Connect to Cloud SQL from GKE clusters in different VPC Networks using Private IP

0
votes

I have 2 separate GKE VPC-native clusters (gke1, gke2) and a Compute Engine instance (ce1), each in a separate VPC network. I would like to set up a Cloud SQL (Postgres) that can be connected from both GKE clusters (gke1, gke2) and the Compute Engine instance (ce1).

Is this possible without using the Public IP setup for Cloud SQL, perhaps using VPC Network Peering or another solution, if so how to setup such configuration?

I have done some research and I'm well aware that the documentation says the following

GKE cluster must be VPC-native and in the same VPC network as the Cloud SQL instance

But I wonder whether it could be possible using VPC Network Peering or another approach

I have found some other related questions here on SO, some are not specific for GKE and some are from a few years back so I'm not sure whether it's still valid.

Related questions I have found:

1
networkinggoogle-cloud-platformgoogle-kubernetes-enginegoogle-cloud-sqlgoogle-vpc
You should always follow the documentation. Why are you looking for any workarounds? - Serhii Rohoza
Because my infrastructure is set up as described. I have a requirement and I'm looking for possible solutions. I just suspected the documentation described a limitation based on the approach suggested, but there might be other alternatives. - thammada.ts

1 Answers

2
votes

In short, GKE or Compute Engine is the same thing: at the end, you always have stuff (compute engine, Cloud SQL instance or Pods) with a private IP on your VPC!

Look at my answer here

One workaround is to use shared VPC. The other solution that I have read, but never tested, is to create a VPN between the VPC. The VPN isn't considered as a network peering and you don't break the transitivity rule.