BAD_GATEWAY when connecting Google Cloud Endpoints to Cloud SQL

0
votes

I am trying to connect from GCP endpoints to a Cloud SQL (PostgreSQL) database in a different project. My endpoints backend is an app engine in the flexible environment using Python.

The endpoints API works fine for non-db requests and for db requests when run locally. But the deployed API produces this result when requiring DB access:

{
 "code": 13,
 "message": "BAD_GATEWAY",
 "details": [
  {
   "@type": "type.googleapis.com/google.rpc.DebugInfo",
   "stackEntries": [],
   "detail": "application"
  }
 ]
}

I've followed this link (https://cloud.google.com/endpoints/docs/openapi/get-started-app-engine) to create the endpoints project, and this (https://cloud.google.com/appengine/docs/flexible/python/using-cloud-sql-postgres) to link to Cloud SQL from a different project.

The one difference is that I don't use the SQLALCHEMY_DATABASE_URI env variable to connect, but take the connection string from a config file to use with psycopg2 SQL strings. This code works on CE servers in the same project.

Also double checked that the project with the PostgreSQL db was given Cloud SQL Editor access to the service account of the Endpoints project. And, the db connection string works fine if the app engine is in the same project as the Cloud SQL db (not coming from endpoints project).

Not sure what else to try. How can I get more details on the BAD_GATEWAY? That's all that's in the endpoints logfile and there's nothing in the Cloud SQL logfile.

Many thanks -- Dan

Here's my app.yaml:

runtime: python
env: flex
entrypoint: gunicorn -b :$PORT main:app

runtime_config:
  python_version: 3

env_variables:
    SQLALCHEMY_DATABASE_URI: >-
      postgresql+psycopg2://postgres:password@/postgres?host=/cloudsql/cloudsql-project-id:us-east1:instance-id

beta_settings:
    cloud_sql_instances: cloudsql-project-id:us-east1:instance-id

endpoints_api_service:
  name: api-project-id.appspot.com
  rollout_strategy: managed

And requirements.txt:

Flask==0.12.2
Flask-SQLAlchemy==2.3.2
flask-cors==3.0.3
gunicorn==19.7.1
six==1.11.0
pyyaml==3.12
requests==2.18.4
google-auth==1.4.1
google-auth-oauthlib==0.2.0
psycopg2==2.7.4
1
google-cloud-endpointsapp-engine-flexible
I should have added that the API works fine when not going to the database. So, for example, the ECHO in the tutorial works. - Dan Cogswell
I am with GCP support. We have tried to reproduce your issue in a couple of ways and we have identified some lacks in documentation, but we have not been able to reproduce it. Could you open a support case to have a deeper look into it? We will have more tools to help you. Mention this post when you will open the case. - Rubén C.

1 Answers

0
votes

(This should be a comment but formatting really worsen the reading, I will update on here)

I am trying to reproduce your error and I come up with some questions:

  1. How are you handling the environment variables in the tutorials? Have you hard-coded them or are you using environment variables? They are reset with the Cloud Shell (if you are using Cloud Shell).
  2. This is not clear for me: do you see any kind of log file in CloudSQL (without errors) or you don't see even logs?
  3. CloudSQL, app.yaml and requirements.txt configurations are related. Could you provide more information on this? If you update the post, be careful and do not post username, passwords or other sensitive information.
  4. Are both projects in the same region/zone? Sometimes this is a requisite, but I don't see anything pointing this in the documentation.

My intuition points to a credentials issue, but it would be useful if you add more information to the post to better understand where the issue cames from.