Expand description
§cloud-sql-connector
Cloud SQL Auth Proxy connector for Rust.
Implements the Cloud SQL connector protocol: generates an RSA keypair, calls the Cloud SQL Admin API for ephemeral certificates, and establishes TLS 1.3 connections directly to Cloud SQL instances.
§Usage
§Direct TLS connection
use std::sync::Arc;
use cloud_sql_connector::Dialer;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let dialer = Arc::new(Dialer::new("my-project", "my-instance").await?);
let mut stream = dialer.dial().await?;
Ok(())
}§Unix socket proxy
use std::path::Path;
use std::sync::Arc;
use cloud_sql_connector::{Dialer, UnixSocketServer};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let dialer = Arc::new(Dialer::new("my-project", "my-instance").await?);
let server = UnixSocketServer::new(dialer, Path::new("/tmp/cloud-sql.sock"))?;
// Socket is bound and ready to accept connections.
server.serve().await?;
Ok(())
}§TODO
- Cache connect settings (IP address, server CA cert) in the
Dialerinstead of fetching them on everydial()call. These are stable per instance and only change on failover or CA rotation. The Go connector refreshes them every ~30 minutes.
Structs§
- Dialer
- Cloud SQL Auth Proxy dialer.
- TcpServer
- TCP proxy server for a Cloud SQL instance.
- Unix
Socket Server - Unix socket proxy server for a Cloud SQL instance.
Enums§
- Error
- Cloud SQL connector errors.
- Peer
Filter - Peer connection filter for
super::TcpServer.