Known issues

This page lists known issues with Cloud SQL for PostgreSQL, along with ways you can avoid or recover from these issues.

If you are experiencing issues with your instance, make sure you also review the information in Diagnosing Issues.

Instance connection issues

  • Expired SSL/TLS certificates

    If your instance is configured to use SSL, go to the Cloud SQL Instances page in the Cloud Console and open the instance. Open its Connections page and make sure that your server certificate is valid. If it has expired, you must add a new certificate and rotate to it.

  • Cloud SQL Auth proxy version

    If you are connecting using the Cloud SQL Auth proxy, make sure you are using the most recent version. For more information, see Keeping the Cloud SQL Auth proxy up to date.

  • Not authorized to connect

    If you try to connect to an instance that does not exist in that project, the error message only says that you are not authorized to access that instance.

  • The following only works with the default user ('postgres'): gcloud sql connect --user

    If you try to connect using this command with any other user, the error message says FATAL: database 'user' does not exist. The workaround is to connect using the default user ('postgres'), then use the "\c" psql command to reconnect as the different user.

  • PostgreSQL connections hang when IAM db proxy authentication is enabled.

    When the Cloud SQL Auth proxy is started using TCP sockets and with the -enable_iam_login flag, then a PostgreSQL client hangs during TCP connection. One workaround is to use sslmode=disable in the PostgreSQL connection string. For example:

    psql "host=127.0.0.1 dbname=postgres user=me@google.com sslmode=disable"

    Another workaround is to start the Cloud SQL Auth proxy using Unix sockets. This turns off PostgreSQL SSL encryption and lets the Cloud SQL Auth proxy do the SSL encryption instead.

Administrative issues

  • Long-running Cloud SQL instance operations cannot be cancelled or stopped

    When you start a long-running Cloud SQL instance operation, such as an import or export operation, you cannot stop the operation before it completes. In addition, only one operation can run against an instance at at time.

    For this reason, make sure you do not need to do other work on an instance when you start a long-running operation.

  • Instance names cannot be reused immediately after instance deletion

    After you delete an instance, you cannot immediately reuse the instance name, because Cloud SQL reserves that name for a few days. If you need to create and delete instances with the same name, consider using a timestamp as part of the name to avoid name conflicts.

Issues with importing and exporting data

  • Exporting many large objects cause instance to become unresponsive

    If your database contains many large objects (blobs), exporting the database can consume so much memory that the instance becomes unresponsive. This can happen even if the blobs are empty.

Issues with Query Insights

Query Insights is not supported for read replicas, even though you can enable it on a read replica.

There are two ways Query Insights might get enabled on a read replica:

  1. If you manually enable Query Insights on the read-replica.
  2. If you create a read replica of an instance that has Query Insights enabled, which enables Query Insights on the read replica automatically.

Enabling does not impact the availability of the read-replica, but you might notice the following error log periodically:

ERROR: cannot execute DROP EXTENSION in a read-only transaction

To prevent this error from showing up in the log, disable Query Insights on the read replica.

Transaction logs and disk growth

Logs are purged once daily, not continuously. When the number of days of log retention is configured to be the same as the number of backups, a day of logging might be lost, depending on when the backup occurs. For example, setting log retention to seven days and backup retention to seven backups means that between six and seven days of logs will be retained.

We recommend setting the number of backups to at least one more than the days of log retention to guarantee a minimum of specified days of log retention.