[google-cloud-sql-discuss] Re: How can a private GKE cluster communicate with a Cloud SQL instance within the project.

I'm facing a similar issue. According to this blog post from GCP it seems like I should be able to connect to the Private IP of a Cloud SQL instance simply by creating a service and endpoint  however I am not able to connect to the service via the Kubernetes Service Name <svc-name>.<namespace>.svc.cluster.local. With `dig` in a container on my cluster that DNS resolves to the correct private IP but I cannot connect. I have one deployment in my cluster which uses `hostNetwork: true` and I can connect with no problem from inside that container, but I need to be able to connect from a container that does not use the host network.

I understand that enabling Alias IPs may be what is needed, but do not currently have a cluster with that enabled and I would rather not recreate the whole cluster if I can help it. Does the blog post assume that Alias IPs is enabled already or am I missing something? So far I have not tried using a NAT gateway or proxy. Thanks

On Friday, June 22, 2018 at 4:58:07 AM UTC+12, Larbi (Google Cloud Support) wrote:

Hello Shubhanan,

For public cluster i did use this documentation [1] to use the NAT Gateway with Kubernetes Engine and i was able to Verify the NAT gateway routing with the kubctl command:

 

kubectl run example -i -t --rm --restart=Never --image centos:7 -- curl -s http://ipinfo.io/ip

 

I displayed the external IP address of the NAT gateway.

For private cluster you have to enable the Alias IPs [2] as it allow Pods to directly access hosted services without using a NAT gateway.

Cluster IPs for internal Services remain only available from within the cluster. If you want to access a Kubernetes Service from within the VPC, but from outside of the cluster (for example, from a Compute Engine instance), use an internal load balancer [3].

Did you enable Alias IPs?

[1]https://cloud.google.com/solutions/using-a-nat-gateway-with-kubernetes-engine

[2]https://cloud.google.com/kubernetes-engine/docs/how-to/alias-ips

[3]https://cloud.google.com/kubernetes-engine/docs/how-to/internal-load-balancing

--
You received this message because you are subscribed to the Google Groups "Google Cloud SQL discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-cloud-sql-discuss+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-cloud-sql-discuss/6dd2e506-660f-4a69-91b7-196d01c1cb7d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.