Can Cloud-sql proxy be deployed as standalone Deployment model in Kubernetes ?

[Vinoth Narasimhan]

Without running 2 container in a Kubernetes POD one for business logic container and other for cloud-sql proxy container to connect to cloud-sql

Can it support to run the cloud-sql proxy as a standalone deployment in kubernetes , all other business logic container can reach this proxy through the service layer of cloud-sql proxy

Will this work ?

[David Newgas]

This is possible, but we don't provide a built in guide for it. You will have to adapt our other kubernetes instructions. Some key things you will need to change: you should make the proxy listen on a tcp port instead of a unix socket and you will have to set up a kubernetes service to allow other pods to connect to it.

Only do this if you trust all of the workloads on your cluster. You are effectively allowing anything running in the cluster to use that authorization to connect to Cloud SQL. if you have workloads that shouldn't be able to connect to the prod database (for example qa pods which should only be able to connect to a qa DB in case they do damage) then this can't stop them.

David

--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsub...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/8ce7c374-5c3f-4cb0-bfeb-1d75db610ab4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Vinoth Narasimhan]

Aaah, Unix sockets that's why it club together Thanks David , 

I will take a look at the Code.