Need help for using cloudsql postgres from GCP as db for kubernetes based concourses installation using helm

Hello Colleagues,

I am setting up a concourse on GKE using helm charts and using cloudsql postgres as my DB.
I need some help to configure the same. Can someone guide me on how to configure it?

It would be really helpful if you can redirect me to the right documentation or what are all the steps I should have to take?

BRs, Gowrisankar

@vito Could you please help here?

I’m not going to write up full steps here but hopefully these pointers help.

Hope that helps!

Hey @gowrisankar22, what @taylorsilva pointed out is actually the exact way that we’re running our helm-based deployment :grin:

Some details:

  1. we create a .values.yaml files with the postgres credentials (and other stuff too):
secrets:
  postgresUser: myuser
  postgresPassword: mypassword
  postgresClientCert: |-
    -----BEGIN CERTIFICATE-----
    blabla
    -----END CERTIFICATE-----
  postgresClientKey: |-
    -----BEGIN RSA PRIVATE KEY-----
    bleble
    -----END RSA PRIVATE KEY-----
  postgresCaCert:
    -----BEGIN CERTIFICATE-----
    bloblo
    -----END CERTIFICATE-----
  1. create a values.yaml where we have the public configuration:
concourse:
  web:
    postgres:
      host: 1.2.3.4
      database: mydb
      sslmode: verify-ca

You can see that we have some certificates and private keys, but that’s just because we leverage TLS in our CloudSQL configuration (which, btw, you can find it here: https://github.com/concourse/hush-house/blob/master/terraform/database/main.tf

I hope that helps!

@cirocosta @taylorsilva Thanks a lot for your response. finally i made it working …

I have another question : currently, we are adding 0.0.0.0/0 in authorized networks. can we restrict this? if yes, which ips we should add ? https://github.com/concourse/hush-house/blob/master/terraform/database/main.tf#L36