cloud-sql-proxy icon indicating copy to clipboard operation
cloud-sql-proxy copied to clipboard
verified publisher icon GoogleCloudPlatform

Examples using the new sidecar/initContainers features in Kubernetes 1.29.

Open rshade opened this issue 1 year ago • 9 comments

Feature Description

Would it be possible to update the k8s examples to use the new sidecar features in Kubernetes 1.29, or possibly do a new example. It seems like the new sidecars are the right route for cloud-sql-proxy.

Sample code

I don't currently have a sample implementation.

Alternatives Considered

No response

Additional Details

No response

rshade avatar Jul 04 '24 10:07 rshade

Hi @rshade, this sounds like a great idea! 😄 We will definitely take a look at the sidecar features and see where we can update our examples to leverage them.

If you get to playing around with the feature before us, feel free to follow-up here with your example or even put up a PR, we always welcome external contributions 😄

Thanks again!

jackwotherspoon avatar Jul 04 '24 14:07 jackwotherspoon

Here's an almost complete example for AlloyDB which would be practically identical for Cloud SQL: https://github.com/GoogleCloudPlatform/alloydb-auth-proxy/issues/662#issuecomment-2191188908

enocom avatar Jul 08 '24 14:07 enocom

I agree that this is a good idea. The K8s Sidecar Container is in beta in Kubernetes 1.29. We would like to add support for this to the Proxy Operator (See https://github.com/GoogleCloudPlatform/cloud-sql-proxy-operator/issues/381) but have not committed to a timeline.

hessjcg avatar Jul 10 '24 15:07 hessjcg

There's a nice example here too: https://github.com/GoogleCloudPlatform/cloud-sql-proxy/issues/128#issuecomment-2264787327. That shows how to properly configure the Proxy with the new sidecar feature + a startup probe.

cc @devauxbr

enocom avatar Aug 05 '24 15:08 enocom

Hi! I have been watching the examples and I would say they all have one thing in common: They all explicitly define the sidecar containers. Is this an expected behaviour? Would AuthProxyWorkloads be able to have some configuration to implement this configuration?

manueljishi avatar Sep 11 '24 11:09 manueljishi

Is this an expected behaviour? Would AuthProxyWorkloads be able to have some configuration to implement this configuration?

Hi @manueljishi, the AuthProxyWorkload (i.e. the Cloud SQL Proxy Operator) is indeed a ready to use alternative to explicitly defining the sidecar container youself.

Some users and use cases prefer the additional flexibility and full control of defining the sidecar container and startup behavior themselves which is why we provide additional examples in this repo.

jackwotherspoon avatar Sep 11 '24 14:09 jackwotherspoon

Hi @jackwotherspoon thanks for your response! I think I mixed a couple of concepts, I was referring to the features explained here

manueljishi avatar Sep 12 '24 06:09 manueljishi

@manueljishi This issue and https://github.com/GoogleCloudPlatform/cloud-sql-proxy-operator/issues/381 are for the same exact thing essentially.

This issue is for showcasing examples of using the Proxy with the new sidecar features in Kubernetes 1.29+ while the Operator issue is to add the new features in the Operator.

jackwotherspoon avatar Sep 12 '24 13:09 jackwotherspoon

We updated our examples in https://github.com/GoogleCloudPlatform/cloud-sql-proxy/pull/2371 to to showcase

initContainers:
    - name: cloud-sql-proxy
      restartPolicy: Always

@hessjcg to confirm if we can close this out. I wonder if we should also showcase the startup probe as seen in https://github.com/GoogleCloudPlatform/cloud-sql-proxy/issues/128#issuecomment-2264787327 as well?

jackwotherspoon avatar Jan 30 '25 02:01 jackwotherspoon