This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Connect to the CloudSQL in another project

Posted on 12-29-2022 10:33 AM
realsharip
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hey y'all
I'm going to connect from the instance in Project-A(custom VPC) with CloudSQL Postgres in Project-B(default VPC). Documentation says that I need to peer these two VPC. The peering status in the "Active" state. In Project-A I also have cloudsql_auth_proxy. Once I execute cloudsql_auth_proxy, I get this:
root@cloudsql-auth-proxy:~# ./cloud_sql_proxy -instances=projectB:us-west1:postgres=tcp:0.0.0.0:5432

2022/12/29 16:46:59 current FDs rlimit set to 1048576, wanted limit is 8500. Nothing to do here.

2022/12/29 16:47:01 Listening on 0.0.0.0:5432 for -instances=projectB:us-west1:postgres=tcp:0.0.0.0:5432

2022/12/29 16:47:01 Ready for new connections

2022/12/29 16:47:01 Generated RSA key in 244.541948ms

When I try to connect to the cloudsql_proxy like this psql -h xxx.xxx.xxx.xxx -p 5432 -U proxyuser -d postgres it hangs.

The output of cloudsql_auth_proxy looks like this:

2022/12/29 16:48:00 New connection for "-instances=projectB:us-west1:postgres"

2022/12/29 16:48:00 refreshing ephemeral certificate for instance -instances=projectB:us-west1:postgres

2022/12/29 16:48:00 Scheduling refresh of ephemeral certificate in 55m0s
: dial tcp 10.35.144.3:3307: connect: connection timed out  

The final goal is connecting Datastream(ProjectA) with CloudSQL(ProjectB)

 

Solved Solved
0 2 6,497
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
christianpaula
Staff
Reply posted on --/--/---- --:-- AM
 
Welcome to Google Cloud Community!
 
To connect from an instance in Project A to Cloud SQL in Project B, you need to perform the following steps:
 
Verify that you have set up VPC peering between the VPC of Project A and the default VPC of Project B. The peering status should be "Active".
 
Connect to the instance in Project A where you want to run the Cloud SQL proxy.
 
Download and install the Cloud SQL proxy on the instance.
 
Run the Cloud SQL proxy with the following command:
 
./cloud_sql_proxy -instances=projectB:region:instance_name=tcp:0.0.0.0:5432
 
Replace "projectB" with the name of Project B, "region" with the region of the Cloud SQL instance, and "instance_name" with the name of the Cloud SQL instance. This command will start the Cloud SQL proxy and listen for connections on port 5432.
 
Connect to the Cloud SQL instance using a PostgreSQL client, such as psql, and specify the hostname as the instance's external IP address, the port as 5432, and the username and password for a user that has permissions to access the Cloud SQL instance.
For example:
 
psql -h EXTERNAL_IP_ADDRESS -p 5432 -U USERNAME -d DATABASE_NAME
 
Replace "EXTERNAL_IP_ADDRESS" with the external IP address of the Cloud SQL instance, "USERNAME" with a valid username, and "DATABASE_NAME" with the name of the database you want to connect to.
 
Thank you

View solution in original post

Jump to Solution
0 Likes
2 REPLIES 2

Posted on --/--/---- --:-- AM
christianpaula
Staff
Reply posted on --/--/---- --:-- AM
 
Welcome to Google Cloud Community!
 
To connect from an instance in Project A to Cloud SQL in Project B, you need to perform the following steps:
 
Verify that you have set up VPC peering between the VPC of Project A and the default VPC of Project B. The peering status should be "Active".
 
Connect to the instance in Project A where you want to run the Cloud SQL proxy.
 
Download and install the Cloud SQL proxy on the instance.
 
Run the Cloud SQL proxy with the following command:
 
./cloud_sql_proxy -instances=projectB:region:instance_name=tcp:0.0.0.0:5432
 
Replace "projectB" with the name of Project B, "region" with the region of the Cloud SQL instance, and "instance_name" with the name of the Cloud SQL instance. This command will start the Cloud SQL proxy and listen for connections on port 5432.
 
Connect to the Cloud SQL instance using a PostgreSQL client, such as psql, and specify the hostname as the instance's external IP address, the port as 5432, and the username and password for a user that has permissions to access the Cloud SQL instance.
For example:
 
psql -h EXTERNAL_IP_ADDRESS -p 5432 -U USERNAME -d DATABASE_NAME
 
Replace "EXTERNAL_IP_ADDRESS" with the external IP address of the Cloud SQL instance, "USERNAME" with a valid username, and "DATABASE_NAME" with the name of the database you want to connect to.
 
Thank you
Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
rohit_ynt
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

@christianpaula How to get it working with private_ip using CloudSQLProxy? I appreciate any help.
CloudSQL MySQL Instance is in custom VPC in ProjectB with Public IP disabled.
GKE running CloudSqlProxy shared service in 'default' VPC in ProjectA.
VPC peering is active in ProjectA and ProjectB.
CloudSqlAuthProxy running in ProjectA using KSA Workload Identity to access CloudSQL in ProjectB.
Deployed CloudSQLProxy replicaSet workload and supplied --private-ip argument. But the CloudSQLProxy is not able to connect to the CloudSQL instance. Everything works when Public IP is enabled.

Jump to Solution
0 Likes