This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

CloudSQL between VPCs

Posted on 03-07-2023 02:22 PM
JoseRocha
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I have some CloudSQL instances that use public IP's and I'm replacing them with new instances with only private IP's. The problem is that I have applications running in Virtual Machines / K8S Cluster in another VPC and because of that, these applications cannot see the CloudSQL private IP. At this time, solutions like Shared VPC and Cloud Auth Proxy are not possible because they require changes that I am not able to implement right now. I only see two possible solutions: a VPN between two of my VPC's or a Peering between the VPC that runs my applications with the VPC "speckle.." managed by Google, where the private IP resides. Any other possible solutions?

Solved Solved
0 3 1,664
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
In response to JoseRocha
Reply posted on --/--/---- --:-- AM

For now, what I can suggest is to try Cloud VPN until such time Shared VPC can be applicable to your setup.

View solution in original post

Jump to Solution
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @JoseRocha ,

@JoseRocha wrote:

At this time, solutions like Shared VPC and Cloud Auth Proxy are not possible because they require changes that I am not able to implement right now.

You are correct. For these type of scenario or setup, Shared VPC and Cloud Auth Proxy will definitely be the solution to provide connectivity for your CloudSQL instance and to your VMs and K8s cluster.

Regarding the solutions that you are considering, Cloud VPN and VPC Peering, it will work having the goal of establishing connectiivy for two different VPCs. What are your challenges on setting them up?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
JoseRocha
Bronze 1
Bronze 1
In response to Marvin_Lucero
Reply posted on --/--/---- --:-- AM

Hello @Marvin_Lucero ,

If I create a VPC Peering between the VPC where I have my VMs / K8S Cluster with the VPC where I have my CloudSQL, I can't establish connectivity because the CloudSQL private IP is located in a third VPC (a VPC managed by Google). The Google's documentation says "Transitive peering is not supported", which means I can't connect from my VM's VPC to Google's Managed VPC (would be 2 hops).

My question is: Is there another solution or I have to use Cloud VPN, which is not an ellegant solution?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
In response to JoseRocha
Reply posted on --/--/---- --:-- AM

For now, what I can suggest is to try Cloud VPN until such time Shared VPC can be applicable to your setup.

Jump to Solution
0 Likes
Top Solution Authors
View all