K
Q

Maven Project using spring application with google cloud Sql deploy with kubernetes

9/19/2018

I have create one Maven Project using spring application with google cloud Sql deploy with kubernetes. i use the following steps.

./mvnw -DskipTests spring-boot:run

./mvnw -DskipTests package

docker build -t gcr.io/ProjectID/app:v1 .

docker run -ti --rm -p 8080:8080 gcr.io/ProjectID/app:v1

After this docker run application running sucessfully in google cloud web preview.

gcloud docker -- push gcr.io/ProjectID/app:v1

https://console.cloud.google.com/project/ProjectID/storage/browser/

kubectl run app \
  --image=gcr.io/ProjectID/app:v1 \
  --port=8080

kubectl expose deployment app --type=LoadBalancer

kubectl get services

After This i get one external IP: http://EXTERNAL_IP:8080/

I am using below coding:

 Class.forName("com.mysql.cj.jdbc.Driver");

   String jdbcUrl = String.format(
        "jdbc:mysql://IPAddress:3306/%s?cloudSqlInstance=%s&socketFactory=com.google.cloud.sql.mysql.SocketFactory&useSSL=false", databaseName,instanceConnectionName);

  Connection connection = DriverManager.getConnection(jdbcUrl, username, password);

I am getting below error:

Start Program
Start To Connect SQL Server
2018-09-19 09:07:33.075  INFO 1 --- [nio-8080-exec-1] c.google.cloud.sql.mysql.SocketFactory   : Connecting to Cloud SQL instance [winter-dynamics-213603:us-central1:visacare].
2018-09-19 09:07:33.086  INFO 1 --- [nio-8080-exec-1] c.g.cloud.sql.mysql.SslSocketFactory     : First Cloud SQL connection, generating RSA key pair.
2018-09-19 09:07:34.344  INFO 1 --- [nio-8080-exec-1] c.g.cloud.sql.mysql.SslSocketFactory     : Obtaining ephemeral certificate for Cloud SQL instance [winter-dynamics-213603:us-central1:visacare].
2018-09-19 09:07:34.906 ERROR 1 --- [nio-8080-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet]    : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is java.sql.SQLNonTransientConnectionException: Could not create connection to database server.] with root cause

com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden
{
  "code" : 403,
  "errors" : [ {
    "domain" : "global",
2018-09-19 09:07:33.075  INFO 1 --- [nio-8080-exec-1] c.google.cloud.sql.mysql.SocketFactory   : Connecting to Cloud SQL instance [winter-dynamics-213603:us-centr
    "message" : "Insufficient Permission",
    "reason" : "insufficientPermissions"
  } ],
  "message" : "Insufficient Permission"
}
-- Acumen Care
google-kubernetes-engine

Similar Questions

Traefik & Keycloak: error SSL_ERROR_RX_RECORD_TOO_LONG
Install an ELK stack on OpenShift
Variable value as yaml key in helm chart
What is the CLI equivalent of "exposing an API" in the Kyma console
How to overwrite file in pods container in Kubernetes deployment file?

1 Answer

9/21/2018

The "insufficientPermissions" is related to scopes since your interacting with Google Cloud API. check you have provide the right scope for the the API interaction you have kubernetes engine, SQL admin, take a look on the table here. And it already answered here as well.

-- Alioua
Source: StackOverflow