无法连接 GCP 云 SQL 私有实例

Question

We have create private cloud instance but I am unable to connect to it using MYSQL workbench, php or a ODBC client.

From the same compute instance I can connect using mysql -h IP -u user -p *****. With GCP services I usually find gotcha in some document and I have tried digging everything possible. Here below error from a ODBC client:

BIP2393E: Database error: ODBC return code '-1' from data source ''DEVA'' using ODBC driver manager ''/opt/iib-10.0.0.20/ie02/lib/libodbcinterface.so''. The integration node received an error when processing a database operation. The ODBC return code was '-1'. See the following messages for information obtained from the database about this error. Use the following messages to determine the cause of the error. Typical problems are an incorrect data source, or table names. Correct either the database or the integration node configuration. Use the mqsicvp command to test connectivity to this database. BIP2322E: Database error: SQL State ''HY000''; Native Error Code '2003'; Error Text ''[unixODBC][MySQL][ODBC 5.3(a) Driver]Can't connect to MySQL server on '1x.1x.1x.1x' (110)''. The error has the following diagnostic information: SQL State ''HY000'' SQL Native Error Code '2003' SQL Error Text ''[unixODBC][MySQL][ODBC 5.3(a) Driver]Can't connect to MySQL server on 'xxxx' (110)'' This message may be accompanied by other messages describing the effect on the integration node itself. Use the reason identified in this message with the accompanying messages to determine the cause of the error. Use the mqsicvp command to test connectivity to this database.

If I try and use a local proxy I get below:

BIP8299I: User 'user' from security resource name 'BIGDEVA' will be used for the connection to datasource 'DEVA'. BIP8290I: Verification passed for the ODBC environment. 2020/07/16 20:29:41 New connection for "sql-instance" 2020/07/16 20:31:49 couldn't connect to "sql-instance": dial tcp xxxx:3307: connect: connection timed out BIP2393E: Database error: ODBC return code '-1' from data source ''DEVA'' using ODBC driver manager ''/opt/iib-10.0.0.20/ie02/lib/libodbcinterface.so''. The integration node received an error when processing a database operation. The ODBC return code was '-1'. See the following messages for information obtained from the database about this error. Use the following messages to determine the cause of the error. Typical problems are an incorrect data source, or table names. Correct either the database or the integration node configuration. Use the mqsicvp command to test connectivity to this database. BIP2322E: Database error: SQL State ''08S01''; Native Error Code '2013'; Error Text ''[unixODBC][MySQL][ODBC 5.3(a) Driver]Lost connection to MySQL server at 'reading initial communication packet', system error: 0''. The error has the following diagnostic information: SQL State ''08S01'' SQL Native Error Code '2013' SQL Error Text ''[unixODBC][MySQL][ODBC 5.3(a) Driver]Lost connection to MySQL server at 'reading initial communication packet', system error: 0'' This message may be accompanied by other messages describing the effect on the integration node itself. Use the reason identified in this message with the accompanying messages to determine the cause of the error. Use the mqsicvp command to test connectivity to this database.

Answer 1

Private cloud instance I meant that the network it sits in has no internet access, I guess it was not needed. Subnet A holds the client VM and Subnet B holds the DB instance and they have SA account based firewall rules. Though we found the issue as the firewall was open on service accounts on the VM so using a mysql client was working but apparently GKE POD subnet need it's own firewall rules and it doesn't inherit VM SA account/tag rules whereas a standalone docker container on it's own does.