1

I have GKE cluster created with following command:

gcloud container clusters create stage1 \
--enable-ip-alias \
--release-channel stable \
--zone us-central1 \
--node-locations us-central1-a,us-central1-b

Now I wanted to connect my PHP application to cloud SQL. To authorize access to the cloud SQL from the PHP application running in the pod, i have done following steps

  • Created a secret
    kubectl create secret generic stage-cloudsql-secret \
      --from-literal=db_host=<YOUR-PRIVATE-IP-ADDRESS>
  • Updated this secret my pod in container section as follows:
    env:
            - name: DB_HOST
              valueFrom:
                secretKeyRef:
                  name: stage-cloudsql-secret
                  key: db_host

I have updated CloudSQL private ip (along with DB name, username, and password) in my PHP file(env.php), built my docker image , created the pod in GKE cluster. When pod is created i am getting following error from container (failed container):

SQLSTATE[HY000] [2002] Operation timed out

Note 1: This is working application in hosted environment and we are migrating to Google cloud

Note 2: GKE and Cloud SQL is in same VPC (default)

Note 3: Enabled IP aliasing in cluster

Note 4: I have a a container which creates data in database when started

Update 1

I have followed the steps mentioned in google cloud documentation. Link

I have SSH into the container and tried to reach (Ping) into cloud SQL using private IP. But I couldnt

Update 2

After followed above links, I have changed the the way in which I create secret (Just the private ip this time). I also updated my env.php as below

array (
    'table_prefix' => '',
    'connection' =>
    array (
      'default' =>
      array (
        'host' => getenv('DB_HOST'),

Previously 'host' => [Private IP of Cloud SQL]

This time when the pod is created it shows following error

SQLSTATE[HY000] [2002] No such file or directory

Update 3

I have redone all the steps again and its working

Tech User
  • 23
  • 3
  • Are you now using the cloud sql proxy? If so, it will forward the port to your localhost instead of the private IP. –  Jan 07 '21 at 09:01
  • I am trying to connect without proxy. By using private IP – Tech User Jan 07 '21 at 15:09
  • Its working now. Please check update 2 and 3 – Tech User Jan 08 '21 at 09:06
  • 1
    Great that you were able to solve it, but please post your solution as an answer instead of editing it into your question. Otherwise the question will stay in the system as "unanswered" forever. – Gerald Schneider Jan 08 '21 at 09:07
  • 1
    @TechUser Please post the solution that you found as an answer, this way others in the community will be able to easily refer to it, plus if you accept the answer it will help increasing your reputation. – Ralemos Jan 08 '21 at 10:31
  • I think your problem is related to the fact, cloudsql is google managed service running in a google vpc and you need to create a service peering to be able to connect from your vpc – c4f4t0r Jan 08 '21 at 11:12
  • @c4f4t0r I am not sure if i really understand the comment. I am very much new to gcp. When I create all the deployment like my pods and containers it goes to default VPC. From this i should be able to access managed redis and managed cloud sql from this.My configuration is working and hence i this assumption is correct – Tech User Jan 12 '21 at 02:43
  • @GeraldSchneider and others I have captured all the steps and doing it again in another evn. I will post after certify it there. – Tech User Jan 12 '21 at 02:49
  • @Tech User, Is the issue is resolved if Yes, so please post the procedure followed to resolve the issue.. and accept the same for community member visible. – Ramesh kollisetty Apr 07 '22 at 11:45

0 Answers0