Connect to Cloud SQL from GKE clusters in different VPC Networks using Private IP

Question

I have 2 separate GKE VPC-native clusters (gke1, gke2) and a Compute Engine instance (ce1), each in a separate VPC network. I would like to set up a Cloud SQL (Postgres) that can be connected from both GKE clusters (gke1, gke2) and the Compute Engine instance (ce1).

Is this possible without using the Public IP setup for Cloud SQL, perhaps using VPC Network Peering or another solution, if so how to setup such configuration?

I have done some research and I'm well aware that the documentation says the following

GKE cluster must be VPC-native and in the same VPC network as the Cloud SQL instance

But I wonder whether it could be possible using VPC Network Peering or another approach

I have found some other related questions here on SO, some are not specific for GKE and some are from a few years back so I'm not sure whether it's still valid.

Related questions I have found:

• GKE VPC Native Cluster and Connectivity to Cloud SQL
• Accessing Cloud SQL from another GCP project
• Can't access Google Cloud SQL with private IP from peered VPC network

Answer 1

In short, GKE or Compute Engine is the same thing: at the end, you always have stuff (compute engine, Cloud SQL instance or Pods) with a private IP on your VPC!

Look at my answer here

One workaround is to use shared VPC. The other solution that I have read, but never tested, is to create a VPN between the VPC. The VPN isn't considered as a network peering and you don't break the transitivity rule.