VERBINDUNG VON APP ENGINE (FLEX UND STANDARD) ZU CLOUD SQL UNTER VERWENDUNG VON TCP- UND UNIX-DOMAIN-SOCKETS 2020
1.Erstellen Sie ein neues Projekt
gcloud projects create con-ae-to-sql
gcloud config set project con-ae-to-sql
gcloud projects describe con-ae-to-sql
2. Aktivieren Sie die Abrechnung für Ihr Projekt:https://cloud.google .com/billing/docs/how-to/modify-project
3.Führen Sie den folgenden gcloud-Befehl aus, um App Engine zu aktivieren und die zugehörigen Anwendungsressourcen zu erstellen
gcloud app create -region europe-west2
gcloud app describe
#Remember the location of you App Engine aplication, because we will create all our resources on the same region
4.Legen Sie die Compute-Projektinfo-Metadaten fest:
gcloud compute project-info describe --project con-ae-to-sql
#Enable the Api, and you can check that default-region,google-compute-default-zone are not set. Set the metadata.
gcloud compute project-info add-metadata --metadata google-compute-default-region=europe-west2,google-compute-default-zone=europe-west2-b
5.Service Networking API aktivieren:
gcloud services list --available
gcloud services enable servicenetworking.googleapis.com
6. Erstellen Sie 2 Cloud-SQL-Instanzen (eine mit interner IP und eine mit öffentlicher IP) – https://cloud.google.com/sql/docs/mysql/create-instance :
6. eine Cloud Sql-Instanz mit externer IP:
#Create the sql instance in the same region as App Engine Application
gcloud --project=con-ae-to-sql beta sql instances create database-external --region=europe-west2
#Set the password for the "[email protected]%" MySQL user:
gcloud sql users set-password root --host=% --instance database-external --password root
#Create a user
gcloud sql users create user_name --host=% --instance=database-external --password=user_password
#Create a database
gcloud sql databases create user_database --instance=database-external
gcloud sql databases list --instance=database-external
6.b Cloud Sql-Instanz mit interner IP:
i.#Create a private connection to Google so that the VM instances in the default VPC network can use private services access to reach Google services that support it.
gcloud compute addresses create google-managed-services-my-network --global --purpose=VPC_PEERING --prefix-length=16 --description="peering range for Google" --network=default --project=con-ae-to-sql
gcloud services vpc-peerings connect --service=servicenetworking.googleapis.com --ranges=google-managed-services-my-network --network=default --project=con-ae-to-sql
#Check whether the operation was successful.
gcloud services vpc-peerings operations describe --name=operations/pssn.dacc3510-ebc6-40bd-a07b-8c79c1f4fa9a
#Listing private connections
gcloud services vpc-peerings list --network=default --project=con-ae-to-sql
ii.Create the instance:
gcloud --project=con-ae-to-sql beta sql instances create database-ipinternal --network=default --no-assign-ip --region=europe-west2
#Set the password for the "[email protected]%" MySQL user:
gcloud sql users set-password root --host=% --instance database-ipinternal --password root
#Create a user
gcloud sql users create user_name --host=% --instance=database-ipinternal --password=user_password
#Create a database
gcloud sql databases create user_database --instance=database-ipinternal
gcloud sql databases list --instance=database-ipinternal
gcloud sql instances list
gcloud sql instances describe database-external
gcloud sql instances describe database-ipinternal
#Remember the instances connectionName
OK, wir haben also zwei MySQL-Instanzen, wir verbinden uns von App Engine Standard zu database-ipinternal mit Serverless Access und TCP, von App Engine Standard zu database-external mit Unix-Domain-Socket, von App Engine Flex zu database-ipinternal mit TCP, und von App Engine Flex zu datenbankextern mit Unix-Domain-Socket.
7.Aktivieren Sie die Cloud SQL Admin API
gcloud services list --available
gcloud services enable sqladmin.googleapis.com
8. Derzeit unterstützen App Engine-Standardumgebungen keine Verbindung zur Cloud SQL-Instanz über TCP. Ihr Code sollte nicht versuchen, über eine IP-Adresse (z. B. 127.0.0.1 oder 172.17.0.1) auf die Instanz zuzugreifen, es sei denn, Sie haben den serverlosen VPC-Zugriff konfiguriert. Lassen Sie uns also den serverlosen VPC-Zugriff konfigurieren.
8.a Stellen Sie sicher, dass die serverlose VPC-Zugriffs-API für Ihr Projekt aktiviert ist:
gcloud services enable vpcaccess.googleapis.com
8.b Konnektor erstellen:
gcloud compute networks vpc-access connectors create serverless-connector --network default --region europe-west2 --range 10.10.0.0/28
#Verify that your connector is in the READY state before using it
gcloud compute networks vpc-access connectors describe serverless-connector --region europe-west2
9.App Engine verwendet ein Dienstkonto, um Ihre Verbindungen zu Cloud SQL zu autorisieren. Dieses Dienstkonto muss über die richtigen IAM-Berechtigungen verfügen, um erfolgreich eine Verbindung herzustellen. Unless otherwise configured, the default service account is in the format [email protected] nt.com. Stellen Sie sicher, dass das Dienstkonto für Ihren Dienst die folgenden IAM-Rollen hat:Cloud SQL-Client, und zum Herstellen einer Verbindung von App Engine Standard zu Cloud Sql auf einer internen IP benötigen wir auch die Rolle Compute Network User.
gcloud iam service-accounts list
gcloud projects add-iam-policy-binding con-ae-to-sql --member serviceAccount:[email protected] --role roles/cloudsql.client
gcloud projects add-iam-policy-binding con-ae-to-sql --member serviceAccount:[email protected] --role roles/compute.networkUser
Jetzt, wo ich die Einrichtung konfiguriert habe
1. Verbindung von App Engine Standard zu Cloud Sql über Tcp und Unix-Domanin-Socket
cd app-engine-standard/
ls
#app.yaml main.py requirements.txt
cat requirements.txt
Flask==1.1.1
sqlalchemy
pymysql
uwsgi==2.0.18
cat app.yaml
runtime: python37
entrypoint: uwsgi --http-socket :8080 --wsgi-file main.py --callable app --master --processes 1 --threads 2
vpc_access_connector:
name: "projects/con-ae-to-sql/locations/europe-west2/connectors/serverless-connector"
cat main.py
from flask import Flask
import pymysql
from sqlalchemy import create_engine
# If `entrypoint` is not defined in app.yaml, App Engine will look for an app
# called `app` in `main.py`.
app = Flask(__name__)
@app.route('/')
def hello():
engine_tcp = create_engine('mysql+pymysql://user_name:[email protected]:3306')
existing_databases_tcp = engine_tcp.execute("SHOW DATABASES;")
con_tcp = "Connecting from APP Engine Standard to Cloud SQL using TCP: databases => " + str([d[0] for d in existing_databases_tcp]).strip('[]') + "\n"
engine_unix_socket = create_engine('mysql+pymysql://user_name:[email protected]/user_database?unix_socket=/cloudsql/con-ae-to-sql:europe-west2:database-external')
existing_databases_unix_socket = engine_unix_socket.execute("SHOW DATABASES;")
con_unix_socket = "Connecting from APP Engine Standard to Cloud SQL using Unix Sockets: tables in sys database: => " + str([d[0] for d in existing_databases_unix_socket]).strip('[]') + "\n"
return con_tcp + con_unix_socket
gcloud app deploy -q
gcloud app browse
#Go to https://con-ae-to-sql.appspot.com
#Connecting from APP Engine Standard to Cloud SQL using TCP: databases => 'information_schema', 'user_database', 'mysql', 'performance_schema', 'sys' Connecting from APP Engine Standard to Cloud SQL using Unix Sockets: tables in sys database: => 'information_schema', 'user_database', 'mysql', 'performance_schema', 'sys'
ERFOLG!
2.Verbindung von App Engine Flex zu Cloud Sql über Tcp und Unix-Domanin-Socket
cd app-engine-flex/
ls
#app.yaml main.py requirements.txt
cat requirements.txt
Flask==1.1.1
gunicorn==19.9.0
sqlalchemy
pymysql
cat app.yaml
runtime: python
env: flex
entrypoint: gunicorn -b :$PORT main:app
runtime_config:
python_version: 3
#Using TCP and unix sockets domain
beta_settings:
cloud_sql_instances: con-ae-to-sql:europe-west2:database-ipinternal=tcp:3306,con-ae-to-sql:europe-west2:database-external
manual_scaling:
instances: 1
resources:
cpu: 1
memory_gb: 0.5
disk_size_gb: 10
cat main.py
from flask import Flask
import pymysql
from sqlalchemy import create_engine
app = Flask(__name__)
@app.route('/')
def hello():
engine_tcp = create_engine('mysql+pymysql://user_name:[email protected]:3306')
existing_databases_tcp = engine_tcp.execute("SHOW DATABASES;")
con_tcp = "Connecting from APP Engine Flex to Cloud SQL using TCP: databases => " + str([d[0] for d in existing_databases_tcp]).strip('[]') + "\n"
engine_unix_socket = create_engine('mysql+pymysql://user_name:[email protected]/user_database?unix_socket=/cloudsql/con-ae-to-sql:europe-west2:database-external')
existing_databases_unix_socket = engine_unix_socket.execute("SHOW DATABASES;")
con_unix_socket = "Connecting from APP Engine Flex to Cloud SQL using Unix Sockets: tables in sys database: => " + str([d[0] for d in existing_databases_unix_socket]).strip('[]') + "\n"
return con_tcp + con_unix_socket
gcloud app deploy -q
gcloud app browse
#Go to https://con-ae-to-sql.appspot.com
#Connecting from APP Engine Flex to Cloud SQL using TCP: databases => 'information_schema', 'marian', 'mysql', 'performance_schema', 'sys' Connecting from APP Engine Flex to Cloud SQL using Unix Sockets: tables in sys database: => 'information_schema', 'marian', 'mysql', 'performance_schema', 'sys'
ERFOLG!