1
votes

I have 2 google cloud services:

  1. Google Cloud Run Service (Node Js / Strapi)
  2. Google Cloud SQL Service (Mysql)

I have added the Cloud SQL connection to the Google Cloud Run Service from the UI, and have a public IP for the Google Cloud SQL Service. On top of that I have added the Run Service IP to the Authorised networks of SQL Service.

If I try and connect from another server (external from Google cloud) I can easily connect to the Google Cloud SQL Service and execute queries. But if I try and connect from inside the GCloud Run Service with exactly the same settings (Ip, database_name, etc) my connection hangs and I get a timeout error in the logs...

How to properly allow Gcloud SQL to accept connections from GCloud RUN?

I looked for other answers in here, but they all look very old (around 2015 )

1

1 Answers

5
votes

You can use 3 modes to access to your database

  • Use the built-in feature. In this case, you don't need to specify the IP address, it's a linux socket that is open to communicate with the database as described in the documentation
  • Use Cloud SQL private IP. This time, no need to configure a connection in the Cloud Run service, you won't use it because you will use the IP, not the linux socket. This solution required 2 things
    • Firstly attach your database to your VPC and give it a private IP
    • Then, you need to route the private IP traffic of Cloud Run through your VPC. For this you have to create, and then to attach to the Cloud RUn service, a serverless VPC Connector
  • Use CLoud SQL public IP. This time again, no need to configure a connection in the Cloud Run service, you won't use it because you will use the IP, not the linux socket. To achieve this, you need more steps (and it's less secure)

In your case, you have whitelisted the Cloud Run IP, but it's a shared IP (other service can use the same!! Be careful) and it's not always the same, there is a pool of IP addresses used by Google cloud.