Examples using the new sidecar/initContainers features in Kubernetes 1.29.

GoogleCloudPlatform / cloud-sql-proxy

A utility for connecting securely to your Cloud SQL instances

Apache License 2.0

1.27k stars 346 forks source link

Examples using the new sidecar/initContainers features in Kubernetes 1.29. #2261

Open rshade opened 3 months ago

rshade commented 3 months ago

Feature Description

Would it be possible to update the k8s examples to use the new sidecar features in Kubernetes 1.29, or possibly do a new example. It seems like the new sidecars are the right route for cloud-sql-proxy.

Sample code

I don't currently have a sample implementation.

Alternatives Considered

No response

Additional Details

No response

jackwotherspoon commented 3 months ago

Hi @rshade, this sounds like a great idea! 😄 We will definitely take a look at the sidecar features and see where we can update our examples to leverage them.

If you get to playing around with the feature before us, feel free to follow-up here with your example or even put up a PR, we always welcome external contributions 😄

Thanks again!

enocom commented 2 months ago

Here's an almost complete example for AlloyDB which would be practically identical for Cloud SQL: https://github.com/GoogleCloudPlatform/alloydb-auth-proxy/issues/662#issuecomment-2191188908

hessjcg commented 2 months ago

I agree that this is a good idea. The K8s Sidecar Container is in beta in Kubernetes 1.29. We would like to add support for this to the Proxy Operator (See https://github.com/GoogleCloudPlatform/cloud-sql-proxy-operator/issues/381) but have not committed to a timeline.

enocom commented 1 month ago

There's a nice example here too: https://github.com/GoogleCloudPlatform/cloud-sql-proxy/issues/128#issuecomment-2264787327. That shows how to properly configure the Proxy with the new sidecar feature + a startup probe.

cc @devauxbr

manueljishi commented 3 weeks ago

Hi! I have been watching the examples and I would say they all have one thing in common: They all explicitly define the sidecar containers. Is this an expected behaviour? Would AuthProxyWorkloads be able to have some configuration to implement this configuration?

jackwotherspoon commented 3 weeks ago

Is this an expected behaviour? Would AuthProxyWorkloads be able to have some configuration to implement this configuration?

Hi @manueljishi, the AuthProxyWorkload (i.e. the Cloud SQL Proxy Operator) is indeed a ready to use alternative to explicitly defining the sidecar container youself.

Some users and use cases prefer the additional flexibility and full control of defining the sidecar container and startup behavior themselves which is why we provide additional examples in this repo.

manueljishi commented 3 weeks ago

Hi @jackwotherspoon thanks for your response! I think I mixed a couple of concepts, I was referring to the features explained here

jackwotherspoon commented 3 weeks ago

@manueljishi This issue and https://github.com/GoogleCloudPlatform/cloud-sql-proxy-operator/issues/381 are for the same exact thing essentially.

This issue is for showcasing examples of using the Proxy with the new sidecar features in Kubernetes 1.29+ while the Operator issue is to add the new features in the Operator.