Connection between Private GKE and Cloud SQL

2
votes

I have a Private GKE Cluster with a public master endpoint, which has jobs that needs access Cloud SQL. I have a cloud SQL proxy DaemonSet receiving on 3307, which connects to actual DB on 3306.

My network doesn't have outbound internet, neither any firewalls rules added. I get below error on my cloud SQL proxy. Any help on resolving this or guide on how to establish a connection between private GKE and Cloud SQL ?

couldn't connect to "dbinstance": dial tcp publicip:3307: getsockopt: connection timed out

1
google-cloud-platformgoogle-cloud-sqlgoogle-kubernetes-enginecloud-sql-proxykubernetes-cluster
Have you followed the Google Kubernetes Cloud SQL documentation? cloud.google.com/sql/docs/mysql/connect-kubernetes-engineJohn Hanley
Yes, the approach followed is using Cloud Proxy Docker Imageprabhu34
Please follow this group post that recommends setting up NAT gateway(s) to achieve your design.mehdi sharifi

1 Answers

3
votes

The cloud SQL proxy uses database public IP to connect and as your cluster is private with no internet access from nodes I believe it is impossible to reach it like that. You could try using private IP for your SQL instance:

https://cloud.google.com/sql/docs/mysql/private-ip

or conifguring the NAT gateway for your cluster:

https://cloud.google.com/solutions/using-a-nat-gateway-with-kubernetes-engine