MySQL Connection Timed Out on Flask/GCP


I’ve been setting up a Docker container, which is running on Google Cloud Platform Compute Engine (micro instance). The application itself is a relatively simple Python Flask API, which needs to connect to an external AWS server, which has a MySQL database running.

The OS is the container-optimized OS (version 73-11647.559.0 stable, Kernel: ChromiumOS-4.14.174 Kubernetes: 1.13.3 Docker: 18.09.7)

The issue I’m facing is that the application will always throw a:

pymysql.err.OperationalError: (2003, “Can’t connect to MySQL server on ‘host’ (timed out)”)

The SQL server is running on the default 3306 port. I even created a new MySQL user with access from any host IP to test this, and it still doesn’t work. Running the Flask app locally (outside of a docker container) works perfectly.
I noticed that I originally was missing the 3306:3306 line under ports, but even after adding that, it still fails.
I also noticed the Firewall ports weren’t open on GCP, but after opening these to all, and enabling logs, it still doesn’t work, and there’s apparently no logs, which leads me to believe Docker isn’t routing the traffic from the container.
On the AWS side, I’ve added an inbound/outbound rule in EC2 Security group to the GCP external IP, but I wonder now if the external IP address from the Docker container is different to the external IP of the GCP instance itself? This is my first time using docker and GCP so I’m not really sure on those details.

Here’s my Dockerfile:

FROM python:3.7
MAINTAINER Mike B "email"

COPY ./requirements.txt /app/requirements.txt
COPY . /app
RUN pip install -r requirements.txt


My docker-compose.yml file:

version: "3"
    build: .
    - "80:5000"
    - "3306:3306"
    container_name: "tmg_api_services"

And here’s the connection snippet:

from flaskext import mysql
def __init__(self, app: Flask):
    self._app = app
    self._db = mysql.MySQL(self._app)
    self._connection = self._db.connect()

I’ve probably missed some information, let me know if you need anything else.
Any help would be greatly appreciated!

Now I feel daft… for some reason I was under the impression that the GCP instance already had a static IP address, turns out that the IP was still dynamic… so the rule that I had created to allow the traffic into the AWS server was now invalid, because the GCP instance changed IP.

If anyone has any problems like the one I mentioned, check your external IPs are definitely static! I know, it sounds obvious now :stuck_out_tongue: