Hello, readers! This article talks about Cloud SQL Proxy Setup in Google Cloud Compute with different variants available for setting up the connection.
So, let us begin!! 🙂
Use of Cloud SQL Instances in the Daily business!
At first, let us go back to an archaic mode where we all witnessed the use of on-premise servers for storing data across applications worldwide.
As we kept moving ahead, on-premise servers were replaced by virtual machines that stored data for a particular set of applications. Though this helped us get out of the archaic mode, it still had drawbacks. The main one is the maintenance of the database server.
This is when managed instances of databases came into the picture. Various public cloud providers such as Google, Microsoft, etc. came up with their Database as a service.
These databases are actually managed by the cloud providers, we just need to spin up the database instance through the User Interface and form a connection to it via an application.
Cloud SQL Proxy to the rescue!
Today, we will be discussing one such Database as a Service – Cloud SQL Instance offered by Google Cloud Portal. We will learn the method to connect to Cloud SQL Instance via a Cloud SQL Proxy in various ways.
Cloud SQL AUTH Proxy is a secure way to have connections to Cloud SQL Instance in Google which does not require SSL configurations and authorized networks.
- It enables us to have a secure connection by encrypting the traffic automatically.
- It also supports authentication through IAM database using OAuth 2.0 access tokens.
- Cloud SQL Proxy makes use of IAM level policies to allow and disallow users to connect to Cloud SQL Instances.
- Capable of working with private as well as public endpoints (IP).
Using Cloud SQL Proxy, we can form connections to Cloud SQL Instance via,
- Google Kubernetes Engine hosted applications
- Cloud Functions
- Google Cloud Run containers
- App Engine
- Virtual Machines, etc.
Let us now focus on the procedure to set up Cloud SQL Proxy to connect to Cloud SQL managed Instances.
1. Download Cloud SQL Proxy
As a pre-requisite, we need to enable the Cloud SQL Admin API. Also, we need to provide Cloud SQL Client role as an IAM role to the user or service account to be used,
Moving ahead, download the Cloud SQL Proxy libraries on the workstation or the Virtual machine as follows-
wget https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 -O cloud_sql_proxy chmod +x cloud_sql_proxy
2. Start the Cloud SQL Proxy
Once we set up the Cloud SQL Proxy, we can then start the Cloud SQL Proxy through the TCP connection as shown below-
We can replace the IP address (0.0.0.0) with the IP address of the workstation or the Virtual machine. The INSTANCE_CONNECTION_NAME is the name of the Cloud SQL Instance.
In case, if we wish SQL Proxy to make use of the private IP address, we can do it by specifying the below flag-
3. Establish connection with MySQL client
In order to establish a connection between the Cloud SQL Proxy client and the MySQL client, we can make use of TCP sockets as shown below-
mysql -u USERNAME -p --host 127.0.0.1
Containerizing Cloud SQL Auth Proxy in GCP
We can also run the Cloud SQL Proxy as a docker container on our local workstations. For the same, we need to make use of the Cloud SQL Proxy Image provided by Google-
docker pull gcr.io/cloudsql-docker/gce-proxy:1.19.1
We can then run the docker container establishing a connection to the Cloud SQL Instance via SQL Proxy from a docker container-
docker run -d \ -v PATH_TO_KEY_FILE:/config \ -p 127.0.0.1:3306:3306 \ gcr.io/cloudsql-docker/gce-proxy:1.19.1 /cloud_sql_proxy \ -instances=INSTANCE_CONNECTION_NAME=tcp:0.0.0.0:3306 \ -credential_file=/config
Here, the credential file is the JSON key of the account we use to authenticate ourselves to the Cloud SQL Instance in the Google Cloud Portal.
By this, we have approached the end of this topic. Feel free to comment below, in case you come across any questions.
For more such posts related to Google Cloud Instance, Stay tuned with us.
Till then, Happy Learning!! 🙂