douyou8047 2018-08-02 08:13
浏览 54

无法让Google Auth在docker内部工作以发布到pubsub

I'm trying to get my small go app (pub/sub) to work inside of docker so I an put it in GKE but I can't get the auth to work for some reason.

 docker run --rm -it gcr.io/snappy-premise-118915/sensorgen:v1
{"pressure":24.10712641247902,"temperature":70.24302653595491,"dewpoint":41.3666446148299,"timecollected":"","latitude":-121.47104803040895,"longitude":0.007102469057958554,"humidity":19.463373213885937,"sensorId":"","zipcode":0}
2018/08/02 07:37:14 Failed to publish: context deadline exceeded

I'm creating the dockerfile like this:

FROM golang:1.8-alpine
COPY ./ /src
ENV LATITUDE = "-121.464"
ENV LONGITUDE = "36.9397"
ENV SENSORID = "sensor1234"
ENV ZIPCODE = "95023"
ENV INTERVAL = "3"
ENV GOOGLE_CLOUD_PROJECT = "snappy-premise-118915"
RUN apk add --no-cache git && \
    cd /src && \
    go get -t -v cloud.google.com/go/pubsub && \
    CGO_ENABLED=0 GOOS=linux go build main.go

# final stage
FROM alpine
ENV LATITUDE "-121.464"
ENV LONGITUDE "36.9397"
ENV SENSORID "sensor1234"
ENV ZIPCODE "95023"
ENV INTERVAL "3"
ENV GOOGLE_CLOUD_PROJECT "snappy-premise-118915"
ENV GOOGLE_APPLICATION_CREDENTIALS "/app/key.json"
WORKDIR /app
COPY --from=0 /src/main /app/
COPY --from=0 /src/key.json /app/
ENTRYPOINT /app/main

The app does start as I get the data output but when it tries to publish to pubsub, it seem to hand and then throw this error: 2018/08/02 07:37:14 Failed to publish: context deadline exceeded

------- UPDATE ----------

I changed my Dockerfile to add in x509 certs but still having a cert issue it seems like:

{"pressure":24.13764705280961,"temperature":70.30698990487159,"dewpoint":40.44394673486464,"timecollected":"","latitude":-121.47166212174045,"longitude":0.005826195394839833,"humidity":19.821878333280246,"sensorId":"","zipcode":0}
INFO: 2018/08/02 13:58:09 ccResolverWrapper: sending new addresses to cc: [{pubsub.googleapis.com:443 0  <nil>}]
INFO: 2018/08/02 13:58:09 balancerWrapper: got update addr from Notify: [{pubsub.googleapis.com:443 0} {pubsub.googleapis.com:443 1} {pubsub.googleapis.com:443 2} {pubsub.googleapis.com:443 3}]
WARNING: 2018/08/02 13:58:09 grpc: addrConn.createTransport failed to connect to {pubsub.googleapis.com:443 0  3}. Err :connection error: desc = "transport: authentication handshake failed: x509: failed to load system roots and no roots provided". Reconnecting...

Docker file:

FROM golang:1.8-alpine
COPY ./ /src
ENV LATITUDE = "-121.464"
ENV LONGITUDE = "36.9397"
ENV SENSORID = "sensor1234"
ENV ZIPCODE = "95023"
ENV INTERVAL = "3"
ENV GOOGLE_CLOUD_PROJECT = "snappy-premise-118915"
RUN apk add --no-cache git && \
    apk --no-cache --update add ca-certificates && \
    cd /src && \
    go get -t -v cloud.google.com/go/pubsub && \
    CGO_ENABLED=0 GOOS=linux go build main.go

# final stage
FROM alpine
ENV LATITUDE "-121.464"
ENV LONGITUDE "36.9397"
ENV SENSORID "sensor1234"
ENV ZIPCODE "95023"
ENV INTERVAL "3"
ENV GOOGLE_CLOUD_PROJECT "snappy-premise-118915"
ENV GOOGLE_APPLICATION_CREDENTIALS "/app/key.json"
ENV GRPC_GO_LOG_SEVERITY_LEVEL "INFO"
WORKDIR /app
COPY --from=0 /src/main /app/
COPY --from=0 /src/key.json /app/
ENTRYPOINT /app/main
EXPOSE 8080

--------- UPDATE ---------------

changed my docker file on images but still no go:

2018/08/02 14:10:40 Could not create pubsub Client: pubsub: google: error getting credentials using GOOGLE_APPLICATION_CREDENTIALS environment variable: open /key.json: no such file or directory

dockerfile

FROM golang:1.8 as build-env

WORKDIR /go/src/app
ADD . /go/src/app
COPY key.json /

RUN go-wrapper download   # "go get -d -v ./..."
RUN go-wrapper install

# final stage
FROM gcr.io/distroless/base
ENV LATITUDE "-121.464"
ENV LONGITUDE "36.9397"
ENV SENSORID "sensor1234"
ENV ZIPCODE "95023"
ENV INTERVAL "3"
ENV GOOGLE_CLOUD_PROJECT "snappy-premise-118915"
ENV GOOGLE_APPLICATION_CREDENTIALS "/key.json"
ENV GRPC_GO_LOG_SEVERITY_LEVEL "INFO"
COPY --from=build-env /go/bin/app /
CMD ["/app"]
  • 写回答

1条回答 默认 最新

  • douzhi8488 2018-11-28 18:57
    关注

    It looks like you are using a multistage build (https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds).

    In the original build, you add some files. However, when you proceed to the next stage, you need to copy them over. So, you could do this with COPY --from=0 statements, or you could simply move the ADD and COPY statements down to the final stage.

    评论

报告相同问题?

悬赏问题

  • ¥35 平滑拟合曲线该如何生成
  • ¥100 c语言,请帮蒟蒻写一个题的范例作参考
  • ¥15 名为“Product”的列已属于此 DataTable
  • ¥15 安卓adb backup备份应用数据失败
  • ¥15 eclipse运行项目时遇到的问题
  • ¥15 关于#c##的问题:最近需要用CAT工具Trados进行一些开发
  • ¥15 南大pa1 小游戏没有界面,并且报了如下错误,尝试过换显卡驱动,但是好像不行
  • ¥15 自己瞎改改,结果现在又运行不了了
  • ¥15 链式存储应该如何解决
  • ¥15 没有证书,nginx怎么反向代理到只能接受https的公网网站