本页面将介绍如何为 Cloud SQL 实例配置公共 IP 连接。
简介
您可以将 Cloud SQL 实例配置为具有一个公共 IPv4 地址,并通过向该实例添加已获授权的 IP 地址,接受来自特定 IP 地址或地址范围的连接。
您不能将专用网络(例如 10.x.x.x)指定为已获授权的网络。
PostgreSQL 实例的公共 IP 地址:
IPv6:实例不支持 IPv6。
IPv4:实例具有自动分配的静态 IPv4 地址。关闭(停用)实例时,IP 地址将产生少量费用。
有关通过 IP 连接将管理客户端连接到实例的帮助信息,请参阅使用 IP 地址连接 psql 客户端 。
如果您将实例配置为使用其公共 IP 地址接受连接,请同时将其配置为使用 SSL 来保护数据安全。如需了解详情,请参阅为实例配置 SSL 。
如要为实例配置未向公共互联网公开的 IP 地址,请参阅配置专用 IP 连接 。
启用公共 IP 并添加已获授权的地址或地址范围
当您为实例启用公共 IP 时,Cloud SQL 会为该实例配置一个公共静态 IPv4 地址。启用公共 IP 后,您必须设置数据库连接授权。如需了解详情,请参阅授权选项 。
要启用公共 IP 并添加一个已获授权的地址,请执行以下操作:
控制台
在 Google Cloud Console 中,转到 Cloud SQL 实例 页面。
转到“Cloud SQL 实例”
如需打开实例的概览 页面,请点击实例名称。
从 SQL 导航菜单中选择连接 。
选择公共 IP 复选框。
点击添加网络 。
在网络 字段中,输入要允许连接的 IP 地址或地址范围。使用 CIDR 表示法 。
输入此条目的名称(可选)。
点击完成 。
点击保存 以更新实例。
gcloud
如果您还没有为实例添加一个 IPv4 地址,请先添加:
gcloud sql instances patch INSTANCE_NAME \
--assign-ip
描述实例以显示所有已获授权的现有地址:
gcloud sql instances describe INSTANCE_NAME
在 ipConfiguration 下查找 authorizedNetwork 条目,并记下您要保留的所有已获授权的地址。
更新授权网络列表,以加入您想要的所有地址。
gcloud sql instances patch INSTANCE_NAME \
--authorized-networks=IP_ADDR1 ,IP_ADDR2 ...
使用 CIDR 表示法 。
确认所做的更改:
gcloud sql instances describe INSTANCE_NAME
如果您移除某个已获授权的地址,则来自该地址的现有连接并不会 断开。若要断开现有连接,请重启实例。
REST v1
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks": [],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例,以加入您要为实例设置的所有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
network_range_1 :已获授权的 IP 地址或范围
network_range_2 :另一个已获授权的 IP 地址或范围
HTTP 方法和网址:
PATCH https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id
请求 JSON 正文:
{
"settings":
{
"ipConfiguration":
{
"authorizedNetworks":
[{"value": "network_range_1 "}, {"value": network_range_2 "}]
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X PATCH \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id "
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method PATCH ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id " | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "UPDATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/v1/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
使用 CIDR 表示法 。
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
如果您移除某个已获授权的地址,则来自该地址的现有连接并不会 断开。若要断开现有连接,请重启实例。
REST v1beta4
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks": [],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例,以加入您要为实例设置的所有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
network_range_1 :已获授权的 IP 地址或范围
network_range_2 :另一个已获授权的 IP 地址或范围
HTTP 方法和网址:
PATCH https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id
请求 JSON 正文:
{
"settings":
{
"ipConfiguration":
{
"authorizedNetworks":
[{"value": "network_range_1 "}, {"value": network_range_2 "}]
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X PATCH \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id "
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method PATCH ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id " | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "UPDATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
使用 CIDR 表示法 。
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
如果您移除某个已获授权的地址,则来自该地址的现有连接并不会 断开。若要断开现有连接,请重启实例。
移除已获授权的地址或地址范围
要移除某个授权地址,请按如下所述操作:
控制台
在 Google Cloud Console 中,转到 Cloud SQL 实例 页面。
转到“Cloud SQL 实例”
如需打开实例的概览 页面,请点击实例名称。
从 SQL 导航菜单中选择连接 。
点击要删除的地址对应的删除图标 。
点击保存 以更新实例。
gcloud
描述实例以显示所有现有授权地址:
gcloud sql instances describe INSTANCE_NAME
在 ipConfiguration 下查找 authorizedNetwork 条目,并记下您要保留的所有已获授权的地址。
更新已获授权的网络列表,以舍弃您要移除的所有地址。
gcloud sql instances patch INSTANCE_NAME \
--authorized-networks=IP_ADDR1 ,IP_ADDR2 ...
确认所做的更改:
gcloud sql instances describe INSTANCE_NAME
REST v1
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例,以加入您要保留的所有地址并舍弃您要移除的所有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
network_range_1 :要移除的已获授权的 IP 地址或网络范围
HTTP 方法和网址:
PATCH https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id
请求 JSON 正文:
{
"settings":
{
"ipConfiguration":
{
"authorizedNetworks":
[{"value": "network_range_1 "}]
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X PATCH \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id "
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method PATCH ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id " | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "UPDATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/v1/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address :IP 地址(CIDR 形式)
ip-address-name :IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address ",
"name": "ip-address-name ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
REST v1beta4
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例,以加入您要保留的所有地址并舍弃您要移除的所有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
network_range_1 :要移除的已获授权的 IP 地址或网络范围
HTTP 方法和网址:
PATCH https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id
请求 JSON 正文:
{
"settings":
{
"ipConfiguration":
{
"authorizedNetworks":
[{"value": "network_range_1 "}]
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X PATCH \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id "
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method PATCH ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id " | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "UPDATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address :IP 地址(CIDR 形式)
ip-address-name :IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address ",
"name": "ip-address-name ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
如果您移除某个已获授权的地址,则来自该地址的现有连接并不会 断开。若要断开现有连接,请重启实例。
将实例配置为拒绝所有公共 IP 连接
要将实例配置为拒绝所有公共 IP 连接,请执行以下操作:
控制台
在 Google Cloud Console 中,转到 Cloud SQL 实例 页面。
转到“Cloud SQL 实例”
如需打开实例的概览 页面,请点击实例名称。
从 SQL 导航菜单中选择连接 。
点击所有已获授权的地址对应的删除图标 。
点击保存 以更新实例。
gcloud
清除授权地址列表:
gcloud sql instances patch INSTANCE_NAME \
--clear-authorized-networks
确认所做的更改:
gcloud sql instances describe INSTANCE_NAME
REST v1
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例,以清空地址列表:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
HTTP 方法和网址:
PATCH https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id
请求 JSON 正文:
{
"settings":
{
"ipConfiguration":
{
"authorizedNetworks": []
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X PATCH \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id "
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method PATCH ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id " | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "UPDATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/v1/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks": [],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
REST v1beta4
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例,以清空地址列表:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
HTTP 方法和网址:
PATCH https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id
请求 JSON 正文:
{
"settings":
{
"ipConfiguration":
{
"authorizedNetworks": []
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X PATCH \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id "
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method PATCH ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id " | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "UPDATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks": [],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
如果您移除某个已获授权的地址,则来自该地址的现有连接并不会 断开。若要断开现有连接,请重启实例。
停用公共 IP
您可以停用公共 IP,但前提是您的实例也配置为使用专用 IP。如需启用专用 IP,请参阅将现有实例配置为使用专用 IP 。
注意 :在为某个实例停用公共 IP 后,该实例的 IPv4 地址会被释放。如果您日后为此实例重新启用公共 IP,则此实例会获得一个不同的 IPv4 地址,并且所有使用这个公共 IP 地址连接到该实例的应用都必须进行修改。 如需停用公共 IP,请按如下所述操作:
控制台
在 Google Cloud Console 中,转到 Cloud SQL 实例 页面。
转到“Cloud SQL 实例”
如需打开实例的概览 页面,请点击实例名称。
从 SQL 导航菜单中选择连接 。
取消选中公共 IP 复选框。
点击保存 以更新实例。
gcloud
更新实例:
gcloud sql instances patch INSTANCE_NAME \
--no-assign-ip
确认所做的更改:
gcloud sql instances describe INSTANCE_NAME
REST v1
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
vpc-name :您要用于实例的 VPC 网络的名称
allocated-ip-range :可选。如果指定此标志,则系统会设置为其分配 IP 地址范围的范围名称。范围名称应符合 RFC-1035
并且长度介于 1-63 个字符之间。
HTTP 方法和网址:
POST https://sqladmin.googleapis.com/v1/projects/project-id /instances
请求 JSON 正文:
{
"name": "instance-id ",
"region": "region",
"databaseVersion": "database-version",
"settings": {
"tier": "machine-type",
"ipConfiguration": {
"ipv4Enabled": false,
"privateNetwork": "projects/project-id /global/networks/vpc-name ",
"allocatedIpRange": "allocated-ip-range "
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X POST \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/v1/projects/project-id /instances"
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method POST ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/v1/projects/project-id /instances" | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "CREATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/v1/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks": [],
"ipv4Enabled": false
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
REST v1beta4
描述实例以显示所有已获授权的现有地址:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
ip-address1 :第一个 IP 地址(CIDR 形式)
ip-address-name1 :第一个 IP 地址的名称
ip-address2 :第二个 IP 地址(CIDR 形式)
ip-address-name2 :第二个 IP 地址的名称
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type 4",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks":
[
{
"value": "ip-address1 ",
"name": "ip-address-name1 ",
"kind": "sql#aclEntry"
},
{
"value": "ip-address2 ",
"name": "ip-address-name2 ",
"kind": "sql#aclEntry"
}
],
"ipv4Enabled": true
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
更新实例:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
vpc-name :您要用于实例的 VPC 网络的名称
allocated-ip-range :可选。如果指定此标志,则系统会设置为其分配 IP 地址范围的范围名称。范围名称应符合 RFC-1035
并且长度介于 1-63 个字符之间。
HTTP 方法和网址:
POST https://sqladmin.googleapis.com/v1beta4/projects/project-id /instances
请求 JSON 正文:
{
"name": "instance-id ",
"region": "region",
"databaseVersion": "database-version",
"settings": {
"tier": "machine-type",
"ipConfiguration": {
"ipv4Enabled": false,
"privateNetwork": "projects/project-id /global/networks/vpc-name ",
"allocatedIpRange": "allocated-ip-range "
}
}
}
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
curl -X POST \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ -H "Content-Type: application/json; charset=utf-8" \ -d @request.json \ "https://sqladmin.googleapis.com/v1beta4/projects/project-id /instances"
PowerShell (Windows)
将请求正文保存在名为 request.json
的文件中,然后执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method POST ` -Headers $headers ` -ContentType: "application/json; charset=utf-8" ` -InFile request.json ` -Uri "https://sqladmin.googleapis.com/v1beta4/projects/project-id /instances" | Select-Object -Expand Content
您应该会收到类似以下内容的 JSON 响应:
响应
{
"kind": "sql#operation",
"targetLink": "https://sqladmin.googleapis.com/v1/projects/project-id /instances/instance-id ",
"status": "PENDING",
"user": "user@example.com",
"insertTime": "2020-01-21T22:43:37.981Z",
"operationType": "CREATE",
"name": "operation-id ",
"targetId": "instance-id ",
"selfLink": "https://sqladmin.googleapis.com/v1/projects/project-id /operations/operation-id ",
"targetProject": "project-id "
}
确认所做的更改:
在使用任何请求数据之前,请先进行以下替换:
project-id :项目 ID
instance-id :实例 ID
machine-type :实例机器类型
zone :实例区域
HTTP 方法和网址:
GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings
如需发送您的请求,请展开以下选项之一:
curl(Linux、macOS 或 Cloud Shell)
执行以下命令:
curl -X GET \ -H "Authorization: Bearer "$(gcloud auth print-access-token) \ " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings"
PowerShell (Windows)
执行以下命令:
$cred = gcloud auth print-access-token $headers = @{ "Authorization" = "Bearer $cred" } Invoke-WebRequest ` -Method GET ` -Headers $headers ` -Uri " https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id /instances/instance-id ?fields=settings" | Select-Object -Expand Content
您应该收到类似以下内容的 JSON 响应:
响应
{
"settings":
{
"authorizedGaeApplications": [],
"tier": "machine-type ",
"kind": "sql#settings",
"availabilityType": "REGIONAL",
"pricingPlan": "PER_USE",
"replicationType": "SYNCHRONOUS",
"activationPolicy": "ALWAYS",
"ipConfiguration":
{
"privateNetwork": "projects/project-id /global/networks/default",
"authorizedNetworks": [],
"ipv4Enabled": false
},
"locationPreference":
{
"zone": "zone ",
"kind": "sql#locationPreference"
},
"dataDiskType": "PD_SSD",
"maintenanceWindow":
{
"kind": "sql#maintenanceWindow",
"hour": 0,
"day": 0
},
"backupConfiguration":
{
"startTime": "03:00",
"kind": "sql#backupConfiguration",
"enabled": true,
"binaryLogEnabled": true
},
"settingsVersion": "54",
"storageAutoResizeLimit": "0",
"storageAutoResize": true,
"dataDiskSizeGb": "10"
}
}
问题排查
问题
问题排查
Aborted connection
。
可能的问题:网络不稳定。
没有对 TCP keep-alive 命令的响应(客户端或服务器无响应,可能超载)。
超出了数据库引擎的连接生命周期,服务器终止了该连接。
应用必须能够容忍网络故障并遵循最佳做法 ,例如连接池和重试。大多数连接池程序会尽可能捕获这些错误。否则,应用必须正常重试或失败。
对于连接重试,我们建议使用以下方法:
指数退避算法 。以指数方式增加每次重试之间的时间间隔。
另外,增加随机退避时间。
结合使用这些方法有助于减少限制。
FATAL: database 'user' does not exist
。
gcloud sql connect --user
仅适用于默认的 postgres
用户。使用默认用户进行连接,然后更改用户。
您想知道是谁处于连接状态。
登录到数据库并运行以下命令:
SELECT datname,
usename,
application_name as appname,
client_addr,
state,
now() - backend_start as conn_age,
now() - state_change as last_activity_age
FROM pg_stat_activity
WHERE backend_type = 'client backend'
ORDER BY 6 DESC
LIMIT 20
后续步骤