Issues connecting to Cloud SQL using cloudsql-proxy via Kubernetes

5/2/2018

I have a cluster with 3 pods. In each pod I have 2 containers. app which is a front end Django project and cloudsql-proxy I have followed all of the guides and I can connect to the database via the cloudsql-proxy from my computer.

However I have issues when in my container is connecting. I see this error on the cloudsql-proxy container when it receives new connections:

2018/05/01 13:45:50 Listening on 127.0.0.1:5432 for projectname-11111:europe-west1:projectname 2018/05/01 13:45:50 Ready for new connections 2018/05/01 13:46:40 New connection for "projectname-11111:europe-west1:projectname" 2018/05/01 13:46:40 couldn't connect to "projectname-11111:europe-west1:projectname": Post https://www.googleapis.com/sql/v1beta4/projects/projectname-201611/instances/projectname/createEphemeral?alt=json: private key should be a PEM or plain PKSC1 or PKCS8; parse error: asn1: syntax error: sequence truncated

Can anyone assist with this? - It looks pretty straight forward that the problem is with the key in the JSON. But I just don't understand why there would be as this was generated when creating the service account.

Here is the Json file which has been obfuscated:

{
"type": "service_account",
  "project_id": "projectname-11111",
  "private_key_id": "id",
  "private_key": "-----BEGIN PRIVATE KEY-----\nkeykeykey==\n-----END PRIVATE KEY-----\n",
  "client_email": "email@projectname-11111.iam.gserviceaccount.com",
  "client_id": "123456789",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/circleci-deployment%40projectname-11111.iam.gserviceaccount.com"
}
-- Steven Church
google-cloud-platform
google-cloud-sql
google-kubernetes-engine
kubernetes

0 Answers