Connecting a Google Cloud App Engine app to its Cloud SQL Instance-allowing database access

3
votes

I have a Google Cloud project with an app and a Cloud SQL Instance. SQL requests from the app time out. Private IP connectivity is enabled. If I explicitly add the app instances' IPs to the SQL Instance's public authorized networks, it works. This is obviously a bad solution since these IPs change on every deployment. How do I permanently grant access to the app?

1
google-app-enginegoogle-cloud-platformgoogle-cloud-sql
Are you using Flexible or Standard environment? Did you try to follow this documentation? - Joan Grau Noël
I am using Flexible environment. I did follow the documentation, as well as this answer: stackoverflow.com/questions/54180722/… This worked for another, very similar project, but not for this. - Boris K
Are you trying to connect to a Cloud SQL instance located in another project? - Joan Grau Noël
No, same project. - Boris K
In the answer that you linked, there is this line if (process.env.INSTANCE_CONNECTION_NAME && process.env.NODE_ENV === 'production') {. Can you try to remove this condition, and in the config dictionary, directly add socketPath:``/cloudsql/${process.env.INSTANCE_CONNECTION_NAME}``; (there is an extra ` in this last line due formatting, you should remove it) - Joan Grau Noël

1 Answers

3
votes

Private IP's are only accessible by other services on the same Virtual Private Cloud (VPC). App Engine apps don't currently have access to VPC networks.

Edit: App Engine has recently released Serverless VPC Access, meaning that the can now be configured to connect via Private IP.

App Engine Standard does provide a unix domain socket to interface with Cloud SQL instances. Just tell your app to use the socket at /cloudsql/<INSTANCE_CONNECTION_NAME>; (with your instance's connection name), and it should be able to connect. If you are using a cross product or cross regional setup, there are more instructions here.