4

I'm having two Projects in GCP with Cloud SQL & GKE

Project A
  -> Cloud SQL
Project B
  -> GKE Cluster

Now I want to access Cloud SQL from GKE Cluster for which I have two options.

 1. IPv4 address to connect
 2. Clous SQL Proxy as sidecar

But the problem is both of them connects via Public IP. And I'm worried about latency so I was thinking can we access via VPC ? or some kind of internal network ? so the read/write will be more faster.

Siva
  • 7,780
  • 6
  • 47
  • 54
  • There's probably only two hops between your gke pod and Google Cloud SQL if they are both in the same availability zone. E.g. us-east-1b I tested this assumption with mtr and could confirm that. Ended up manually whitelisting the k8s nodes' public IPs to connect to the DB. Using the proxy gets slow and start failing under "heavy" load. I hope this helps – Humber Aug 18 '18 at 14:30

2 Answers2

5

Cloud SQL now supports private connections: https://cloud.google.com/sql/docs/mysql/private-ip

Brett H.
  • 196
  • 1
  • 2
1

Unfortunately not, the Cloud SQL is not accessed via internal, only through external IP or the Cloud SQL proxy. For GKE, using Cloud SQL Proxy as a sidecar container.

Patrick W
  • 4,603
  • 1
  • 12
  • 26
  • I tried this approach but it wasn't great. The sidecar stopped faster than the main app leading to the app getting DB disconnections. Had to put some effort in letting k8s know soon that the pod is not ready anymore (livenessProve). There's another alternative. You can use a helm chart and install the proxy outside the pod: https://github.com/helm/charts/tree/master/stable/gcloud-sqlproxy Works well but I have to say that I ended up connecting directly to the cloud sql. Is more performant out-of-the-box. – Humber Aug 18 '18 at 14:35