Overview of the High Availability Configuration

This page is an overview of the high availability (HA) configuration for PostgreSQL instances. To configure a new or existing instance for HA, see Configuring an Instance for High Availability.

HA configuration overview

The HA configuration, sometimes called a cluster, provides data redundancy. A Cloud SQL instance configured for HA is also called a regional instance and is located in a primary and secondary zone within the configured region. Within a regional instance, the configuration is made up of a primary instance (master) and a standby instance. Through synchronous replication to each zone's persistent disk, all writes made to the primary instance are also made to the standby instance. In the event of an instance or zone failure, this configuration reduces downtime, and your data continues to be available to client applications.

Regional PD support for Cloud SQL and the Cloud SQL HA configuration are GA with full SLA coverage. An HA-configured instance is charged at double the price of a standalone instance. This includes CPU, RAM, and storage. For more information, see the pricing page.

Diagram overview of PostgreSQL HA configuration. Described in text below.

Failover overview

If an HA-configured instance becomes unresponsive, Cloud SQL automatically switches to serving data from the standby instance. This is called a failover. To see if failover has occurred, check your operation log's failover history.

Click the tabs to see how failover affects your instance.

Normal

PostgreSQL diagram of healthy instance before failover

Failover

PostgreSQL diagram of instance when failover occurs

Failback

PostgreSQL diagram of instance after failback

Process

The following process occurs:

  1. The primary instance or zone fails.

    Each second, the primary instance writes to a system database as a heartbeat signal. If multiple heartbeats aren't detected, failover is initiated. This occurs if the primary instance is unresponsive for approximately 60 seconds or the zone containing the primary instance experiences an outage.

  2. The standby instance now serves data upon reconnection.

    Through a shared static IP address with the primary instance, the standby instance now serves data from the secondary zone.

  3. Read replicas continue to serve data from a healthy zone.

Requirements

For Cloud SQL to allow a failover, the configuration must meet the following requirements:

  • The primary instance must be in a normal operating state (not stopped, undergoing maintenance, or performing a long-running operation).
  • The secondary zone must be in a healthy state.

Backups and restores

Configuring an instance for HA does not affect your need for backups or how you create them.

Applications and instances

There is no difference in working with non-HA and HA instances, so your application does not need to be configured in any particular way. When failover occurs, any existing connections to the primary instance and read replicas are closed, and it will take approximately 2-3 minutes for connections to be reestablished. Your application reconnects using the same connection string or IP address, so you do not need to update your application after failover.

To see exactly how your applications are affected by failover, you should manually initiate failover.

What's next

Was this page helpful? Let us know how we did:

Send feedback about...

Cloud SQL for PostgreSQL