- We assume you already read this: https://cloud.google.com/sql/docs/mysql/connect-external-app#proxy and created a service account for Cloud SQL Client
- Download cloud_sql_proxy to
/usr/local/bin - Make the following folders, all chown to
root:root: /var/run/cloud-sql-proxy/var/local/cloud-sql-proxy- Copy downloaded credential json file inside
/var/local/cloud-sql-proxy, make sure only root can read as it is credential for connection. - Copy above gist to
/lib/systemd/system/cloud-sql-proxy.service - Run
systemctl daemon-reload - Run
systemctl start cloud-sql-proxy - Profit$$$$
Last active
September 27, 2024 11:20
-
-
Save goodwill/a981c2912ae6a83761a624f657f34d9f to your computer and use it in GitHub Desktop.
Example Systemd file for starting cloud sql proxy at system start
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Install] | |
| WantedBy=multi-user.target | |
| [Unit] | |
| Description=Google Cloud Compute Engine SQL Proxy | |
| Requires=networking.service | |
| After=networking.service | |
| [Service] | |
| Type=simple | |
| WorkingDirectory=/usr/local/bin | |
| ExecStart=/usr/local/bin/cloud_sql_proxy -dir=/var/run/cloud-sql-proxy -instances=<instance_connection_name>=tcp:5432 -credential_file=/var/local/cloud_sql_proxy/<credential_json>.json | |
| Restart=always | |
| StandardOutput=journal | |
| User=root |
If you find that /var/run/cloud-sql-proxy gets deleted on reboot - add this under line 10
RuntimeDirectory=cloud-sql-proxy
This works for RHEL8/Centos8
[Install]
WantedBy=multi-user.target
[Unit]
Description=Google Cloud Compute Engine SQL Proxy
Requires=network.target
After=network.target
[Service]
Type=simple
WorkingDirectory=/usr/local/bin
ExecStart=/usr/local/bin/cloud_sql_proxy -dir=/var/run/cloud-sql-proxy -instances=prod-modpress-prj:northamerica-northeast1:prod-modpress-inst=tcp:3306
Restart=always
StandardOutput=journal
User=root
For ubuntu 20.04 this should work:
[Install]
WantedBy=multi-user.target
[Unit]
Description=Google Cloud Compute Engine SQL Proxy
Requires=network.target
After=network.target
[Service]
Type=simple
WorkingDirectory=/usr/local/bin
ExecStart=/usr/local/bin/cloud_sql_proxy -dir=/var/run/cloud-sql-proxy -instances=<instance_connection_name>=tcp:3306 -credential_file=/var/local/cloud-sql-proxy/<credential_json>.json
Restart=always
StandardOutput=journal
User=root
I've found out that Google Cloud SQL proxy has watchdog support, even though I can't find this mentioned anywhere.
What this means is you can change Type=simple to Type=notify and add WatchdogSec=10 and then any time Google Cloud SQL proxy detects a connection error it will stop informing systemd that all is well and systemd will restart it.
This happens for example when Google Cloud SQL rotates SSL certificates. Which doesn't happen often, but it does happen every once in a while. Without using watchdog the service will just keep running but it can't connect anymore. With watchdog the service will be restarted and will reconnect using the new certificates.
Scratch that, it only notifies once started, it doesn't keep pinging to indicate it's still alive :(
Hello, I appreciate this resource. Recently the cloud sql proxy has been updated to a version 2.0.0 and takes new args I was able to get this setup to work on Ubuntu 20.04 with the proxy downloaded at these instructions "https://cloud.google.com/sql/docs/postgres/sql-proxy#linux-64-bit"
[Install]
WantedBy=multi-user.target
[Unit]
Description=Google Cloud Compute Engine SQL Proxy
Requires=network.target
After=network.target
[Service]
User=root
Type=simple
WorkingDirectory=/usr/local/bin
ExecStart=/usr/local/bin/cloud-sql-proxy --credentials-file /var/local/cloud-sql-proxy/<credentials_file>.json <instance_connection_name>
Restart=always
StandardOutput=journal
I have created a wrapper for CloudSQL proxy
https://github.com/arnoldj-devops/cloudsql-proxy-pal
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For Centos 7, use the following: