Create a primary instance

This page describes how to create the primary instance in an AlloyDB cluster.

Before you begin

  • The Google Cloud project you are using must have been enabled to access AlloyDB.
  • You must have one of these IAM roles in the Google Cloud project you are using:
    • roles/alloydb.admin (the AlloyDB Admin predefined IAM role)
    • roles/owner (the Owner basic IAM role)
    • roles/editor (the Editor basic IAM role)

    If you don't have any of these roles, contact your Organization Administrator to request access.

Create an AlloyDB primary instance

Console

  1. Go to the Clusters page.

    Go to Clusters

  2. Click a cluster in the Resource Name column.

  3. In the Overview page, go to Instances in your cluster, and click Create primary instance.

  4. Configure your primary instance:

    1. In the Instance ID field, enter an ID for your primary instance.
    2. Under Zonal availability, select one of the following options:
      1. To create a highly available production instance with automated failover, select Multiple zones (Highly available).
      2. To create a basic instance that does not need to be highly available, select Single zone.

    3. Select one of the following machine series:

      • C4A (Google Axion-based machine series) (Preview)
      • N2 (x86-based machine series). This is the default machine series.

    4. Select a machine type.

      • C4A supports 1, 4, 8, 16, 32, 48, 64, and 72 machine types or shapes.
      • N2 supports 2, 4, 8, 16, 32, 64, 96, and 128 machine types or shapes.

      For more information about using the C4A Axion-based machine series, including the 1 vCPU machine type, see Considerations when using the C4A Axion-based machine series.

    5. Optional: To connect your applications and clients over the public internet, check the box Enable Public IP under Public IP Connectivity. Enabling public IP might require additional configuration to ensure a secure connection. For more information, see Connect using public IP.

      By default, private IP is always enabled. For more information, see Enable private services access.

    6. Optional: To enable and use managed connection pooling, check the box Enable managed connection pool under Managed connection pool. For more information, see Configure managed connection pooling.

    7. Optional: To set custom flags for your instance, expand Advanced configuration options, then do the following for each flag:

      1. Click Add flag.
      2. Select a flag from the New database flag list.
      3. Provide a value for the flag.
      4. Click Done.

    8. Optional: To configure SSL or connector requirements on the instance, expand Advanced configuration options, then do the following:

      1. By default, AlloyDB instances require all connections to use SSL encryption. To allow non-SSL connections, clear the Only allow SSL connections checkbox.
      2. To require that all database connections to the instance use the AlloyDB Auth Proxy or the secure connector libraries provided by Google, select Require connectors.

  5. Click Create instance.

gcloud

To use the gcloud CLI, you can install and initialize the Google Cloud CLI, or you can use Cloud Shell.

Use the gcloud alloydb instances create command to create a primary instance.

gcloud alloydb instances create INSTANCE_ID \
    --instance-type=PRIMARY \
    --cpu-count=CPU_COUNT \
    --machine-type=MACHINE_TYPE \
    --availability-type=AVAILABILITY \
    --region=REGION_ID \
    --cluster=CLUSTER_ID \
    --project=PROJECT_ID
  • INSTANCE_ID: The ID of the instance you are creating. It must begin with a lowercase letter and can contain lowercase letters, numbers, and hyphens.

  • CPU_COUNT: The number of N2 vCPUs that you want for the instance. N2 is the default. Valid values include the following:

    • 2: 2 vCPUs, 16 GB RAM
    • 4: 4 vCPUs, 32 GB RAM
    • 8: 8 vCPUs, 64 GB RAM
    • 16: 16 vCPUs, 128 GB RAM
    • 32: 32 vCPUs, 256 GB RAM
    • 64: 64 vCPUs, 512 GB RAM
    • 96: 96 vCPUs, 768 GB RAM
    • 128: 128 vCPUs, 864 GB RAM

  • MACHINE_TYPE: This parameter is optional when you deploy N2 machines. To deploy the C4A Axion-based machine series (Preview), or to migrate between C4A and N2 machines, choose this parameter with the following values.

    When you use MACHINE_TYPE and CPU_COUNT together, the values in CPU_COUNT and MACHINE_TYPE must match, otherwise you get an error.

    For the C4A Axion-based machine series, choose the machine type with following values:

    • c4a-highmem-1
    • c4a-highmem-4-lssd
    • c4a-highmem-8-lssd
    • c4a-highmem-16-lssd
    • c4a-highmem-32-lssd
    • c4a-highmem-48-lssd
    • c4a-highmem-64-lssd
    • c4a-highmem-72-lssd

    To deploy C4A with 4vCPU and higher, use the suffix lssd, to enable ultra fast cache.

    For more information about using the C4A Axion-based machine series, including the 1 vCPU machine type, see Considerations when using the C4A Axion-based machine series.

    For the N2 x86-based machine series, use the following values:

    • n2-highmem-2
    • n2-highmem-4
    • n2-highmem-8
    • n2-highmem-16
    • n2-highmem-32
    • n2-highmem-64
    • n2-highmem-96

    • n2-highmem-128

  • AVAILABILITY: Whether or not this instance should be highly available (HA), with nodes in multiple zones. Valid values include:

    • REGIONAL: Creates an HA instance with separate active and standby nodes, and automated failover between them. This is the default value, suitable for production environments.
    • ZONAL: Creates a basic instance, containing only one node, and no automated failover.

  • REGION_ID: The region where you want the instance placed. For example, us-central1.

  • CLUSTER_ID: The ID of the cluster where you want the instance placed.

  • PROJECT_ID: The ID of the project where the cluster is placed.

To apply a specific IP address range to this instance, instead of allowing AlloyDB to choose an IP address range, provide the following argument:

      --allocated-ip-range-override=OVERRIDE_RANGE_NAME

Replace OVERRIDE_RANGE_NAME with the name of the IP address range that you want this instance to use for private services access—for example: google-managed-services-default. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?.

For more information about this option, see Create an instance with a specific IP address range.

By default, new instances require all connections to use SSL encryption. To allow non-SSL connections to the instance, add the --ssl-mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED flag to the command:

gcloud alloydb instances create INSTANCE_ID \
  --instance-type=PRIMARY \
  --cpu-count=CPU_COUNT \
  --machine-type=MACHINE_TYPE \
  --region=REGION_ID \
  --cluster=CLUSTER_ID \
  --project=PROJECT_ID \
  --ssl-mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED

To enforce a secure connection between the client and an AlloyDB instance through the Auth Proxy or other applications that use Google-provided connector libraries, add the --require-connectors flag to the command:

gcloud alloydb instances create INSTANCE_ID \
  --instance-type=PRIMARY \
  --cpu-count=CPU_COUNT \
  --machine-type=MACHINE_TYPE \
  --region=REGION_ID \
  --cluster=CLUSTER_ID \
  --project=PROJECT_ID \
  --require-connectors

To enable managed connection pooling in your AlloyDB instance, add the --enable-connection-pooling flag to the gcloud alpha alloydb instances create command:

gcloud alpha alloydb instances create INSTANCE_ID \
  --instance-type=PRIMARY \
  --cpu-count=CPU_COUNT \
  --region=REGION_ID \
  --cluster=CLUSTER_ID \
  --project=PROJECT_ID \
  --enable-connection-pooling

You can also create an AlloyDB instance with Private Service Connect-enabled. For information about creating a primary instance for a Private Service Connect-enabled cluster, see Create an AlloyDB instance.

Terraform

To create an instance within your database cluster, use a Terraform resource.

resource "google_alloydb_instance" "default" {
  cluster       = google_alloydb_cluster.default.name
  instance_id   = "alloydb-instance"
  instance_type = "PRIMARY"

  machine_config {
    cpu_count = 2
  }

  network_config {
    allocated_ip_range_override = google_compute_global_address.private_ip_alloc_2.name
  }

  depends_on = [google_service_networking_connection.vpc_connection]
}

resource "google_alloydb_cluster" "default" {
  cluster_id = "alloydb-cluster"
  location   = "us-central1"
  network_config {
    network = google_compute_network.default.id
    allocated_ip_range = google_compute_global_address.private_ip_alloc_1.name
  }

  initial_user {
    password = "alloydb-cluster"
  }
}

data "google_project" "project" {}

resource "google_compute_network" "default" {
  name = "alloydb-network"
}

resource "google_compute_global_address" "private_ip_alloc" {
  name          =  "alloydb-address-range-1"
  address_type  = "INTERNAL"
  purpose       = "VPC_PEERING"
  prefix_length = 16
  network       = google_compute_network.default.id
}

resource "google_compute_global_address" "private_ip_alloc_2" {
  name          =  "alloydb-address-range-2"
  address_type  = "INTERNAL"
  purpose       = "VPC_PEERING"
  prefix_length = 16
  network       = google_compute_network.default.id
}

resource "google_service_networking_connection" "vpc_connection" {
  network                 = google_compute_network.default.id
  service                 = "servicenetworking.googleapis.com"
  reserved_peering_ranges = [google_compute_global_address.private_ip_alloc_1.name,google_compute_global_address.private_ip_alloc_2.name]
}

Prepare Cloud Shell

To apply your Terraform configuration in a Google Cloud project, prepare Cloud Shell as follows:

  1. Launch Cloud Shell.

  2. Set the default Google Cloud projectwhere you want to apply your Terraform configurations.

    You only need to run this command once per project, and you can run it in any directory.

    export GOOGLE_CLOUD_PROJECT=PROJECT_ID

    Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory, also called a root module.

  1. In Cloud Shell, create a directory and a new file within that directory. The filename must be a TF file—for example, main.tf. In this document, the file is referred to as main.tf. 
    mkdir DIRECTORY && cd DIRECTORY && touch main.tf
  2. Copy the sample code into the newly created main.tf. Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution. 
    git clone https://github.com/terraform-google-modules/terraform-docs-samples
  3. In the terraform-docs-samples directory, navigate to the alloydb directory. 
    cd terraform-docs-samples/alloydb
  4. Copy the sample code into the newly created main.tf. 
    cp SAMPLE_FILE
     Replace <var>SAMPLE_FILE</var> with the name of the sample file to copy—for example, main.tf.
  5. Review and modify the sample parameters to apply to your environment.
  6. Save your changes.
  7. Initialize Terraform. You only need to do this once per directory. 
    terraform init
     Optional: To use the latest Google provider version, include the -upgradeoption: 
    terraform init -upgrade

Apply the changes

  1. Review the configuration to confirm that the Terraform updates match your expectations: 
    terraform plan
     Make corrections to the configuration as necessary.
  2. Apply the Terraform configuration by running the following command and entering yes at the prompt: 
    terraform apply
     Wait until Terraform displays the Apply complete! message.

Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

REST v1

This example creates a primary instance. For a complete list of parameters for this call, see Method: projects.locations.clusters.instances.create. For information about cluster settings, see View cluster and instance settings.

Don't include sensitive or personally identifiable information in your cluster ID because it's externally visible. You don't need to include the project ID in the cluster name. This is done automatically where appropriate, for example, in the log files.

Before using any of the request data, make the following replacements:

  • CLUSTER_ID: the ID of the cluster that you create. It must begin with a lowercase letter and can contain lowercase letters, numbers, and hyphens.
  • PROJECT_ID: the ID of the project where you want the cluster placed.
  • LOCATION_ID: the ID of the cluster's region.
  • INSTANCE_ID: the name of the primary instance that you want to create.
  • vCPU_COUNT: the number of visible CPU cores on the instance that you want to create.

The request JSON body looks as follows:

{
  instanceId   = "INSTANCE_ID"
  instanceType = "PRIMARY"
  machineConfig {
    cpuCount = vCPU_COUNT
  }
  databaseFlags = {
    "key1" : "value1",
    "key2" : "value2"
  }
}

To send your request, save the request body in a file named request.json and use the following POST request:

POST https://alloydb.googleapis.com/v1/projects/PROJECT_ID/locations/LOCATION_ID/clusters/CLUSTER_ID/instances

What's next