Google Kubernetes Engine (GKE) and Google Cloud SQL are two powerful tools provided by Google Cloud Platform. GKE is a fully managed Kubernetes service while Google Cloud SQL is a fully managed relational database service. In this article, we will discuss how to connect an app running in GKE to Google Cloud SQL.
To connect an application running in Google Kubernetes Engine (GKE) to a MySQL-managed service, such as Google Cloud SQL, you can follow these general steps:
In this architecture, the application runs in a container inside a pod in a GKE cluster. The pod also includes a sidecar container that runs the Cloud SQL Proxy. The Cloud SQL Proxy sidecar container establishes a secure connection to the Cloud SQL instance and provides access to the database for the application container.
The Cloud SQL instance is a managed service provided by Google Cloud that runs MySQL. The Cloud SQL Proxy sidecar container handles the authentication and encryption between the application container and the Cloud SQL instance.
The GKE cluster is a managed Kubernetes service provided by Google Cloud. The GKE cluster provides a platform for deploying, managing, and scaling containerized applications. The GKE cluster is configured with network access to the Cloud SQL instance so that the Cloud SQL Proxy sidecar container can connect to the database.
- Create a Cloud SQL instance. This can be done via the Cloud Console or the Cloud SDK command line tools. Make sure to configure the instance with the appropriate settings, such as the database version, region, and authorized networks.
- Create a Kubernetes secret that includes the Cloud SQL instance connection information, such as the username and password. This can be done via the Kubernetes command line tool
kubectlor via a YAML configuration file. - Update your application deployment configuration to include the Cloud SQL connection information. This typically involves adding environment variables or configuration files that specify the Cloud SQL instance connection information.
- Use the Cloud SQL Proxy sidecar container to establish a secure connection between your application running in GKE and the Cloud SQL instance. The Cloud SQL Proxy sidecar container will handle authentication and encryption between your application and the Cloud SQL instance.
Here is an example YAML configuration file for a Kubernetes deployment that connects to a Cloud SQL instance using the Cloud SQL Proxy sidecar container:
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
spec:
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: myapp
image: myapp:latest
env:
- name: DB_HOST
value: "/cloudsql/myproject:us-central1:myinstance"
- name: DB_USER
valueFrom:
secretKeyRef:
name: cloudsql-credentials
key: username
- name: DB_PASSWORD
valueFrom:
secretKeyRef:
name: cloudsql-credentials
key: password
ports:
- containerPort: 8080
- name: cloudsql-proxy
image: gcr.io/cloudsql-docker/gce-proxy:1.17
command: ["/cloud_sql_proxy",
"-instances=myproject:us-central1:myinstance=tcp:3306",
"-credential_file=/secrets/cloudsql/credentials.json"]
volumeMounts:
- name: cloudsql-credentials
mountPath: /secrets/cloudsql
readOnly: true
volumes:
- name: cloudsql-credentials
secret:
secretName: cloudsql-credentialsIn this example, the Cloud SQL instance connection information is specified in the DB_HOST environment variable. The DB_USER and DB_PASSWORD environment variables are populated from a Kubernetes secret named cloudsql-credentials. The Cloud SQL Proxy sidecar container is configured to connect to the Cloud SQL instance and listen on port 3306.
Note that you will need to configure the Cloud SQL instance to allow connections from the GKE cluster’s authorized networks. You can do this via the Cloud Console or the Cloud SDK command line tools.
After completing the above steps, you should be able to connect your app running in GKE to Google Cloud SQL. To test the connection, you can use a tool like the MySQL command-line client or pgAdmin. Connect to the database using the IP address and port of the Google Cloud SQL instance, along with the username and password.
Conclusion
Connecting an app running in GKE to Google Cloud SQL is a straightforward process. This integration between GKE and Google Cloud SQL provides a powerful combination of tools for building and deploying scalable applications.
