The Cloud SQL Auth proxy works by having a local client running in the local environment. Your application communicates with the Cloud SQL Auth proxy with the standard database protocol used by your database.
It uses a secure tunnel to communicate with its companion process running on the server. Each connection established through the Cloud SQL Auth proxy creates one connection to the Cloud SQL instance.
While the Cloud SQL Auth proxy can listen on any port, it creates outgoing or egress connections to your Cloud SQL instance only on port 3307. The user doesn’t need to configure SSL because by default Cloud SQL Auth proxy provides secure access to your instances.
Few Advantages: Uses IAM permissions and database authentication; Encrypts traffic to and from the database using TLS 1.3 with a 256-bit AES cipher.
Steps to install Google Cloud SQL Proxy on Ubuntu 22.04 | 20.04
1. Requirements
• Ubuntu Linux
• Enable Cloud SQL Admin API on GCP
• User need to provide Cloud SQL Auth proxy with Google Cloud authentication credentials
• A valid database user account and password
• Terminal access
• A non-root user with sudo rights
2. Run system update & install wget
Use the APT package manager and run the system update command to ensure your Ubuntu Linux is up to date. Also, along with that install wget
tool.
sudo apt update && sudo apt install wget
3. Download Cloud SQL Auth proxy
Well, this tool is not available in the default repository of Ubuntu 22.04 & 20.04. Therefore, we have to download the CloudSQL auth proxy manually.
wget https://dl.google.com/cloudsql/cloud_sql_proxy.linux.amd64 -O cloud_sql_proxy
4. Change cloud_sql_proxy permission
By default, the downloaded script will not be allowed to run by the system. Therefore, we have to manually change its permission and make it executable.
chmod +x cloud_sql_proxy
5. Check Version
Now, we can execute the script to check the version of the Cloud SQL Proxy and to confirm the system can execute it.
./cloud_sql_proxy -version
6. Create System Service for Cloud SQL Proxy
Well, to use the script every time we have to switch to the directory where it has been placed. However, if you want to run it as a system service with predefined cloud Instance details, create a systemd service.
Move the script to some secure location, where we won’t delete it accidentally.
sudo cp ~/cloud_sql_proxy /usr/local/bin
Now, create a service file.
sudo nano/lib/systemd/system/cloudsqlproxy.service
Copy-paste the following details.
[Install] WantedBy=multi-user.target [Unit] Description=Google Cloud Compute Engine SQL Proxy Requires=networking.service After=networking.service [Service] Type=simple WorkingDirectory=/usr/local/bin ExecStart=/usr/local/bin/cloud_sql_proxy -instances=your_gcp_project:region_of_instace:cloudsql_instance_name=tcp:3307 -credential_file=/var/credential.json Restart=always StandardOutput=journal User=root
Replace the given values with yours in the above given :
• your_gcp_project • region_of_instace e.g us-central1 • cloudsql_instance_name • port e.g 3307 or something else not used in the server.
Save the file by pressing – Ctlr+O, type Y, and then to exit the file press Ctrl+X.
7. Start the Service
Once the CloudSQL Proxy service file is created, we can start its service.
sudo systemctl daemon-reload
Start and enable the service file:
sudo systemctl start cloudsqlproxy sudo systemctl enable cloudsqlproxy
To know more about this tool, visit the official documentation page.
Other Articles:
• How to install Oracle Java 8 64-bit Ubuntu 22.04 | 20.04 LTS
• 3 Ways to Install Beekeeper Studio on Ubuntu 22.04 | 20.04 LTS
• Install Brave Browser on Ubuntu 22.04 LTS Jammy JellyFish
• How to Install Arduino IDE on Ubuntu 22.04 | 20.04