I’m trying to set up a connection between my Google Cloud Composer environment and a MySQL database but running into issues.
Here’s what I’ve done so far:
- Created a Composer environment in GCP
- Added a new connection through the Airflow UI (Admin → Connections → Create)
- Filled in all the required fields:
- Connection ID
- Connection Type: MySQL
- Host, Schema, Username, Password, Port
- SSL configuration in the Extra field:
{
"ssl": {
"ssl_ca": "/home/airflow/gcs/data/certificates/ca-cert.pem",
"ssl_cert": "/home/airflow/gcs/data/certificates/client-certificate.pem",
"ssl_key": "/home/airflow/gcs/data/certificates/client-private-key.pem"
}
}
I’ve uploaded the SSL certificates to my Composer bucket in the data/certificates folder. SSL authentication is mandatory for my database connection.
In my DAG, I’m using this code to execute queries:
fetch_data_task = SQLExecuteQueryOperator(
task_id="fetch_database_records",
retry_on_failure=False,
conn_id=MYSQL_CONNECTION_ID,
sql="""
SELECT * FROM ...
"""
)
When I run the DAG, I get this error:
ERROR - (2003, "Can't connect to MySQL server on 'host:port' (110)")
I’ve verified the certificate paths and they seem correct. Has anyone encountered this issue before? Are there alternative approaches to establish this connection?
check your composer env’s vpc settings first. mysql connections usually fail without proper vpc peering or firewall rules. try using the internal ip instead of external if ur connecting within gcp - made a huge diff for me. the default composer network config sometimes blocks outbound mysql connections on port 3306.
Error 110 is usually a connection timeout, not an authentication problem - so your SSL certs are probably fine. I ran into this same issue when my Composer couldn’t reach MySQL because of network restrictions. Check if your MySQL database accepts connections from Composer’s IP ranges. You’ll likely need to whitelist the Composer worker IPs in your database firewall. Also double-check that MySQL is actually listening on the right port and host. If you’re using Cloud SQL, make sure network access is enabled and Composer has the right IAM permissions to connect. Try creating a simple test task that just attempts the connection without running queries - that’ll tell you if it’s a basic connectivity issue.
Connection timeout errors usually mean network issues, not SSL problems. Double-check your MySQL host configuration, especially if you’re using Cloud SQL or similar managed services; ensure you have the correct connection name format. DNS resolution can be unpredictable in Composer environments—consider connecting using the IP address rather than the hostname to determine if that’s the source of the issue. Additionally, verify that your MySQL instance doesn’t have connection limits that might be causing timeouts. As a quick test, create a simple BashOperator task that uses telnet or nc to confirm that the port is accessible from your Composer workers before attempting the actual database connection.
I’ve experienced a similar problem with the MySQL connection in Composer. The error points to network connectivity rather than SSL configuration. Make sure your Composer environment can access the MySQL server; if you’re using private IPs, enable Private Google Access. Verify the MySQL ‘Authorize networks’ setting as well, ensuring Composer’s IP range is whitelisted. Additionally, confirm that your Composer service account has the required permissions for Cloud SQL access. Testing the connection manually from a worker node using the MySQL client can help diagnose if it’s an Airflow issue or purely network-related.