stackoom
  简体   繁体   中英

Connecting to Cloud SQL with Private IP from GCE or GKE

 原文  2019-08-28 13:39:59       google-cloud-platform/ google-compute-engine/ google-cloud-sql

Question

I'm trying to connect to a Postgres database (CloudSQL) from a pod deployed in a GoogleCompute cluster, with a private IP, but I get only connection timeout errors.

I setup the GCP cluster with the following: 

gcloud beta container clusters create "gcp-cluster" --zone "europe-west1-b" --no-enable-basic-auth --cluster-version "1.13.6-gke.13" --machine-type "n1-standard-1" --image-type "COS" --disk-type "pd-ssd" --disk-size "20" --metadata disable-legacy-endpoints=true --scopes "https://www.googleapis.com/auth/devstorage.read_only","https://www.googleapis.com/auth/logging.write","https://www.googleapis.com/auth/monitoring","https://www.googleapis.com/auth/servicecontrol","https://www.googleapis.com/auth/service.management.readonly","https://www.googleapis.com/auth/trace.append","https://www.googleapis.com/auth/sqlservice.admin","https://www.googleapis.com/auth/sqlservice" --num-nodes "2" --enable-stackdriver-kubernetes --enable-ip-alias --network "projects/XXX/global/networks/default" --subnetwork "projects/XXX/regions/europe-west1/subnetworks/default" --default-max-pods-per-node "110" --enable-autoscaling --min-nodes "2" --max-nodes "20" --addons HorizontalPodAutoscaling,HttpLoadBalancing --enable-autoupgrade --enable-autorepair --maintenance-window "19:00"

Then I deployed a wildfly pointing to the postgres database IP address (DB created in the same zone/region), but I get only connection timeout. After have enabled a public IP address with source 0.0.0.0/0, I can get a connection.

Any idea to work with private IP address?

3 answers

solution1
 1  2019-08-28 18:04:29

Private IP means accessing Cloud SQL through a Virtual Private Cloud (VPC). You have to use a resource (in this case, GCE instance) that is also on that VPC to be able to reach it. See the environment requirements page of the Private IP docs.

Note for future readers: It's a really bad idea to whitelist 0.0.0.0/0 on a Public IP address. This essentially allows the entire internet to attempt to connect to your instance, and should not be left enabled for any extended period of time.

solution2
 0  2019-08-29 06:40:57

Your gke cluster is in europe-west1-b. Assuming that you use the default network, you must enable Private Google Access for europe-west1 subnet. Click on the subnet to view details and edit it if required to set Private Google Access to " On ".

solution3
 0 ACCPTED  2019-08-29 12:06:57

几个小时后,我通过为VM实例启用CloudSql访问范围来建立连接。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Connecting to Cloud SQL private IP from GCE VM application How to connect from GKE to Cloud SQL using Python and Private IP Connect to Cloud SQL from GKE clusters in different VPC Networks using Private IP Errors connecting remotely to Google cloud SQL from GCE in perl Connecting to Google Cloud SQL instance on private IP from a VM with both private and public IPs fails GCE SQL proxy connecting to wrong sql ip GCP Cloud Functions connecting to cloud sql with private IP Connecting to cloud sql from gke via proxy - connection refused Connecting from K8S pod in GKE to a VM internal IP on Google Cloud Platform GCP MySQL with private IP not reachable from GKE
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM