GCP Cloud Functions connecting to cloud sql with private IP

Question

I'm following this example to make a connection from Cloud Function to Postgres Cloud SQL: https://cloud.google.com/functions/docs/sql .

When I create a test Cloud SQL instance with Public IP and I trigger the cloud function, it connects to the cloud SQL instance and returns something. For security reasons I can't leave Public IP on, so when I select Private IP on the cloud SQL instance I get:

Error: function crashed. Details:
could not connect to server: Connection refused
    Is the server running locally and accepting
    connections on Unix domain socket "/cloudsql/cloud-sql-test-250613:us-central1:myinstance-2/.s.PGSQL.5432"?

I can't get from the documentation what is the contract between cloud function and the cloud sql instance. If we are using unix domain sockets should I care at all about IPs? Does it matter if it's public or private? If it does matter, do I have to go through all the process of setting up Private IP infrastructure? Do I need serverless VPC?

Answer 1

I've managed to achieve a connectivity between a Cloud Function and Cloud SQL private instance by doing this.

It seems that it does matter if you disable public IPs, whenever I disabled public IP's I kept getting ERR CONN REFUSED, which seems to be your case,to have your Cloud SQL instance only with private IP, I think you do have to use Serverless VPC.

This is what I would recommend you to try:

Make sure that all your infrastructure is in the same region (Cloud SQL, Cloud Function,VPC Connector)

Take these steps,please:

1. Set Cloud SQL instance to private only connectivity. (Cloud SQL Instance > Connections)

2. Make sure that your private CloudSQL instance is on the desired “Associated Networking” (VPC).

3. Create a VPC connector on the VPC network that your Cloud SQL instance is located. (the one associated with the MySql instance)

To create a connector go to: VPC Network > VPC Serverless Access > Create Connector

In VPC Network > [Your VPC] > VPC Network Peering you can check if the connection is correct to your Cloud SQL instance.

4. Create a Cloud Function using the code in your desired language. (You can test with the examples in the documentation.)

When you create your Cloud Function make sure to set it in the same region, while also adding the VPC Connector you created to the "Egress Settings" option in your Cloud Function.

If you try to create a VPC Connector through the GCP Console, you will only get 1 zone to pick from. But if you use the cloud shell you can define another areas. You can try that with this command and in these areas.

gcloud beta compute networks vpc-access connectors create [CONNECTOR_NAME] \ 
--network [VPC_NETWORK] \ 
--region [REGION] \ 
--range [IP_RANGE]

Areas:

us-central1, us-east1, europe-west1

Please let me know if this worked for you.

UPDATE:

Hello again alobodzk,

Try making your Cloud Function in Python (once making sure that all of the previous steps are OK).

Try this code:

Cloud Function index.js (Replace all the connector data with your own credentials)

import mysql.connector
from mysql.connector import Error


def mysql_demo(request):
    import mysql.connector
    from mysql.connector import Error
    try:
        connection = mysql.connector.connect(host='CloudSQL Instance Private IP', database='Database Name, user='UserName', password='Password')
        if connection.is_connected():
            db_Info = connection.get_server_info()
            print("Connected to MySQL database... MySQL Server version on ",db_Info)
            cursor = connection.cursor()
            cursor.execute("select database();")
            record = cursor.fetchone()
            print ("Your connected to - ", record)
    except Error as e :
        print ("Error while connecting to MySQL", e)
    finally:
        #closing database connection.
        if(connection.is_connected()):
            cursor.close()
            connection.close()
            print("MySQL connection is closed")
# [END functions_sql_mysql]

Cloud Function requirements.txt

psycopg2==2.7.7
PyMySQL==0.9.3
mysql-connector-python