mirror of
https://github.com/ryboe/private-ip-cloud-sql-db.git
synced 2025-12-19 18:14:59 -05:00
45 lines
1.4 KiB
Markdown
45 lines
1.4 KiB
Markdown
# Cloud SQL DB with a Private IP
|
|
|
|
This repo demonstrates how to create a Cloud SQL DB with a private IP address
|
|
only, and connect to it with [Cloud SQL Proxy](https://cloud.google.com/sql/docs/postgres/sql-proxy). The full explanation of how this works can be found in [this blog post](https://medium.com/@ryanboehning/how-to-deploy-a-cloud-sql-db-with-a-private-ip-only-using-terraform-e184b08eca64).
|
|
|
|
Terraform v1.0.0 or higher is required.
|
|
|
|
## How To Use
|
|
|
|
1. Set the name of your Terraform Cloud organization in `backend.tf`.
|
|
|
|
2. Deploy the db and Cloud SQL Proxy
|
|
|
|
```bash
|
|
gcloud services enable \
|
|
cloudresourcemanager.googleapis.com \
|
|
compute.googleapis.com \
|
|
iam.googleapis.com \
|
|
oslogin.googleapis.com \
|
|
servicenetworking.googleapis.com \
|
|
sqladmin.googleapis.com
|
|
|
|
terraform init
|
|
terraform apply
|
|
```
|
|
|
|
3. Upload your public SSH key to Google's OS Login service
|
|
|
|
```bash
|
|
gcloud compute os-login ssh-keys add --key-file=~/.ssh/id_rsa.pub --ttl=365d
|
|
```
|
|
|
|
4. Connect to the private db through Cloud SQL Proxy
|
|
|
|
```bash
|
|
# get your SSH username
|
|
gcloud compute os-login describe-profile | grep username
|
|
|
|
# get the public IP of the instance running Cloud SQL Proxy
|
|
CLOUD_SQL_PROXY_IP=$(terraform output proxy_ip)
|
|
|
|
# psql into your private db
|
|
ssh -t <username>@$CLOUD_SQL_PROXY_IP docker run --rm --network=host -it postgres:14-alpine psql -U postgres -h localhost
|
|
```
|