来自多个VPC的Google Cloud SQL访问 [英] Google cloud SQL access from multiple VPC
问题描述
我正在尝试创建GCP postgreSQL实例,并使其可以在一个项目中从多个VPC网络进行访问.
I'm trying to create GCP postgreSQL instance and make it accessible from multiple VPC networks with in one project.
我们在4个GCP区域中拥有VM.每个区域都有其自己的VPC网络,并且所有对等体.但是,当我创建SQL实例时,我只能将其私有IP映射到一个VPC,其他实例则无法访问它.
We have VMs in 4 GCP regions. Each region has it's own VPC network and all are peered. But when I create SQL instance I can map its private IP only to one VPC, other don't have access to it.
是否要执行允许从多个VPC访问一个SQL实例的任何步骤?
Is it any steps to follow which will allow to access from multiple VPCs to one SQL instance?
推荐答案
When you configure a Cloud SQL instance to use private IP, you use private services access. Private services access is implemented as a VPC peering connection between your VPC network and the Google services VPC network where your Cloud SQL instance resides.
也就是说,目前您的方法尚不可行.VPC网络对等具有一些限制,其中之一是只能直接对等网络可以相互通信-不支持传递对等.
That said, currently your approach is not possible. VPC network peering has some restrictions, one of which is that only directly peered networks can communicate with each other- transitive peering is not supported.
由于Cloud SQL资源本身是通过VPC网络对等连接从"VPC A"访问的,因此通过VPC网络对等连接到"VPC A"的其他VPC网络无法访问这些Cloud SQL资源,因为这将违反上述限制.
As Cloud SQL resources are themselves accessed from ‘VPC A’ via a VPC network peering, other VPC networks attached to ‘VPC A’ via VPC network peering cannot access these Cloud SQL resources as this would run afoul of the aforementioned restriction.
在此注释中,已经存在针对具有Cloud SQL VPC的多个VPC对等连接的功能请求
On this note, there’s already a feature request for multiple VPC peerings with Cloud SQL VPC.
作为一种解决方法,您可以使用Cloud SQL代理创建代理VM实例.请参见 1 和
As a workaround, you could create a proxy VM instance using Cloud SQL proxy. See 1 and 2. For example, the proxy VM instance could be placed in the VPC to which your Cloud SQL instances are attached (VPC A, for example) and it would act as the Cloud SQL Proxy. VM instances in other VPCs connected to VPC A via VPC network peering could forward their SQL requests to the Cloud SQL Proxy VM instance in VPC A, which would then forward the requests to the SQL instance(s) and vice versa.
这篇关于来自多个VPC的Google Cloud SQL访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
