances=foo:us-east1:bar-dev=tcp:5432",
"-credential_file=/secrets/cloudsql/credentials.json"]
volumeMounts:
- name: cloudsql-instance-credentials
mountPath: /secrets/cloudsql
readOnly: true
# [END proxy_container]
volumes:
- name: cloudsql-instance-credentials
secret:
secretName: cloudsql-instance-credentials
What is causing this issue and how to resolve it?
- name: POSTGRES_DB_PASSWORD
valueFrom:
secretKeyRef:
name: cloudsql-db-credentials
key: password
Here, you set the environment variable from secrets. According to the error:
Warning Failed 2m kubelet, gke-bar-dev-default-pool-a6045c50-dg5z Error: secrets "cloudsql-db-credentials" not found
So, you have to create a secret first.
For this you need to run:
kubectl create secret generic cloudsql-db-credentials \
--from-literal=username=proxyuser --from-literal=password=[PASSWORD]