Cloud SQL connect¶
Cloud SQL databases are accessed using Cloud SQL Auth Proxy. It is a connector that allows a secure coonnection and authentication with yor google account.
Download & Install¶
The connector can be downloaded here
Connect with gcloud¶
Your gcloud tool calls the cloud_sql_proxy internally, so you can connect to a database with a single command:
# mysql dev
gcloud beta sql connect ftmo-dev-cluster-mysql-private-instance-1f9d0fc1 --user=$USER
# mysql stage
gcloud beta sql connect ftmo-stage-cluster-mysql-private-instance-90b8dc60 --user=$USER
# mysql prod
gcloud beta sql connect ftmo-prod-cluster-mysql-private-instance-462b2585 --user=$USER
Connect with a tunnel¶
Cloud SQL Auth Proxy v2.x+¶
You can create a tunnel from your local machine to the database.
For Cloud SQL Auth proxy v2.x+ create tunnel like this:
gcloud auth application-default login # login with your FTMO Google account
./cloud-sql-proxy --version
cloud-sql-proxy version 2.7.0+linux.amd64
./cloud-sql-proxy devops-309909:europe-west3:ftmo-dev-cluster-mysql-private-instance-1f9d0fc1 # project:region:cloud_sql_instance
2023/09/29 14:24:04 Authorizing with Application Default Credentials
2023/09/29 14:24:05 [devops-309909:europe-west3:ftmo-dev-cluster-mysql-private-instance-1f9d0fc1] Listening on 127.0.0.1:3306
2023/09/29 14:24:05 The proxy has started successfully and is ready for new connections!
When the instance has IAM Authentication enabled (new instances), you have to use --auto-iam-authn flag in connection like this:
gcloud auth application-default login # login with your FTMO Google account
./cloud-sql-proxy --auto-iam-authn devops-309909:europe-west3:ftmo-trader-sanitized-hlf-master # project:region:cloud_sql_instance
Cloud SQL Auth Proxy v1.x+ (deprecated)¶
When you use Cloud SQL Auth proxy v1.x create tunnel like this:
# create a tunnel localhost:3306 <-> db
cloud_sql_proxy -instances=devops-309909:europe-west3:ftmo-dev-cluster-mysql-private-instance-1f9d0fc1=tcp:localhost:3306
2023/09/20 09:10:11 Rlimits for file descriptors set to {Current = 8500, Max = 9223372036854775807}
2023/09/20 09:10:13 Listening on localhost:3306 for devops-309909:europe-west3:ftmo-dev-cluster-mysql-private-instance-1f9d0fc1
2023/09/20 09:10:13 Ready for new connections
2023/09/20 09:10:13 Generated RSA key in 109.53275ms
And then connect your sql client to localhost:3306
mysql -h 127.0.0.1 -P 3306 -udevops -p$MYSQL_PASSWORD -e "show databases;"
mysql: [Warning] Using a password on the command line interface can be insecure.
+--------------------------------+
| Database |
+--------------------------------+
| accounting-service-dev |
| affiliate_tracker |
| crm-dev |
| duplication-service-dev |
| file_service_team_file_service |
| gamification-dev |
| information_schema |
| mysql |
| notifications_service_nc |
| notifications_service_ws |
| performance_schema |
| sys |
| tbl-dev |
| verified-identity |
+--------------------------------+
Connect with DBeaver client¶
DBeaver requires cloud-sql-proxy library to be installed:
- Duplicate MySQL Driver in
Menu -> Databases -> Driver Manager -> MySQLwithCopy Editthe driver- In
Librarytab doAdd ArtifactinDependency Declaration - Copy snippet
<dependency>
<groupId>com.google.cloud.sql</groupId>
<artifactId>mysql-socket-factory-connector-j-8</artifactId>
<version>1.13.1</version>
</dependency>
- In
Driver Properties
| Property | Value |
|---|---|
| socketFactory | com.google.cloud.sql.mysql.SocketFactory |
| cloudSqlInstance | The instance connection name (found on the instance details page) |
More info can be found here