We want to move our AWS RDS database to GCP CloudSQL. We want to do this without downtime. So our approach was to set up a HA VPN tunnel and use Data Migration Service to sync everything to CloudSQL.
The RDS database is in a private subnet on the AWS side. I've successfully set up a HA VPN tunnel between this AWS private subnet and a private subnet in our GCP project.
I'm able to verify that this works because I can do the following things:
- ping from an instance in GCP in the private subnet to an instance in AWS in that private subnet
- ping from an instance in AWS in the private subnet to the instance in GCP
- After installing MySQL on the GCP instance, I'm able to connect and query the RDS database
I'm struggling with setting up the Data Migration Service in GCP to sync the data from the RDS instance. I've chosen the CloudSQL instance to have a Private IP, not a public one. As connectivity method, I select VPC peering and select the VPC in which the GCP instance from which I'm able to contact the RDS instance resides.
I understand that CloudSQL is created in a project peered to my GCP project, and the CloudSQL instance resides in a subnet in this new project. So there is no route from this subnet to my private subnet. However, I see that it is peered automatically. In this peering connection, I checked the option to import and export custom routes, but still, I cannot reach the RDS from the CloudSQL instance. I've got routes in GCP for the private subnet IP range of AWS, with the next hop the VPN tunnels.
I'm not sure what I need to do to connect CloudSQL to RDS on this point.
