Can I run cloudql-proxy as a Daemon suite in Kubernetes?

Question

Can I run cloudql-proxy as a Daemon suite in Kubernetes?

I have a question similar to this github question .

But instead of using a service, can I use a set of daemon instead of a service? The idea is to share the same socket with all modules on the same node. Will it work with the same security problem as the answer of the same problem. I ask because the approach with the pram container stops me, looking for more pods. In fact, I have different types of services that use the same database for Cloud SQL. Each module must reserve some processor and memory for the proxy, and this seems to me superfluous.

+4

google-container-engine google-cloud-sql

Edward fung Apr 11 '17 at 7:59

source share

2 answers

Edward fung · Answer 1 · 2018-03-11T09:47:39+0000

I asked the same question in the same repo . The response from the team is positive. You can use the demon dialing approach. However, I have no practical experience in recruiting a demon. Therefore use it with caution.

Doug · Answer 2 · 2018-04-08T22:41:01+0000

Yes you can do it. However, the daemon pod will no longer listen to the local host. Therefore, you must configure the cloud_sql_proxy and database connections using hostIP Node.

You must set cloud_sql_proxyto listen0.0.0.0

  - command:
    - /cloud_sql_proxy
    - -instances=project:region:db=tcp:0.0.0.0:5432
    - -credential_file=/secrets/cloudsql/credentials.json

You must also change the database connection to use hostIP

    env:
    - name: DB_HOST
      valueFrom:
        fieldRef:
          apiVersion: v1
          fieldPath: status.hostIP

Can I run cloudql-proxy as a Daemon suite in Kubernetes?

More articles: