--- apiVersion: v1 kind: ServiceAccount metadata: name: airflow-metadata-db namespace: airflow annotations: iam.gke.io/gcp-service-account: airflow-metadata-db@PROJECT_ID.iam.gserviceaccount.com --- apiVersion: apps/v1 kind: Deployment metadata: name: cloud-sql-proxy namespace: airflow spec: selector: matchLabels: app.kubernetes.io/name: cloud-sql-proxy template: metadata: labels: app.kubernetes.io/name: cloud-sql-proxy spec: serviceAccountName: airflow-metadata-db securityContext: runAsNonRoot: true containers: - name: cloud-sql-proxy image: us.gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.3.0-alpine args: - "PROJECT_ID:REGION:airflow-metadata" - "--private-ip" - "--address" - "0.0.0.0" - "--port" - "5432" ports: - containerPort: 5432 resources: limits: cpu: 250m memory: 512Mi ephemeral-storage: 1Gi requests: cpu: 250m memory: 512Mi ephemeral-storage: 1Gi --- apiVersion: v1 kind: Service metadata: name: airflow-metadata-db namespace: airflow spec: type: ClusterIP selector: app.kubernetes.io/name: cloud-sql-proxy ports: - port: 5432 targetPort: 5432