I am looking to deploy a Cloud Run service that has the following connections settings:
Cloud SQL Connections: 1 cloud sql instance
VPC: Network: Serverless VPC Access Connector - Route all traffic through the VPC connector
I use the following command to deploy my cloud run from a yaml file:
gcloud run services replace cloudrun.yaml --platform managed --region us-east1 --project my-project --format json
The issue that I am running into is about 75% of the time creating a new service fails with the error:
Cloud SQL connection failed. Please see https://cloud.google.com/sql/docs/mysql/connect-run for additional details: connection to Cloud SQL instance at <public-ip>:3307 failed: timed out after 10s
Note: All resources (Cloud Run, VPC, VPC Access Connector, Cloud SQL, NAT Gateway) are in us-east1. Anything that can be associated with a VPC is associated with the same VPC.
What I've found is that setting the Serverless Access Connector to Route only requests to private IPs through the VPC connector allows Cloud SQL to connect properly, but unfortunately, does not work for my application use case.
Otherwise, it is seemingly at random where I can use the exact same yaml file where only the name of the service being created is changed and 25% of the time it creates the service successfully with no errors, but a vast majority of the time I get the error mentioned above.
Turns out this is a known combination of features that does not work: https://cloud.google.com/run/docs/issues#sql-with-vpc-egress