Unable to connect to Cloud SQL from Cloud Run after enabling private IP and turning off public IP


Kramps

I have a postgreSQL CLoud SQL instance connected via UNIX socket and getting the instance name from the Cloud Run container according to the documentation. With the public IP, this connection works fine. I wanted to turn off the public IP at the time and only have a private IP, so I won't pay for the public IP later.

When I first created the Cloud SQL instance, I only enabled the public IP. After a few days, I enabled dedicated IP. For the associated network of private IPs, I accept the defaults as the Cloud Run instance is in the same project.

When closing the public IP, my application can no longer connect to the Cloud SQL instance. I get a connection refused error:

sqlalchemy.exc.InterfaceError: (pg8000.core.InterfaceError) ('communication error', ConnectionRefusedError(111, 'Connection refused'))

As mentioned above, I did follow the instructions on the "Connecting to Cloud SQL from Cloud Run" page:

https://cloud.google.com/sql/docs/postgres/connect-run

I even ran the gcloud command to update the existing deployed revision after the public IP was turned off and only the private IP was available, but it made no difference.

Does the connection from Cloud Run to Cloud SQL require a public IP? I don't see it in the connection documentation page. Or am I missing something else when trying to switch to just having a private IP? Or do I need to create a new Cloud Instance without the public IP and follow the instructions to connect Cloud Run again via the instance anme?

Kurtif

Does the connection from Cloud Run to Cloud SQL require a public IP? I don't see it in the connection documentation page.

On the Connecting to Cloud SQL from Cloud Run page , it says "Note: These instructions require your Cloud SQL instance to be configured with a public IP address."

Private IP access is access from a virtual private cloud (VPC) . In order to access your instance through a VPC, the resource you are connecting to must be part of the VPC. Cloud Run does not currently support VPC access, so you need to use a public IP for now.

Related