Connecting to CloudSQL (Postgres) from Google kubernetes Engine
- For guided creation watch classroom recording
- Create a Service account
apiVersion: v1
kind: ServiceAccount
metadata:
name: ksa-cloud-sql
apiVersion: apps/v1
kind: Deployment
metadata:
name: gke-simplelib
spec:
replicas: 1
selector:
matchLabels:
app: simplelib
template:
metadata:
labels:
app: simplelib
spec:
containers:
- name: simplelib
image: shaikkhajaibrahim/simplelibrary:1
resources:
requests:
memory: "128Mi"
cpu: "250m"
limits:
memory: "256Mi"
cpu: "1000m"
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: gke-cloud-sql-secrets
key: DATABASE_URL
ports:
- containerPort: 8000
- name: cloud-sql-proxy
# This uses the latest version of the Cloud SQL proxy
# It is recommended to use a specific version for production environments.
# See: https://github.com/GoogleCloudPlatform/cloudsql-proxy
image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:latest
args:
# If connecting from a VPC-native GKE cluster, you can use the
# following flag to have the proxy connect over private IP
# - "--private-ip"
# If you are not connecting with Automatic IAM, you can delete
# the following flag.
- "--auto-iam-authn"
# tcp should be set to the port the proxy should listen on
# and should match the DB_PORT value set above.
# Defaults: MySQL: 3306, Postgres: 5432, SQLServer: 1433
- "--port=5432"
- "peak-responder-438809-q5:us-central1:library-instance"
resources:
requests:
memory: "128Mi"
cpu: "250m"
limits:
memory: "256Mi"
cpu: "1000m"
securityContext:
# The default Cloud SQL proxy image runs as the
# "nonroot" user and group (uid: 65532) by default.
runAsNonRoot: true
Like this:
Like Loading...
