Is it possible to connect to Google Cloud SQL from a Google Managed VM?

Question

Is it possible to connect to Google Cloud SQL from a Google Managed VM? With regular Google App Engine applications, I can connect by authorizing my project in the Cloud SQL console and using unix_socket='/cloudsql/' + _INSTANCE_NAME. However, the /cloudsql/ socket doesn't seem to be available on Managed VMs. Do I have to whitelist the IP of my Managed VM application? If so, how do I find the IP address to whitelist?

Answer 1

The /cloudsql/ sockets are only available in regular App Engine. Managed VMs are regular VMs so connection to Cloud SQL needs to use the external IP of that Cloud SQL instances. The external IP needs to be whitelisted. The external IP is showed in the Developers Console and can also be retrieved via gcloud CLI tool.

Two options to avoid having to whitelist the IP of the GCE VMs are:

1. Switch to use only SSL connections for IP connectivity and whitelist 0.0.0.0/0.
2. Funnel all the traffic to Cloud SQL via a VM that runs a TCP proxy (HAProxy) for example.

We are aware that none of these are very satisfying solutions. :-(