All geek questions in one place

Is it possible to connect to Google Cloud SQL with a Google managed virtual machine?

Can I connect to Google Cloud SQL from the Google Managed VM ? Using regular Google App Engine applications, I can connect by authorizing my project in the Cloud SQL console and using unix_socket='/cloudsql/' + _INSTANCE_NAME. However, the socket /cloudsql/does not seem to be available on managed virtual machines. Do I need to assign the IP address of my managed VM application? If so, how do I find the IP address for the whitelist?

+4
source share
4 answers

Sockets /cloudsql/are available only in the regular App Engine. Managed virtual machines are regular virtual machines, so you must use the external IP address of Cloud SQL instances to connect to Cloud SQL. External IP must be whitelisted. The external IP address is displayed in the Developer Console and can also be retrieved using the gcloud CLI tool.

Two options to avoid whitelisting the IP addresses of GCE virtual machines:

  • Switch to use only SSL connections for IP connection and whitelist 0.0.0.0/0.
  • Secure all traffic to Cloud SQL using a virtual machine that launches a TCP proxy server (HAProxy), for example.

We know that none of them is a very satisfactory solution .: - (

+6
source

Second Cloud Second Generation ( -), , App Engine: https://cloud.google.com/sql/docs/sql-proxy#gae

+1

Regarding the first solution provided by @Razvan Musaloiu-E

Switch to use only SSL connections for IP connection and whitelist 0.0.0.0/0.

Are there any security issues if I do this? Besides the fact that I have "root" / "root" login / pasword on my Cloud SQL database, of course ...

0
source

Source: https://habr.com/ru/post/1568389/

More articles:


All Articles