PŘIPOJENÍ Z APP ENGINE (FLEXNÍ A STANDARDNÍ) K CLOUD SQL POMOCÍ DOMÉNOVÝCH SOCKETŮ TCP A UNIX 2020
1. Vytvořte nový projekt
gcloud projects create con-ae-to-sql
gcloud config set project con-ae-to-sql
gcloud projects describe con-ae-to-sql
2. Povolte fakturaci na svém projektu:https://cloud.google .com/billing/docs/how-to/modify-project
3. Spuštěním následujícího příkazu gcloud povolte App Engine a vytvořte přidružené prostředky aplikace
gcloud app create -region europe-west2
gcloud app describe
#Remember the location of you App Engine aplication, because we will create all our resources on the same region
4. Nastavte výpočetní metadata projektových informací:
gcloud compute project-info describe --project con-ae-to-sql
#Enable the Api, and you can check that default-region,google-compute-default-zone are not set. Set the metadata.
gcloud compute project-info add-metadata --metadata google-compute-default-region=europe-west2,google-compute-default-zone=europe-west2-b
5. Povolte Service Networking Api:
gcloud services list --available
gcloud services enable servicenetworking.googleapis.com
6. Vytvořte 2 cloudové instance SQL (jedna s interní IP a jedna s veřejnou IP)- https://cloud.google.com/sql/docs/mysql/create-instance :
6.a Instance Cloud Sql s externí IP:
#Create the sql instance in the same region as App Engine Application
gcloud --project=con-ae-to-sql beta sql instances create database-external --region=europe-west2
#Set the password for the "[email protected]%" MySQL user:
gcloud sql users set-password root --host=% --instance database-external --password root
#Create a user
gcloud sql users create user_name --host=% --instance=database-external --password=user_password
#Create a database
gcloud sql databases create user_database --instance=database-external
gcloud sql databases list --instance=database-external
6.b Cloud Sql instance s interní IP:
i.#Create a private connection to Google so that the VM instances in the default VPC network can use private services access to reach Google services that support it.
gcloud compute addresses create google-managed-services-my-network --global --purpose=VPC_PEERING --prefix-length=16 --description="peering range for Google" --network=default --project=con-ae-to-sql
gcloud services vpc-peerings connect --service=servicenetworking.googleapis.com --ranges=google-managed-services-my-network --network=default --project=con-ae-to-sql
#Check whether the operation was successful.
gcloud services vpc-peerings operations describe --name=operations/pssn.dacc3510-ebc6-40bd-a07b-8c79c1f4fa9a
#Listing private connections
gcloud services vpc-peerings list --network=default --project=con-ae-to-sql
ii.Create the instance:
gcloud --project=con-ae-to-sql beta sql instances create database-ipinternal --network=default --no-assign-ip --region=europe-west2
#Set the password for the "[email protected]%" MySQL user:
gcloud sql users set-password root --host=% --instance database-ipinternal --password root
#Create a user
gcloud sql users create user_name --host=% --instance=database-ipinternal --password=user_password
#Create a database
gcloud sql databases create user_database --instance=database-ipinternal
gcloud sql databases list --instance=database-ipinternal
gcloud sql instances list
gcloud sql instances describe database-external
gcloud sql instances describe database-ipinternal
#Remember the instances connectionName
Dobře, takže máme dvě instance mysql, připojíme se z App Engine Standard k databázi-ipinternal pomocí Serverless Access a TCP, z App Engine Standard k databázi-externí pomocí unix doménového soketu, z App Engine Flex k databázi-ipinternal pomocí TCP, a od App Engine Flex k databázi-externí pomocí unix domain socket.
7. Povolte Cloud SQL Admin API
gcloud services list --available
gcloud services enable sqladmin.googleapis.com
8. V současné době standardní prostředí App Engine nepodporují připojení k instanci Cloud SQL pomocí TCP. Váš kód by se neměl pokoušet o přístup k instanci pomocí IP adresy (jako je 127.0.0.1 nebo 172.17.0.1), pokud nemáte nakonfigurovaný Serverless VPC Access. Pojďme tedy nakonfigurovat Serverless VPC Access.
8.a Ujistěte se, že je pro váš projekt povoleno Serverless VPC Access API:
gcloud services enable vpcaccess.googleapis.com
8.b Vytvořte konektor:
gcloud compute networks vpc-access connectors create serverless-connector --network default --region europe-west2 --range 10.10.0.0/28
#Verify that your connector is in the READY state before using it
gcloud compute networks vpc-access connectors describe serverless-connector --region europe-west2
9. App Engine používá servisní účet k autorizaci vašich připojení ke Cloud SQL. Aby se tento účet služby mohl úspěšně připojit, musí mít správná oprávnění IAM. Unless otherwise configured, the default service account is in the format [email protected] nt.com. Ujistěte se, že servisní účet pro vaši službu má následující role IAM:Cloud SQL Client a pro připojení z App Engine Standard ke Cloud Sql na interní IP potřebujeme také roli Compute Network User.
gcloud iam service-accounts list
gcloud projects add-iam-policy-binding con-ae-to-sql --member serviceAccount:[email protected] --role roles/cloudsql.client
gcloud projects add-iam-policy-binding con-ae-to-sql --member serviceAccount:[email protected] --role roles/compute.networkUser
Teď, když jsem nakonfiguroval nastavení
1. Připojte se z App Engine Standard ke Cloud Sql pomocí Tcp a unixového dominového socketu
cd app-engine-standard/
ls
#app.yaml main.py requirements.txt
cat requirements.txt
Flask==1.1.1
sqlalchemy
pymysql
uwsgi==2.0.18
cat app.yaml
runtime: python37
entrypoint: uwsgi --http-socket :8080 --wsgi-file main.py --callable app --master --processes 1 --threads 2
vpc_access_connector:
name: "projects/con-ae-to-sql/locations/europe-west2/connectors/serverless-connector"
cat main.py
from flask import Flask
import pymysql
from sqlalchemy import create_engine
# If `entrypoint` is not defined in app.yaml, App Engine will look for an app
# called `app` in `main.py`.
app = Flask(__name__)
@app.route('/')
def hello():
engine_tcp = create_engine('mysql+pymysql://user_name:[email protected]:3306')
existing_databases_tcp = engine_tcp.execute("SHOW DATABASES;")
con_tcp = "Connecting from APP Engine Standard to Cloud SQL using TCP: databases => " + str([d[0] for d in existing_databases_tcp]).strip('[]') + "\n"
engine_unix_socket = create_engine('mysql+pymysql://user_name:[email protected]/user_database?unix_socket=/cloudsql/con-ae-to-sql:europe-west2:database-external')
existing_databases_unix_socket = engine_unix_socket.execute("SHOW DATABASES;")
con_unix_socket = "Connecting from APP Engine Standard to Cloud SQL using Unix Sockets: tables in sys database: => " + str([d[0] for d in existing_databases_unix_socket]).strip('[]') + "\n"
return con_tcp + con_unix_socket
gcloud app deploy -q
gcloud app browse
#Go to https://con-ae-to-sql.appspot.com
#Connecting from APP Engine Standard to Cloud SQL using TCP: databases => 'information_schema', 'user_database', 'mysql', 'performance_schema', 'sys' Connecting from APP Engine Standard to Cloud SQL using Unix Sockets: tables in sys database: => 'information_schema', 'user_database', 'mysql', 'performance_schema', 'sys'
ÚSPĚCH!
2. Připojte se z App Engine Flex ke Cloud Sql pomocí Tcp a unixového doménového socketu
cd app-engine-flex/
ls
#app.yaml main.py requirements.txt
cat requirements.txt
Flask==1.1.1
gunicorn==19.9.0
sqlalchemy
pymysql
cat app.yaml
runtime: python
env: flex
entrypoint: gunicorn -b :$PORT main:app
runtime_config:
python_version: 3
#Using TCP and unix sockets domain
beta_settings:
cloud_sql_instances: con-ae-to-sql:europe-west2:database-ipinternal=tcp:3306,con-ae-to-sql:europe-west2:database-external
manual_scaling:
instances: 1
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
cat main.py
from flask import Flask
import pymysql
from sqlalchemy import create_engine
app = Flask(__name__)
@app.route('/')
def hello():
engine_tcp = create_engine('mysql+pymysql://user_name:[email protected]:3306')
existing_databases_tcp = engine_tcp.execute("SHOW DATABASES;")
con_tcp = "Connecting from APP Engine Flex to Cloud SQL using TCP: databases => " + str([d[0] for d in existing_databases_tcp]).strip('[]') + "\n"
engine_unix_socket = create_engine('mysql+pymysql://user_name:[email protected]/user_database?unix_socket=/cloudsql/con-ae-to-sql:europe-west2:database-external')
existing_databases_unix_socket = engine_unix_socket.execute("SHOW DATABASES;")
con_unix_socket = "Connecting from APP Engine Flex to Cloud SQL using Unix Sockets: tables in sys database: => " + str([d[0] for d in existing_databases_unix_socket]).strip('[]') + "\n"
return con_tcp + con_unix_socket
gcloud app deploy -q
gcloud app browse
#Go to https://con-ae-to-sql.appspot.com
#Connecting from APP Engine Flex to Cloud SQL using TCP: databases => 'information_schema', 'marian', 'mysql', 'performance_schema', 'sys' Connecting from APP Engine Flex to Cloud SQL using Unix Sockets: tables in sys database: => 'information_schema', 'marian', 'mysql', 'performance_schema', 'sys'
ÚSPĚCH!