-
Notifications
You must be signed in to change notification settings - Fork 345
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GKE - MySQL CloudSQL Conectivity Issue: ACCESS_TOKEN_SCOPE_INSUFFICIENT #2104
Comments
Two things:
|
Yeah, I was trying both approach and failed with both. I feel like I'm missing one or two things with either approach. if using Workload Identity is preferred, I can try to use it. When I build the cluster, if I assign a service account (from AppEngine - that works with access to Cloud SQL on AppEngine instances), then it works. When I don't assign any service account, it falls back to the default compute engine service account, and I run into the issue. Both service account have the same roles, but the compute-engine SA has some weird IAM issues. Update application.yml to use 127.0.0.1 for the database:
Here's the updated deployment.yaml file
|
I was using I appreciate your help. |
Glad to hear it. |
Question
I am trying to port a Spring Boot app from AppEngine to GKE. I've got the docker images up and running, and it launches. But in the startup an attempt is made to connect to the database and it fails.
The logtrace is:
I've gone through the documentation at
My deployment.yaml looks like:
Code
Additional Details
My application.yml looks like:
I'm lost in the pile of documentation and tutorials to get GKE to get access to MySQL instance.
The text was updated successfully, but these errors were encountered: