Configuring Cloud SQL

Cloud SQL is probably easy to use if you've done a lot of database administration. I haven't, so I found the process a little foreign. This chapter takes you through the one-time process of creating the database itself (as opposed to tables within it). It's an interactive process in the Google Developer Console.

Google Cloud SQL is very secure. For example, you can't get access to a database with only a user name and password. You must first register the IP address of your development (and production, of course) machine with Cloud SQL or the connection will be refused. And part of the connection string is the raw IP address of the database at Google. You don't have the luxury (or security risk) of a symbolic name.

All this makes your work a little more complicated, but this chapter takes you through everything you need to make the workflow as smooth as possible. In return, you can sleep better at night knowing that the vast majority of paths hackers would normally take to get access to your database are closed off.

Google Cloud SQL data is encrypted

A bonus for using Cloud SQL is that when your data is at rest, it is encrypted automatically by Google. On your end it will look like any other MySQL session.

This chapter shows how to:

  • Configure Google Cloud SQL to accept connections from your computer
  • Connect to your Google Cloud SQL instance
  • Perform database operations on your Google Cloud SQL instance using the mysql CLI
  • TODO: This is not nearly done

Adding an instance

You need to add a Cloud SQL database "instance" if you haven't done so already. You will give it a globally unique name (there can only be 1 such name for any Google Cloud SQL instance) so give it a little thought.

  • From the Google Developers Console, choose Go to the SQL Dashboard, then choose Create Instance.

  • Choose your Instance ID carefully because it's permanent.

  • For Region just choose whatever's closest to you, since that will provide a modest speed benefit.

  • For Tier choose whatever you can afford; I suggest the default until you have reason to believe you need something better.
  • Click the Create button.

Configuring your instance

No one can log in to Cloud SQL unless it already knows their IP address. That means you need to register each IP address from which you log in--home, work, whatever.

Keep in mind that your IP address may change frequently if your net access comes from a consumer ISP--as often as each time you log in.

Adding your IP address for access control

  • Choose Access Control > Add Item under Allowed Networks.
  • For Name, make up something like homeoffice or workroom.
  • If you don't know your IP address, see Determining your own IP address.
  • Paste in your IP address, then click the Save button.

Determining your own IP address

If you don't know your IP address, the easiest way to obtain it is to click this link:

What is my IP address

The result will look something like this if it's an old-style IPv4 address:

    172.169.255.128
    Your public IP address

Or this if it's a newer IPv6 address:

    260F:600:8100:d34:68b2:5f29:9290:a54c
    Your public IP address

Determining the IP address of your Google Cloud SQL instance

To find out the Cloud SQL instance IP address:

  • From the Google Developers Console, chose Storage > SQL.

A page showing the instances appears.

SQL Instance

  • If necessary, choose the instance link under Instance ID.

IPv6 vs. IPv4

If your IP address is IPv6 (like this: 2001:4860:4864:1:de34:1928:6ae4:7058), then you must connect to the host machine using an IPv6 address. Likewise for IPv4 address (e.g. 173.194.255.122).

If you're using an IP address to find the MySQL host, instead of this:

$ mysql -u sampleuser -h 173.194.255.122 -pFoobar1

You'd connect like this:

$ mysql -u sampleuser -h 2001:4860:4864:1:de34:1928:6ae4:7058 -pFoobar1

It is possible that a machine can have both IPv6 and IPv4 addresses at the same time.

Adding a user

  • From the Google Cloud dashboard choose Storage, then SQL.

  • Choose the name of the instance where you want to add a user. In this example, it's called dbtest but yours will be different:

SQL Instance

Details on that instance appear. Choose Users:

SQL Instance users

  • Choose Create user account and give it a name, for example, testuser, and a password if you wish. It appears quickly in the user list:

SQL instance new user added

Reference

Google Cloud SQL

Google Groups cloud-logging-announce is the place Google designated for Google Cloud SQL status announcements.

results matching ""

    No results matching ""