I'm new to cloud development and am having issues figuring out the best approach for tying App Engine, GCE, and Cloud SQL together.
I have an App Engine application running Django which serves as a user interface for processes happening on GCE instances. The user requests for a task to be started, a GCE instanced is spun up with a RESTful API running on port 80, and the App Engine sends a REST request to the newly spun up GCE instance to start the particular task.
As I have it now, the App Engine instance is storing task information in a Cloud SQL instance. My desire is to have the GCE instances communicate directly with the Cloud SQL instance so that they can update the database and provide a window into the status of tasks for App Engine (by updating database rows).
The problem I'm running into is that as far as I can see the documentation only specifies one way to connect to the SQL instance and that's through giving network access to the IP address of the GCE instance. This is undesirable because I will be spinning up and destroying GCE instances quite frequently and the IP address is subject to change several times.
That being said, I have two questions:
1) Is there a way to avoid the above issue of individually authenticating each GCE instance, and if not what is the best way to approach identifying each GCE instance?
2) Am I going about this the right way? As I said, I'm new to cloud development and am completely guessing here as to how these different services should interact.
