Set custom per instance socket address (GoogleCloudPlatform#289)

kurtisvg · web-flow · commit fa714b45b08a · 2019-06-25T14:14:40.000-07:00
diff --git a/README.md b/README.md
@@ -19,7 +19,7 @@ cloud_sql_proxy takes a few arguments to configure what instances to connect to
   optional `-fuse_tmp` flag can specify where to place temporary files. The
   directory indicated by `-dir` is mounted.
 * `-instances="project1:region:instance1,project3:region:instance1"`: A comma-separated list
-  of instances to open inside `-dir`. Also supports exposing a tcp port instead of using Unix Domain Sockets; see examples below.
+  of instances to open inside `-dir`. Also supports exposing a tcp port and renaming the default Unix Domain Sockets; see examples below.
   Same list can be provided via INSTANCES environment variable, in case when both are provided - proxy will use command line flag.
 * `-instances_metadata=metadata_key`: Usable on [GCE](https://cloud.google.com/compute/docs/quickstart) only. The given [GCE metadata](https://cloud.google.com/compute/docs/metadata) key will be
   polled for a list of instances to open in `-dir`. The metadata key is relative from `computeMetadata/v1/`. The format for the value is the same as the 'instances' flag. A hanging-poll strategy is used, meaning that changes to
@@ -82,6 +82,14 @@ instead of passing this flag.
     ./cloud_sql_proxy -dir=/cloudsql -instances=my-project:us-central1:sql-inst=tcp:3306 &
     mysql -u root -h 127.0.0.1
 
+    # For programs which require a certain Unix Domain Socket name:
+    ./cloud_sql_proxy -dir=/cloudsql -instances=my-project:us-central1:sql-inst=unix:custom_socket_name&
+    mysql -u root -h 127.0.0.1
+
+    # For programs which require a the Unix Domain Socket at a specific location, set an absolute path (overrides -dir):
+    ./cloud_sql_proxy -dir=/cloudsql -instances=my-project:us-central1:sql-inst=unix:/my/custom/sql-socket&
+    mysql -u root -h 127.0.0.1
+
 ## To use from Kubernetes:
 
 ### Deploying Cloud SQL Proxy as a sidecar container
diff --git a/cmd/cloud_sql_proxy/cloud_sql_proxy.go b/cmd/cloud_sql_proxy/cloud_sql_proxy.go
@@ -149,6 +149,18 @@ Connection:
 
      When connecting over TCP, the -instances parameter is required.
 
+    To set a custom socket name, you can specify it as part of the instance
+	string.  The following example opens a unix socket in the directory
+	specified by -dir, which will be proxied to connect to the instance
+    'my-instance' in project 'my-project':
+
+            -instances=my-project:my-region:my-instance=unix:custom-socket-name
+
+	To override the -dir parameter, specify an absolute path as shown in the
+	following example:
+
+            -instances=my-project:my-region:my-instance=unix:/my/custom/sql-socket
+
      Supplying INSTANCES environment variable achieves the same effect.  One can
      use that to keep k8s manifest files constant across multiple environments
 
diff --git a/cmd/cloud_sql_proxy/proxy.go b/cmd/cloud_sql_proxy/proxy.go
@@ -221,62 +221,64 @@ var validNets = func() map[string]bool {
 
 func parseInstanceConfig(dir, instance string, cl *http.Client) (instanceConfig, error) {
 	var ret instanceConfig
-	eq := strings.Index(instance, "=")
-	if eq != -1 {
-		spl := strings.SplitN(instance[eq+1:], ":", 3)
-		ret.Instance = instance[:eq]
-
-		switch len(spl) {
-		default:
-			return ret, fmt.Errorf("invalid %q: expected 'project:instance=tcp:port'", instance)
-		case 2:
-			// No "host" part of the address. Be safe and assume that they want a
-			// loopback address.
-			ret.Network = spl[0]
-			addr, ok := loopbackForNet[spl[0]]
-			if !ok {
-				return ret, fmt.Errorf("invalid %q: unrecognized network %v", instance, spl[0])
+	args := strings.Split(instance, "=")
+	if len(args) > 2 {
+		return instanceConfig{}, fmt.Errorf("invalid instance argument: must be either form - `<instance_connection_string>` or `<instance_connection_string>=<options>`; invalid arg was %q", instance)
+	}
+	// Parse the instance connection name - everything before the "=".
+	ret.Instance = args[0]
+	proj, _, name := util.SplitName(ret.Instance)
+	if proj == "" || name == "" {
+		return instanceConfig{}, fmt.Errorf("invalid instance connection string: must be in the form `project:region:instance-name`; invalid name was %q", args[0])
+	}
+	if len(args) == 1 {
+		// Default to listening via unix socket in specified directory
+		ret.Network = "unix"
+		ret.Address = filepath.Join(dir, instance)
+	} else {
+		// Parse the instance options if present.
+		opts := strings.SplitN(args[1], ":", 2)
+		if len(opts) != 2 {
+			return instanceConfig{}, fmt.Errorf("invalid instance options: must be in the form `unix:/path/to/socket`, `tcp:port`, `tcp:host:port`; invalid option was %q", strings.Join(opts, ":"))
+		}
+		ret.Network = opts[0]
+		var err error
+		if ret.Network == "unix" {
+			if strings.HasPrefix(opts[1], "/") {
+				ret.Address = opts[1] // Root path.
+			} else {
+				ret.Address = filepath.Join(dir, opts[1])
 			}
-			ret.Address = fmt.Sprintf("%s:%s", addr, spl[1])
-		case 3:
-			// User provided a host and port; use that.
-			ret.Network = spl[0]
-			ret.Address = fmt.Sprintf("%s:%s", spl[1], spl[2])
+		} else {
+			ret.Address, err = parseTCPOpts(opts[0], opts[1])
 		}
-	} else {
-		sql, err := sqladmin.New(cl)
 		if err != nil {
 			return instanceConfig{}, err
 		}
-		sql.BasePath = *host
-		ret.Instance = instance
-		// Default to unix socket.
-		ret.Network = "unix"
+	}
 
-		proj, _, name := util.SplitName(instance)
-		if proj == "" || name == "" {
-			return instanceConfig{}, fmt.Errorf("invalid instance name: must be in the form `project:region:instance-name`; invalid name was %q", instance)
-		}
-		// We allow people to omit the region due to historical reasons. It'll
-		// fail later in the code if this isn't allowed, so just assume it's
-		// allowed until we actually need the region in this API call.
-		in, err := sql.Instances.Get(proj, name).Do()
-		if err != nil {
+	// Use the SQL Admin API to verify compatibility with the instance.
+	sql, err := sqladmin.New(cl)
+	if err != nil {
+		return instanceConfig{}, err
+	}
+	sql.BasePath = *host
+	inst, err := sql.Instances.Get(proj, name).Do()
+	if err != nil {
+		return instanceConfig{}, err
+	}
+	if inst.BackendType == "FIRST_GEN" {
+		logging.Errorf("WARNING: proxy client does not support first generation Cloud SQL instances.")
+		return instanceConfig{}, fmt.Errorf("%q is a first generation instance", instance)
+	}
+	// Postgres instances use a special suffix on the unix socket.
+	// See https://www.postgresql.org/docs/11/runtime-config-connection.html
+	if ret.Network == "unix" && strings.HasPrefix(strings.ToLower(inst.DatabaseVersion), "postgres") {
+		// Verify the directory exists.
+		if err := os.MkdirAll(ret.Address, 0755); err != nil {
 			return instanceConfig{}, err
 		}
-		if in.BackendType == "FIRST_GEN" {
-			logging.Errorf("WARNING: proxy client does not support first generation Cloud SQL instances.")
-			return instanceConfig{}, fmt.Errorf("%q is a first generation instance", instance)
-		}
-		if strings.HasPrefix(strings.ToLower(in.DatabaseVersion), "postgres") {
-			path := filepath.Join(dir, instance)
-			if err := os.MkdirAll(path, 0755); err != nil {
-				return instanceConfig{}, err
-			}
-			ret.Address = filepath.Join(path, ".s.PGSQL.5432")
-		} else {
-			ret.Address = filepath.Join(dir, instance)
-		}
+		ret.Address = filepath.Join(ret.Address, ".s.PGSQL.5432")
 	}
 
 	if !validNets[ret.Network] {
@@ -285,6 +287,19 @@ func parseInstanceConfig(dir, instance string, cl *http.Client) (instanceConfig,
 	return ret, nil
 }
 
+// parseTCPOpts parses the instance options when specifying tcp port options.
+func parseTCPOpts(ntwk, addrOpt string) (string, error) {
+	if strings.Contains(addrOpt, ":") {
+		return addrOpt, nil // User provided a host and port; use that.
+	}
+	// No "host" part of the address. Be safe and assume that they want a loopback address.
+	addr, ok := loopbackForNet[ntwk]
+	if !ok {
+		return "", fmt.Errorf("invalid %q:%q: unrecognized network %v", ntwk, addrOpt, ntwk)
+	}
+	return net.JoinHostPort(addr, addrOpt), nil
+}
+
 // parseInstanceConfigs calls parseInstanceConfig for each instance in the
 // provided slice, collecting errors along the way. There may be valid
 // instanceConfigs returned even if there's an error.
diff --git a/cmd/cloud_sql_proxy/proxy_test.go b/cmd/cloud_sql_proxy/proxy_test.go
@@ -111,6 +111,14 @@ func TestParseInstanceConfig(t *testing.T) {
 			"/x", "my-proj:my-reg:my-instance",
 			instanceConfig{"my-proj:my-reg:my-instance", "unix", "/x/my-proj:my-reg:my-instance"},
 			false, false,
+		}, {
+			"/x", "my-proj:my-reg:my-instance=unix:socket_name",
+			instanceConfig{"my-proj:my-reg:my-instance", "unix", "/x/socket_name"},
+			false, false,
+		}, {
+			"/x", "my-proj:my-reg:my-instance=unix:/my/custom/sql-socket",
+			instanceConfig{"my-proj:my-reg:my-instance", "unix", "/my/custom/sql-socket"},
+			false, false,
 		}, {
 			"/x", "my-proj:my-reg:my-instance=tcp:1234",
 			instanceConfig{"my-proj:my-reg:my-instance", "tcp", "[::1]:1234"},
