I've been trying to set up Google Cloud SQL with a private IP connection, where the IP range it's bound to is manually allocated, and have not succeeded.
I don't know if this is a bug in the implementation because it's still in beta, if there's something missing from the docs, or if I'm just doing something wrong.
Initially, I set it up to automatically allocate the IP range. It all worked just fine, except that it chose 192.168.0.0/24, which is one of the networks managed in my VPN connected to the VPC.
So then I tried going down the manual allocation route.
First, I tore down all the associated network objects that had been created on my behalf and the SQL instance as well. There were two VPC Peerings, cloudsql-postgres-googleapis-com and servicenetworking-googleapis-com, which I deleted, and then I confirmed that the routing entry associated with them disappeared as well.
Then, I followed the directions at https://cloud.google.com/vpc/docs/configure-private-services-access#allocating-range, creating 192.168.80.0/20, because I wanted it in my default network.
At that point, I went back to the Cloud SQL instance creation page, since it should be doing the rest for me. I checked the "Private IP" box, and chose the default network.
Below the dropdown which let me choose the network, it said "This instance will use the existing managed service connection". I assumed that meant it would use the address range I'd created, and went forward with the instance creation, but the instance landed on the 192.168.0.0/20 network again.
I tried this several times and always my new SQL instances get an ip address on the 192.168.0.0/20 network
So now I'm not sure what else to try. Is there some state I didn't think to clear? How is the route supposed to be connected to the address range? Why is it creating two peerings when I only asked for one?
As an experiment: I tried connecting it to a VPC other than default, and it worked: I got the network I wanted.
Creating a new address range for the other VPC, vpc-peerings connect ended up connecting it to the first address range, despite my explicitly telling it to use the new one. So it looks like it just uses the first one created, regardless of what it's told.
I have a feeling that's a bug.
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/2f2ad831-3b4b-4d4d-bf6e-20d3d8f19f9f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment