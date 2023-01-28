



Google Cloud has released a public preview of the Cloud SQL Proxy Operator. Operators simplify the process of connecting applications running on Google Kubernetes Engine to databases deployed on Cloud SQL.

The Cloud SQL Proxy Operator replaces existing connectivity methods. We currently have Cloud SQL connectors for Java, Python, and Go, as well as the Cloud SQL Auth Proxy. The Cloud SQL Auth Proxy Operator, according to the project’s README, “creates a proxy container with [K]The ubernetes workload is correctly configured for production. “

Google Developer Advocate Luke Schlangen and Google Software Engineer Jonathan Hess claim that the Cloud SQL Auth Proxy Operator significantly reduces the required configuration code. They show that “you can do the configuration in 8 lines of YAML, saving about 40 lines of YAML configuration (thousands for large clusters).”

Multiple Kubernetes applications can share the same proxy. Schlangen and Hess also show that GCP maintains operators, including updating them to the latest recommendations. They share that the GA release will auto-deploy the proxy when the configuration changes.

The operator introduces a custom resource AuthProxyWorkload. This describes the Cloud SQL Auth Proxy configuration for your workload. The operator reads this resource and deploys a Cloud SQL Auth Proxy container to your workload pod. Before building the connection, we need to create a GKE cluster and a Cloud SQL instance, set up a service account for the connection, and store a Kubernetes secret.

To configure the operator, first get the connection name for your Cloud SQL instance.

gcloud sql instances describe quickstart-instance –format=”value(connectionName)”

Next, create a new YAML file containing your Cloud SQL Auth Proxy Operator configuration. In the example below, ” will be replaced with the connection name returned by the above command.

apiVersion: cloudsql.cloud.google.com/v1alpha1 Type: AuthProxyWorkload Metadata: Name: authproxyworkload-sample Spec: workloadSelector: Type: “Deployment” Name: “gke-cloud-sql-app” Instance: – connectionString: “ ” unixSocketPathEnvName: “DB_SOCKET_PATH” socketType: “unix” unixSocketPath: “/csql/pg”

Finally, we can apply the proxy configuration to Kubernetes.

kubectl apply -f authproxyworkload.yaml

AWS has a similar, more popular connector service using AWS Controllers for Kubernetes (ACK). ACK provides an interface for using other his AWS services directly from Kubernetes. ACK supports both Amazon Elastic Kubernetes Service (EKS) and Amazon Relational Database Service (RDS).

GCP indicates that a project will follow Semantic Versioning with active releases getting all new features and security fixes for at least one year. A breaking change causes a major version bump. Deprecated versions continue to receive security and critical bug fixes for one year.

The Cloud SQL Proxy Operator is open source and available under the Apache-2.0 license.

