fbpx

Spring Boot on Google GKE with Cloud SQL and Kotlin

1. Introduction

In one of my past articles, we’ve learned how to deploy the Spring Boot Kotlin application to the Google Kubernetes Engine. According to your feedback, you really enjoyed it and some of you asked me to write something more about connecting to the databases in such an environment.

In the beginning, I’d like to thank you so much for the inspiration. You can be sure, that in the future I will prepare more articles on this topic.

In this guide, I’d like to show you how to deploy Spring Boot Kotlin application to the GKE with Cloud SQL using a sidecar pattern. It will be the continuation of this post, so I highly recommend spending some time checking it.

2. Create Cloud SQL Instance

As the first step, let’s head to the GCP Cloud SQL console and click the Create Instance button.

This image cotnains the screenshot from cloud sql create instance page

On the next page, let’s select the MySQL database:

Photo shows the screenshot from cloud sql select database page

Let’s provide the instance ID and root password for our database. As you can see on the below screenshot, we can also specify other things, like region, zone, or database version:

The photo shows the screenshot from configure instance info page

Finally, let’s click the Create button and start the process of creating the instance.

3. Create a Service Account

As the next step, let’s switch to the service accounts panel of the IAM management. We need to prepare the service account, which will be used later to establish the connection between the GKE and Cloud SQL.

Let’s click the Create Service Account button. Then, let’s specify the service account name and click Create:

The image contains the screenshot showing how to provide the service account name for the cloud sql service account

Nextly, let’s grant the Cloud SQL Admin Role to our service account:

The image shows the screenshot from the console showing how to add Cloud SQL Admin role to the service account

Please note: for the tutorial, we are using the admin role, but in the real-life scenarios we should always remember about the Principle of Least Privilege (POLP).

4. Enable Cloud SQL Admin API

Before we will be able to connect using the Cloud SQL Proxy, we need to enable the Cloud SQL Admin API. To do that, let’s head to the API management page and click the Enable button:

The image shows how to enable the Cloud SQL Admin API

5. Connecting Using the Cloud SQL Proxy

There are a few approaches on how to connect to our SQL instance. For a better understanding of the topic, I highly recommend checking out this Google guide.

In this tutorial, we will add the proxy to our application’s pod using the sidecar container pattern. If you would be interested in tutorials covering other ways of connection, please let me know about it.

5.1. Add Proxy Container

Let’s start by adding the proxy to the deployment file. Let’s head to the previously created deployment.yaml file and put the following config under the containers:

- image: gcr.io/cloudsql-docker/gce-proxy:1.18.0
  name: cloud-sql-proxy
  command:
    - "/cloud_sql_proxy"
    - "-instances=<PROJECT_ID>:<ZONE>:<INSTANCE_NAME>=tcp:3306"
  securityContext:
    runAsNonRoot: true

The second command in our configuration requires us to specify the list of comma-separated fully qualified instances connections names. You can check your connection name in the Cloud SQL console.

5.2. Connect Service Account

As the next step, we will provide the service account for our proxy. We will do it using GKE’s Workload Identity feature, which is the preferred method. To put it simply, we will bind the Kubernetes Service Account (KSA) to a Google Service Account (GSA).

Let’s start by enabling the Workload Identity on our existing cluster:

gcloud container clusters update  \
  --workload-pool=<PROJECT-ID>.svc.id.goog
  --zone=<ZONE>

We will need to wait for some time for the changes to be applied.

Nextly, let’s create the service-account.yaml file and put there the configuration for the KSA:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: cloud-sql-sa

And create the KSA in our cluster:

kubectl apply -f service-account.yaml

With that being done, we can enable the IAM binding between the <GSA-NAME> and <KSA-NAME>:

gcloud iam service-accounts add-iam-policy-binding \
  --role roles/iam.workloadIdentityUser \
  --member "serviceAccount:<PROJECT-ID>.svc.id.goog[<K8S-NAMESPACE>/<KSA-NAME>]" \
  <GSA-NAME>@<PROJECT-ID>.iam.gserviceaccount.com

As the next step, let’s add an annotation to <KSA-NAME> to complete the binding:

kubectl annotate serviceaccount \
   <KSA-NAME> \
   iam.gke.io/gcp-service-account=<GSA-NAME>@<PROJECT-ID>.iam.gserviceaccount.com

Finally, please make sure to specify the service account for the Kubernetes object:

spec:
  serviceAccountName: cloud-sql-sa

6. Configure Spring Boot App

After all the above steps, we can finally switch to our Spring Boot project to set up the connection.

6.1. Imports

Let’s start by adding necessary imports:

    runtimeOnly("mysql:mysql-connector-java")

As you can see, we are adding MySQL Connector dependency. If we had chosen another database in step 2, we would have to import the appropriate driver here.

6.2. Edit Application Properties

As the next step, let’s edit the application.yaml file and put the following configuration there:

spring:
  datasource:
    url: jdbc:mysql://127.0.0.1:3306/${DB_NAME}
    username: ${DB_USERNAME}
    password: ${DB_PASSWORD}

Please notice, that the environment variables should be set to, or replaced with the correct values. For the learning purposes, as the user, we can use root with the password we’ve set in step 2. Also, to create the database, we can head to the Cloud SQL Databases console.

7. Deploy Spring Boot App to GKE

As the last step, let’s deploy our application to the Google Kubernetes Engine. Let’s build and push our container with the following commands:

docker build -t spring-boot-example .
docker tag spring-boot-example gcr.io//spring-boot-example:0.0.2
docker push gcr.io//spring-boot-example:0.0.2

Please notice, that you can use the tag whatever you like. I’m just using 0.0.2 to keep it concise with the previous article.

Finally, let’s update our deployment file:

containers:
  - image: gcr.io//spring-boot-example:0.0.2

And submit our changes to the cluster:

kubectl apply -f deployment.yaml

After all, we can check the status of changes, for instance with the get pods command:

kubectl get pods

//example response
NAME                                   READY   STATUS    RESTARTS   AGE
spring-boot-example-799bb5dd97-whwdb   2/2     Running   0          55s

As you can see, the Pod is running and both containers are ready.

8. Summary

And that would be all for this article. We’ve covered step by step how to deploy the Spring Boot application to the Google Kubernetes Engine with Cloud SQL. I believe, that some of the steps may seem pretty difficult, but I can guarantee you that over time, you will get a much better understanding of this topic.

Hope you had a great time reading this article. Please remember, that you can always contact me through the fan page, group, or contact form. Don’t be afraid to ask any questions- I will be more than happy to answer them.

And of course, you can find the full source code here.

Share on facebook
Share on twitter
Share on linkedin

Leave a Comment

Your email address will not be published. Required fields are marked *

Subscribe to our Newsletter

Join the community and get free eBooks.

Image shows the covers of free ebooks accessible for newsletter subscribers.

You may opt out any time. Terms of Use and Privacy Policy

Find us also on...

Join the FREE weekly newsletter and get two free eBooks as well:

Image shows the covers of free ebooks accessible for newsletter subscribers.

You may opt out any time. Terms of Use and Privacy Policy

To make Codersee work, we log user data. By using our site, you agree to our Privacy Policy and Terms of Use.