This page lists known issues with Cloud SQL for PostgreSQL, along with ways you can avoid or recover from these issues.If you are experiencing issues with your instance, make sure you also review the information in Diagnosing Issues.
Instance connection issues
Expired SSL/TLS certificates
If your instance is configured to use SSL, go to the Cloud SQL Instances page in the Google Cloud console and open the instance. Open its Connections page, select the Security tab and make sure that your server certificate is valid. If it has expired, you must add a new certificate and rotate to it.
Cloud SQL Auth proxy version
If you are connecting using the Cloud SQL Auth proxy, make sure you are using the most recent version. For more information, see Keeping the Cloud SQL Auth proxy up to date.
Not authorized to connect
If you try to connect to an instance that does not exist in that project, the error message only says that you are not authorized to access that instance.
Can't create a Cloud SQL instance
If you see the
Failed to create subnetwork. Router status is temporarily unavailable. Please try again later. Help Token: [token-ID]error message, try to create the Cloud SQL instance again.
The following only works with the default user ('postgres'):
gcloud sql connect --user
If you try to connect using this command with any other user, the error message says FATAL: database 'user' does not exist. The workaround is to connect using the default user ('postgres'), then use the
"\c"psql command to reconnect as the different user.
PostgreSQL connections hang when IAM db proxy authentication is enabled.
When the Cloud SQL Auth proxy is started using TCP sockets and with the
-enable_iam_loginflag, then a PostgreSQL client hangs during TCP connection. One workaround is to use
sslmode=disablein the PostgreSQL connection string. For example:
psql "host=127.0.0.1 dbname=postgres firstname.lastname@example.org sslmode=disable"
Another workaround is to start the Cloud SQL Auth proxy using Unix sockets. This turns off PostgreSQL SSL encryption and lets the Cloud SQL Auth proxy do the SSL encryption instead.
Long-running Cloud SQL instance operations can't be cancelled or stopped
Only one operation can run at a time on a Cloud SQL instance. For this reason, make sure you don't need to perform other operations on an instance when you start a long-running operation.
When you start a long-running Cloud SQL instance operation, such as an import or export operation, there's no way to cancel the operation without restarting the instance.
Issues with importing and exporting data
Exporting many large objects cause instance to become unresponsive
If your database contains many large objects (blobs), exporting the database can consume so much memory that the instance becomes unresponsive. This can happen even if the blobs are empty.
Cloud SQL doesn't support customized tablespaces but it does support data migration from customized tablespaces to the default tablespace,
pg_default, in destination instance. For example, if you own a tablespace named
dbspaceis located at
/home/data, after migration, all the data inside
dbspaceis migrated to the
pg_default. But Cloud SQL will not create a tablespace named "dbspace" on its disk.
If you're trying to import and export data from a large database (for example, a database that has 500 GB of data or greater), then the import and export operations might take a long time to complete. In addition, other operations (for example, the backup operation) aren't available for you to perform while the import or export is occurring. A potential option to improve the performance of the import and export process is to restore a previous backup using
gcloudor the API.
- Cloud Storage supports a maximum single-object size up five terabytes. If you have databases larger than 5TB, the export operation to Cloud Storage fails. In this case, you need to break down your export files into smaller segments.
Transaction logs and disk growth
Logs are purged once daily, not continuously. When the number of days of log retention is configured to be the same as the number of backups, a day of logging might be lost, depending on when the backup occurs. For example, setting log retention to seven days and backup retention to seven backups means that between six and seven days of logs will be retained.
We recommend setting the number of backups to at least one more than the days of log retention to guarantee a minimum of specified days of log retention.
Issues related to Cloud Monitoring or Cloud Logging
Instances with the following region names are displayed incorrectly in certain contexts, as follows:
us-central1is displayed as
europe-west1is displayed as
asia-east1is displayed as
This issue occurs in the following contexts:
- Alerting in Cloud Monitoring
- Metrics Explorer
- Cloud Logging
You can mitigate the issue for Alerting in Cloud Monitoring, and for Metrics
Explorer, by using
Resource metadata labels.
Use the system metadata label
region instead of the
monitored resource label