| Property | Value |
|---|---|
| Google Cloud Service Name | Cloud SQL |
| Google Cloud Service Documentation | /sql/docs/ |
| Google Cloud REST Resource Name | v1beta4.instance |
| Google Cloud REST Resource Documentation | /sql/docs/postgres/admin-api/v1beta4/instances |
| Config Connector Resource Short Names | gcpsqlinstance gcpsqlinstances sqlinstance |
| Config Connector Service Name | sqladmin.googleapis.com |
| Config Connector Resource Fully Qualified Name | sqlinstances.sql.cnrm.cloud.google.com |
| Can Be Referenced by IAMPolicy/IAMPolicyMember | No |
Custom Resource Definition Properties
Annotations
| Fields | |
|---|---|
cnrm.cloud.google.com/project-id |
|
Spec
Schema
databaseVersion: string
encryptionKMSCryptoKeyRef:
external: string
name: string
namespace: string
masterInstanceRef:
external: string
name: string
namespace: string
region: string
replicaConfiguration:
caCertificate: string
clientCertificate: string
clientKey: string
connectRetryInterval: integer
dumpFilePath: string
failoverTarget: boolean
masterHeartbeatPeriod: integer
password:
value: string
valueFrom:
secretKeyRef:
key: string
name: string
sslCipher: string
username: string
verifyServerCertificate: boolean
resourceID: string
rootPassword:
value: string
valueFrom:
secretKeyRef:
key: string
name: string
settings:
activationPolicy: string
authorizedGaeApplications:
- string
availabilityType: string
backupConfiguration:
backupRetentionSettings:
retainedBackups: integer
retentionUnit: string
binaryLogEnabled: boolean
enabled: boolean
location: string
pointInTimeRecoveryEnabled: boolean
startTime: string
transactionLogRetentionDays: integer
collation: string
crashSafeReplication: boolean
databaseFlags:
- name: string
value: string
diskAutoresize: boolean
diskAutoresizeLimit: integer
diskSize: integer
diskType: string
insightsConfig:
queryInsightsEnabled: boolean
queryStringLength: integer
recordApplicationTags: boolean
recordClientAddress: boolean
ipConfiguration:
allocatedIpRange: string
authorizedNetworks:
- expirationTime: string
name: string
value: string
ipv4Enabled: boolean
privateNetworkRef:
external: string
name: string
namespace: string
requireSsl: boolean
locationPreference:
followGaeApplication: string
zone: string
maintenanceWindow:
day: integer
hour: integer
updateTrack: string
pricingPlan: string
replicationType: string
tier: string
| Fields | |
|---|---|
|
Optional |
Immutable. The MySQL, PostgreSQL or SQL Server (beta) version to use. Supported values include MYSQL_5_6, MYSQL_5_7, MYSQL_8_0, POSTGRES_9_6, POSTGRES_10, POSTGRES_11, POSTGRES_12, POSTGRES_13, SQLSERVER_2017_STANDARD, SQLSERVER_2017_ENTERPRISE, SQLSERVER_2017_EXPRESS, SQLSERVER_2017_WEB. Database Version Policies includes an up-to-date reference of supported versions. |
|
Optional |
|
|
Optional |
Allowed value: The `name` field of a `KMSCryptoKey` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
|
|
Optional |
Allowed value: The `name` field of a `SQLInstance` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. The region the instance will sit in. Note, Cloud SQL is not available in all regions. A valid region must be provided to use this resource. If a region is not provided in the resource definition, the provider region will be used instead, but this will be an apply-time error for instances if the provider region is not supported with Cloud SQL. If you choose not to provide the region argument for this resource, make sure you understand this. |
|
Optional |
The configuration for replication. |
|
Optional |
Immutable. PEM representation of the trusted CA's x509 certificate. |
|
Optional |
Immutable. PEM representation of the replica's x509 certificate. |
|
Optional |
Immutable. PEM representation of the replica's private key. The corresponding public key in encoded in the client_certificate. |
|
Optional |
Immutable. The number of seconds between connect retries. |
|
Optional |
Immutable. Path to a SQL file in Google Cloud Storage from which replica instances are created. Format is gs://bucket/filename. |
|
Optional |
Immutable. Specifies if the replica is the failover target. If the field is set to true the replica will be designated as a failover replica. If the master instance fails, the replica instance will be promoted as the new master instance. |
|
Optional |
Immutable. Time in ms between replication heartbeats. |
|
Optional |
Immutable. Password for the replication connection. |
|
Optional |
Value of the field. Cannot be used if 'valueFrom' is specified. |
|
Optional |
Source for the field's value. Cannot be used if 'value' is specified. |
|
Optional |
Reference to a value with the given key in the given Secret in the resource's namespace. |
|
Required* |
Key that identifies the value to be extracted. |
|
Required* |
Name of the Secret to extract a value from. |
|
Optional |
Immutable. Permissible ciphers for use in SSL encryption. |
|
Optional |
Immutable. Username for replication connection. |
|
Optional |
Immutable. True if the master's common name value is checked during the SSL handshake. |
|
Optional |
Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. |
|
Optional |
Immutable. Initial root password. Required for MS SQL Server, ignored by MySQL and PostgreSQL. |
|
Optional |
Value of the field. Cannot be used if 'valueFrom' is specified. |
|
Optional |
Source for the field's value. Cannot be used if 'value' is specified. |
|
Optional |
Reference to a value with the given key in the given Secret in the resource's namespace. |
|
Required* |
Key that identifies the value to be extracted. |
|
Required* |
Name of the Secret to extract a value from. |
|
Required |
The settings to use for the database. The configuration is detailed below. |
|
Optional |
This specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND. |
|
Optional |
DEPRECATED — This property is only applicable to First Generation instances, and First Generation instances are now deprecated. see https://cloud.google.com/sql/docs/mysql/deprecation-notice for information on how to upgrade to Second Generation instances. Specifying this field has no-ops; it's recommended to remove this field from your configuration. |
|
Optional |
|
|
Optional |
The availability type of the Cloud SQL instance, high availability (REGIONAL) or single zone (ZONAL). For all instances, ensure that settings.backup_configuration.enabled is set to true. For MySQL instances, ensure that settings.backup_configuration.binary_log_enabled is set to true. For Postgres instances, ensure that settings.backup_configuration.point_in_time_recovery_enabled is set to true. |
|
Optional |
|
|
Optional |
|
|
Required* |
Number of backups to retain. |
|
Optional |
The unit that 'retainedBackups' represents. Defaults to COUNT. |
|
Optional |
True if binary logging is enabled. If settings.backup_configuration.enabled is false, this must be as well. Can only be used with MySQL. |
|
Optional |
True if backup configuration is enabled. |
|
Optional |
Location of the backup configuration. |
|
Optional |
True if Point-in-time recovery is enabled. |
|
Optional |
HH:MM format time indicating when backup configuration starts. |
|
Optional |
The number of days of transaction logs we retain for point in time restore, from 1-7. |
|
Optional |
The name of server instance collation. |
|
Optional |
DEPRECATED — This property is only applicable to First Generation instances, and First Generation instances are now deprecated. see https://cloud.google.com/sql/docs/mysql/deprecation-notice for information on how to upgrade to Second Generation instances. Specifying this field has no-ops; it's recommended to remove this field from your configuration. |
|
Optional |
|
|
Optional |
|
|
Required* |
Name of the flag. |
|
Required* |
Value of the flag. |
|
Optional |
|
|
Optional |
The maximum size, in GB, to which storage capacity can be automatically increased. The default value is 0, which specifies that there is no limit. |
|
Optional |
The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased. |
|
Optional |
The type of data disk: PD_SSD or PD_HDD. |
|
Optional |
Configuration of Query Insights. |
|
Optional |
True if Query Insights feature is enabled. |
|
Optional |
Maximum query length stored in bytes. Between 256 and 4500. Default to 1024. |
|
Optional |
True if Query Insights will record application tags from query when enabled. |
|
Optional |
True if Query Insights will record client address when enabled. |
|
Optional |
|
|
Optional |
The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?. |
|
Optional |
|
|
Optional |
|
|
Optional |
|
|
Optional |
|
|
Required* |
|
|
Optional |
Whether this Cloud SQL instance should be assigned a public IPV4 address. At least ipv4_enabled must be enabled or a private_network must be configured. |
|
Optional |
|
|
Optional |
Allowed value: The `selfLink` field of a `ComputeNetwork` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
|
|
Optional |
|
|
Optional |
A Google App Engine application whose zone to remain in. Must be in the same region as this instance. |
|
Optional |
The preferred compute engine zone. |
|
Optional |
Declares a one-hour maintenance window when an Instance can automatically restart to apply updates. The maintenance window is specified in UTC time. |
|
Optional |
Day of week (1-7), starting on Monday. |
|
Optional |
Hour of day (0-23), ignored if day not set. |
|
Optional |
Receive updates earlier (canary) or later (stable). |
|
Optional |
Pricing plan for this instance, can only be PER_USE. |
|
Optional |
DEPRECATED — This property is only applicable to First Generation instances, and First Generation instances are now deprecated. see https://cloud.google.com/sql/docs/mysql/deprecation-notice for information on how to upgrade to Second Generation instances. Specifying this field has no-ops; it's recommended to remove this field from your configuration. |
|
Required |
The machine type to use. See tiers for more details and supported versions. Postgres supports only shared-core machine types, and custom machine types such as db-custom-2-13312. See the Custom Machine Type Documentation to learn about specifying custom machine types. |
* Field is required when parent field is specified
Status
Schema
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
connectionName: string
firstIpAddress: string
ipAddress:
- ipAddress: string
timeToRetire: string
type: string
observedGeneration: integer
privateIpAddress: string
publicIpAddress: string
selfLink: string
serverCaCert:
cert: string
commonName: string
createTime: string
expirationTime: string
sha1Fingerprint: string
serviceAccountEmailAddress: string
| Fields | |
|---|---|
conditions |
Conditions represent the latest available observation of the resource's current state. |
conditions[] |
|
conditions[].lastTransitionTime |
Last time the condition transitioned from one status to another. |
conditions[].message |
Human-readable message indicating details about last transition. |
conditions[].reason |
Unique, one-word, CamelCase reason for the condition's last transition. |
conditions[].status |
Status is the status of the condition. Can be True, False, Unknown. |
conditions[].type |
Type is the type of the condition. |
connectionName |
The connection name of the instance to be used in connection strings. For example, when connecting with Cloud SQL Proxy. |
firstIpAddress |
|
ipAddress |
|
ipAddress[] |
|
ipAddress[].ipAddress |
|
ipAddress[].timeToRetire |
|
ipAddress[].type |
|
observedGeneration |
ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. |
privateIpAddress |
|
publicIpAddress |
|
selfLink |
The URI of the created resource. |
serverCaCert |
|
serverCaCert.cert |
The CA Certificate used to connect to the SQL Instance via SSL. |
serverCaCert.commonName |
The CN valid for the CA Cert. |
serverCaCert.createTime |
Creation time of the CA Cert. |
serverCaCert.expirationTime |
Expiration time of the CA Cert. |
serverCaCert.sha1Fingerprint |
SHA Fingerprint of the CA Cert. |
serviceAccountEmailAddress |
The service account email address assigned to the instance. |
Sample YAML(s)
Mysql SQL Instance
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample-mysql
spec:
databaseVersion: MYSQL_5_7
region: us-central1
settings:
tier: db-f1-micro
Mysql SQL Instance High Availability
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample-mysqlhighavailability
spec:
databaseVersion: MYSQL_5_7
region: us-central1
settings:
tier: db-g1-small
diskSize: 25
diskType: PD_SSD
availabilityType: REGIONAL
backupConfiguration:
binaryLogEnabled: true
enabled: true
Mysql SQL Instance With Replication
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample1-mysqlwithreplication
spec:
databaseVersion: MYSQL_5_7
region: us-central1
settings:
tier: db-f1-micro
backupConfiguration:
binaryLogEnabled: true
enabled: true
startTime: "18:00"
ipConfiguration:
requireSsl: true
locationPreference:
zone: us-central1-b
---
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample2-mysqlwithreplication
spec:
databaseVersion: MYSQL_5_7
region: us-central1
masterInstanceRef:
name: sqlinstance-sample1-mysqlwithreplication
replicaConfiguration:
connectRetryInterval: 30
settings:
tier: db-f1-micro
ipConfiguration:
requireSsl: true
locationPreference:
zone: us-central1-c
Postgres SQL Instance High Availability
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample-postgreshighavailability
spec:
databaseVersion: POSTGRES_9_6
region: us-central1
settings:
tier: db-custom-1-3840
availabilityType: REGIONAL
Private Ip Instance
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: sql.cnrm.cloud.google.com/v1beta1
kind: SQLInstance
metadata:
name: sqlinstance-sample-private-ip
spec:
databaseVersion: MYSQL_5_7
region: us-central1
settings:
tier: db-f1-micro
ipConfiguration:
ipv4Enabled: false
privateNetworkRef:
name: sqlinstance-dep-private-ip
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
name: sqlinstance-dep-private-ip
spec:
addressType: INTERNAL
location: global
purpose: VPC_PEERING
prefixLength: 16
networkRef:
name: sqlinstance-dep-private-ip
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
name: sqlinstance-dep-private-ip
spec:
autoCreateSubnetworks: false
---
apiVersion: servicenetworking.cnrm.cloud.google.com/v1beta1
kind: ServiceNetworkingConnection
metadata:
name: sqlinstance-dep-private-ip
spec:
networkRef:
name: sqlinstance-dep-private-ip
reservedPeeringRanges:
- name: sqlinstance-dep-private-ip
service: servicenetworking.googleapis.com