Connecting gcp cloud run instance to filestore with terraform

Question

I'm trying to recreate the tutorial howto connect filestore to gcp cloud run with terraform.

My terraform is now,

terraform {
  required_version = ">= 1.0.0"
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "4.62.0"
    }
  }
}

# Create a VPC network
resource "google_project_service" "vpcaccess-api" {
  project = var.project_gcp_name # Replace this with your project ID in quotes
  provider = google-beta
  service = "vpcaccess.googleapis.com"
}

# VPC
resource "google_compute_network" "default" {
  name                    = "cloudrun-network"
  project                 = var.project_gcp_name
  provider                = google-beta
  auto_create_subnetworks = false
}


resource "google_vpc_access_connector" "connector" {
  name           = "vpcconn"
  provider       = google-beta
  project        = var.project_gcp_name
  region         = "us-central1"
  ip_cidr_range  = "10.8.0.0/28"
  max_throughput = 300
  network        = google_compute_network.default.name
  depends_on     = [google_project_service.vpcaccess-api]
}


resource "google_filestore_instance" "filestore_instance" {
  name     = var.filestore_instance_name
  project  = var.project_gcp_name
  location = "us-central1-a"
  tier     = var.filestore_tier

  file_shares {
    capacity_gb = var.fileshare_capacity_gb
    name        = "share1"

    nfs_export_options {
      ip_ranges   = ["10.0.0.0/24"]
      access_mode = "READ_WRITE"
    }
  }

  networks {
    network      = "cloudrun-network"
    modes        = ["MODE_IPV4"]
  }
}

resource "google_cloud_run_service" "container" {
  name     = var.service_name
  location = var.region

  metadata {
    annotations = {
      "run.googleapis.com/client-name" = "terraform"
    }
  }

  template {
    spec {
      containers {
        image = "${var.image_name}:latest"

        env {
          name  = "FILESTORE_IP_ADDRESS"
          value = google_filestore_instance.filestore_instance.networks[0].ip_addresses[0]
        }
        env {
          name  = "FILE_SHARE_NAME"
          value = "share1"
        }
        env {
          name  = "MNT_DIR"
          value = "/mnt/workdir"
        }
        env {
          name  = "LOG_LEVEL"
          value = "INFO"
        }
      }
    }

    metadata {
      annotations = {
        # Limit scale up to prevent any cost blow outs!
        "autoscaling.knative.dev/maxScale" = "5"
        # Use the VPC Connector
        #"run.googleapis.com/vpc-access-connector" = module.test-vpc-module.subnets["us-central1/serverless-subnet"].name
        "run.googleapis.com/vpc-access-connector" = "vpcconn"
        # all egress from the service should go through the VPC Connector
        "run.googleapis.com/vpc-access-egress" = "all-traffic"
      }
    }


  }
  autogenerate_revision_name = true
}

The docker is set-up in the same way as the tutorial. I just added to the run.sh command showmount -e $FILESTORE_IP_ADDRESS to debug what's happening.

The logs show the following message,

clnt_create: RPC: Unknown host

as a double check that my environment variables are properly set, I show them in my logs and see

calling: showmount -e 10.15.225.10

and

$ gcloud filestore instances describe myfilestore
createTime: '2023-05-29T17:14:23.950831835Z'
fileShares:
- capacityGb: '1024'
  name: share1
  nfsExportOptions:
  - accessMode: READ_WRITE
    ipRanges:
    - 10.0.0.0/24
    squashMode: NO_ROOT_SQUASH
name: projects/spacejam-hc-us/locations/us-central1-a/instances/myfilestore
networks:
- connectMode: DIRECT_PEERING
  ipAddresses:
  - 10.15.225.10
  modes:
  - MODE_IPV4
  network: cloudrun-network
  reservedIpRange: 10.15.225.8/29
state: READY
tier: STANDARD

Running mount -o nfs --verbose on the client shows the following message in the logs,

mount.nfs: trying text-based options 'nolock,vers=4.2,addr=10.15.225.10,clientaddr=169.254.8.1'

Client address seems wrong, how can I fix that? Any other pointers to what I may do wrong?