Kubernetes Proxy Sidecar One per pod or behind service?

[Joe Andaverde]

The documentation for how to connect to CloudSQL from Kubernetes is to add a sidecar pod. 

We have many different types of deployments that require database connection does it make sense to expose the proxy via a service running in a separate single deployment? 

Further, it suggests creating a proxyuser. It seems I should continue using the username/password as I've always used instead of creating one specific to a proxy. Any more information I'm missing here?

Thanks!

Joe

[Fady (Google Cloud Platform)]

Hello Joe,

Following this tutorial, the container containing your application, and the Cloud SQL proxy container (sidecar) should be tightly coupled in a single manageable entity (Pod) per your deployment (wordpress example), and the same applies for each replica pod. This is the recommended method to use with Kubernetes. But, I am not sure if it would be ideal for your use case. That said, and as you mentioned you may test  deploying Cloud SQL proxy as a cluster service using Helm per this Github example

To answer your last question about the username, the tutorial for clarity reasons, and for easier cleanup ( when you finish the example) suggests to create a new username. It is not necessary if you already have a username/password you plan to use. I hope that helps.

[Joe Andaverde]

Thank you! I will do something akin to the Helm example.