🪢Cloud SQL Proxy

Summary

This sidecar container provides secure connectivity to a Google Cloud SQL instance.

This sidecar container is only used in HLN Consulting, LLC's internal environments, and SHOULD NOT be used in AIMS environments.

Attributes

Parameter

Value

Type

Sidecar

Name

cloudsql-proxy

Image

gcr.io/cloudsql-docker/gce-proxy:1.17

Image Pull Policy

Always

Command

/cloud_sql_proxy

Arguments

instances={{instanceName}}=tcp:5432
-ip_address_types=PRIVATE

Port

Security Context

Allow Privilege Escalation: false
Run as User: 1000
Run as Non-Root User: true

Endpoints

External-to-Cluster

This container does not have any external-to-cluster exposed endpoints.

Internal

This container does not have any internal endpoints.

Environment Variables

This container does not require any environment variables.

Probes

Liveness

This container does not utilize liveness probes.

Readiness

This container does not utilize readiness probes.

Startup

This container does not utilize startup probes.

Resources

CPU (in millicores)

RAM (in MiB)

Storage (in GiB)

250

128

N/A

Technology Stack

This container uses the Google Cloud SQL Proxy image, the usage of which can best be described by Google themselves:

The Cloud SQL proxy is the recommended way to connect to Cloud SQL, even when using private IP. This is because the proxy provides strong encryption and authentication using IAM, which help keep your database secure.

Volume Mounts

This container does not mount any volumes.

Workload Identity

This container requires a Pod Service Account with the following Google Cloud IAM role(s):

roles/cloudsql.client

Code Owners

Name

Organization

HLN Consulting, LLC

HLN Consulting, LLC

PreviousGC Logging for Java NextDSS

Last updated 3 years ago