[英]How to port forward/proxy Cloud SQL connection to access from the internet?
Is there a way to proxy/ port forward GCP Cloud SQL so that we can connect to it via the internet?有没有办法代理/端口转发 GCP Cloud SQL 以便我们可以通过互联网连接到它?
I don't want to do an SSH port forward via a Virtual Machine.我不想通过虚拟机转发 SSH 端口。 Instead, I'm looking for a way such that we could connect to CloudSQL from a public IP of either a Virtual Machine or a Kubernetes service.
相反,我正在寻找一种方法,以便我们可以从虚拟机的公共 IP 或 Kubernetes 服务连接到 CloudSQL。
I don't want to connect directly from the public IP of the CloudSQL instance as it requires us to whitelist the user's IP address.我不想直接从 CloudSQL 实例的公共 IP 连接,因为它要求我们将用户的 IP 地址列入白名单。 We have also tried the Cloud SQL proxy but faced speed and performance issues.
我们还尝试了 Cloud SQL 代理,但面临速度和性能问题。
Hence, now I'm looking for a solution to proxy the CloudSQL connection from a VM or Kubernetes service因此,现在我正在寻找一种解决方案来代理来自 VM 或 Kubernetes 服务的 CloudSQL 连接
I have tried using Stunnel to proxy the connection as described in this documentation .我已尝试使用 Stunnel 来代理本文档中描述的连接。
output=/tmp/stunnel.log
CAfile=/tmp/mysql-server-ca.pem
client=yes
pid=/var/run/stunnel.pid
verifyChain=yes
sslVersion=TLSv1.2
[mysqls]
accept=0.0.0.0:3307
connect=private-ip:3306
But, I get an error while connecting to the MySQL server: ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 104
但是,在连接到 MySQL 服务器时出现错误:
ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 104
Edit:编辑:
Stunnel Logs:隧道日志:
2022.09.22 10:53:17 LOG5[2]: Service [mysqls] accepted connection from 127.0.0.1:37014
2022.09.22 10:53:17 LOG5[2]: s_connect: connected <mysql-private-ip>:3306
2022.09.22 10:53:17 LOG5[2]: Service [mysqls] connected remote server from 10.128.0.53:53302
2022.09.22 10:53:17 LOG3[2]: SSL_connect: ../ssl/record/ssl3_record.c:331: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
2022.09.22 10:53:17 LOG5[2]: Connection reset: 0 byte(s) sent to TLS, 0 byte(s) sent to socket
To access a Cloud SQL from a Compute Engine VM try the following, you can use either the Cloud SQL Auth proxy (with public or private IP), or connect directly using a private IP address要从 Compute Engine VM 访问 Cloud SQL,请尝试以下操作,您可以使用 Cloud SQL 身份验证代理(使用公共或私有 IP),或使用私有 ZA12A3079E14CED46E69BA52B8 地址直接连接
To access a Cloud SQL instance from an application running in Google Kubernetes Engine , you can use either the Cloud SQL Auth proxy (with public or private IP), or connect directly using a private IP address. To access a Cloud SQL instance from an application running in Google Kubernetes Engine , you can use either the Cloud SQL Auth proxy (with public or private IP), or connect directly using a private IP address. To connect to Cloud SQL you must have:
要连接到 Cloud SQL,您必须具备:
Check the similar example here.在此处查看类似的示例。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.