Console

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. Find the instance for which you want to create a replica, and then open themore actions menu next to the listing.
3. SelectCreate read replica.

   If you don't see that choice, then the instance is a replica; you can't create a replica of a replica.

4. If the instance had backups and binary logging enabled, continue with the next step. Otherwise, selectAutomate backups andEnable binary logging, clickContinue, and then clickSave and restart to restart the instance.

   Enabling binary logging causes the instance to be restarted.

5. In theCustomize your instance section of the page, update settings for your replica. Begin by clickingShow configuration options to display the groups of settings. Then, expand the desired groups to review and customize the settings. ASummary of all the options you select appears on the right. Customizing these settings is optional. Defaults are assigned in every case where no customizations are made.

   For more details about each setting, see theAbout instance settings page.

   For example, to allow other Google Cloud services, such as BigQuery, to access data in Cloud SQL and make queries against this data over an internal connection, expand theConnections group, and then deselect thePublic IP check box.

6. ClickCreate replica.

   Cloud SQL creates a backup, if needed, and creates the replica. You are returned to the instance page for the primary.

gcloud

1. Check the status of the primary instance:

   gcloudsqlinstancesdescribePRIMARY_INSTANCE_NAME

   If thedatabaseReplicationEnabled property istrue, the instance is a replica; you cannot create a replica of a replica.

2. If theenabled property underbackupConfiguration isfalse, enable backups for the primary instance now:

   gcloudsqlinstancespatchPRIMARY_INSTANCE_NAME\--backup-start-time=>HH:MM

   Thebackup-start-time parameter is specified in 24-hour time, in the UTC±00 time zone, and specifies the start of a 4-hour backup window. Backups can start any time during the backup window.
3. If thebinaryLogEnabled property isfalse, enable binary logs on the primary instance:

   gcloudsqlinstancespatchPRIMARY_INSTANCE_NAME\--enable-bin-log

   Enabling binary logs causes the instance to be restarted.
4. Create the replica:

   gcloudsqlinstancescreateREPLICA_NAME\--master-instance-name=PRIMARY_INSTANCE_NAME

   You can specify a different tier size using the--tier parameter, if needed. If you're creating a replica from a primary instance for MySQL 8.4 and later, and the Cloud SQL edition for the instance is either Enterprise or is Enterprise Plus, then you don't have to specify a value for this parameter. The replica inherits the machine type from the primary instance.

   You can specify a different region using the--region parameter.

   You can add more parameters for other instance settings. To learn more, seegcloud sql instances create.

   If the primary instance has an internal IP address only, and you want to allow other Google Cloud services, such as BigQuery, to access data in Cloud SQL and make queries against this data over an internal connection, then add the--enable-google-private-path parameter to the command.

   You must create the replica in the same VPC network as the primary instance. You can also specify anallocated-ip-range-name in that VPC network. If no range is specified, the replica is created in a random range.

• Binary logging is supported on read replica instances (MySQL 5.7 and later only. Not supported on legacy HA failover replicas). Enable binary logging on a replica with the samegcloud CLI command, using the replica's instance name instead of the primary's instance name.

  gcloudsqlinstancespatchREPLICA_INSTANCE_NAME\--enable-bin-log\--enforce-new-network-architecture

  Binary logging durability on the replica (but not on the primary) instance can be set with thesync_binlog flag, which controls how often the MySQL server synchronizes the binary log to disk.

  Backups cannot be enabled on replica instances, but binary logging can be enabled on a replica even when backups are disabled, unlike the primary.

  The binlog retention period on replica instances is automatically set to one day, unlike seven days on primary instances.

• Use theenforce-new-network-architecture flag to enforce the use of the new network architecture for the instance upon creation, even if the project isn't fully upgraded. For more details about the new network architecture and its implications, seeUpgrade an instance to the new network architecture andAllocate an IP address range.

Terraform

To create a read replica, useTerraform resource.

resource "google_sql_database_instance" "read_replica" {  name                 = "mysql-replica-instance-name"  master_instance_name = google_sql_database_instance.primary.name  region               = "europe-west4"  database_version     = "MYSQL_8_0"  replica_configuration {    failover_target = false  }  settings {    tier              = "db-n1-standard-2"    availability_type = "ZONAL"    disk_size         = "100"  }  # set `deletion_protection` to true, will ensure that one cannot accidentally delete this instance by  # use of Terraform whereas `deletion_protection_enabled` flag protects this instance at the GCP level.  deletion_protection = false}

Apply the changes

To apply your Terraform configuration in a Google Cloud project, complete the steps in the following sections.

Prepare Cloud Shell

1. LaunchCloud Shell.

2. Set the default Google Cloud project where you want to apply your Terraform configurations.

   You only need to run this command once per project, and you can run it in any directory.

   export GOOGLE_CLOUD_PROJECT=PROJECT_ID

   Environment variables are overridden if you set explicit values in the Terraform configuration file.

Prepare the directory

Each Terraform configuration file must have its own directory (alsocalled aroot module).

1. InCloud Shell, create a directory and a new file within that directory. The filename must have the.tf extension—for examplemain.tf. In this tutorial, the file is referred to asmain.tf.

   mkdirDIRECTORY && cdDIRECTORY && touch main.tf

2. If you are following a tutorial, you can copy the sample code in each section or step.

   Copy the sample code into the newly createdmain.tf.

   Optionally, copy the code from GitHub. This is recommended when the Terraform snippet is part of an end-to-end solution.

3. Review and modify the sample parameters to apply to your environment.
4. Save your changes.
5. Initialize Terraform. You only need to do this once per directory.

   terraform init

   Optionally, to use the latest Google provider version, include the-upgrade option:

   terraform init -upgrade

Apply the changes

1. Review the configuration and verify that the resources that Terraform is going to create or update match your expectations:

   terraform plan

   Make corrections to the configuration as necessary.

2. Apply the Terraform configuration by running the following command and enteringyes at the prompt:

   terraform apply

   Wait until Terraform displays the "Apply complete!" message.

3. Open your Google Cloud project to view the results. In the Google Cloud console, navigate to your resources in the UI to make sure that Terraform has created or updated them.

REST v1

1. Get the current backup configuration

   Use theget method of the instances resource to return the database version and current backup configuration for the primary.

   Before using any of the request data, make the following replacements:

   • project-id: The project ID
   • primary-instance-name: The name of the primary instance

   HTTP method and URL:

   GET https://sqladmin.googleapis.com/v1/projects/project-id/instances/primary-instance-name

   To send your request, expand one of these options:

   curl (Linux, macOS, or Cloud Shell)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

   Execute the following command:

   curl -X GET \
        -H "Authorization: Bearer $(gcloud auth print-access-token)" \
        "https://sqladmin.googleapis.com/v1/projects/project-id/instances/primary-instance-name"

   PowerShell (Windows)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

   Execute the following command:

   $cred = gcloud auth print-access-token
   $headers = @{ "Authorization" = "Bearer $cred" }
   
   Invoke-WebRequest `
       -Method GET `
       -Headers $headers `
       -Uri "https://sqladmin.googleapis.com/v1/projects/project-id/instances/primary-instance-name" | Select-Object -Expand Content

   You should receive a JSON response similar to the following:

   Response

   "backupConfiguration": {    "kind": "sql#backupConfiguration",    "startTime": "12:00",    "enabled": false,    "binaryLogEnabled": false}

2. Verify that the replication fields are set

   If eitherenabled orpointInTimeEnabled arefalse, use thepatch method of the instances resource to enable them both. In the request, specify any properties of the backup configuration that you wish to change.

   To enable backups, setenabled totrue and thestartTime to a time of day inHH:MM format. ThestartTime parameter is specified in 24-hour time, in the UTC±00 time zone, and specifies the start of a 4-hour backup window. Backups can start any time during the backup window.

   To enable point-in-time recovery, setpointInTimeEnabled totrue.

   Before using any of the request data, make the following replacements:

   • PROJECT_ID: the ID orproject number of the Google Cloud project that contains the instance
   • INSTANCE_NAME: the name of the primary or read replica instance that you're configuring for high availability
   • START_TIME: the time (in hours and minutes)

   HTTP method and URL:

   PATCH https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME

   Request JSON body:

   {  "settings":  {    "backupConfiguration":    {      "startTime": "START_TIME",      "enabled": true,      "binaryLogEnabled": true    }  }}

   To send your request, expand one of these options:

   curl (Linux, macOS, or Cloud Shell)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   curl -X PATCH \
        -H "Authorization: Bearer $(gcloud auth print-access-token)" \
        -H "Content-Type: application/json; charset=utf-8" \
        -d @request.json \
        "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME"

   PowerShell (Windows)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   $cred = gcloud auth print-access-token
   $headers = @{ "Authorization" = "Bearer $cred" }
   
   Invoke-WebRequest `
       -Method PATCH `
       -Headers $headers `
       -ContentType: "application/json; charset=utf-8" `
       -InFile request.json `
       -Uri "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME" | Select-Object -Expand Content

   You should receive a JSON response similar to the following:

   Response

   {  "kind": "sql#operation",  "targetLink": "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/INSTANCE_NAME",  "status": "PENDING",  "user": "user@example.com",  "insertTime": "2020-01-21T22:43:37.981Z",  "operationType": "UPDATE",  "name": "OPERATION_ID",  "targetId": "INSTANCE_NAME",  "selfLink": "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/operations/OPERATION_ID",  "targetProject": "PROJECT_ID"}

3. Create the read replica

   Use theinsert method of the instances resource to create the read replica. ThedatabaseVersion property must be the same as the primary. If the primary instance uses an internal IP address, you can specify anallocatedIpRange the same way as when youcreate a primary instance. If no range is specified, the replica is created in a random range. For a cross-region read replica, specify a region other than the primary instance's region.

   Before using any of the request data, make the following replacements:

   • project-id: The project ID
   • database-version: Enum version string (for example, MYSQL_8_0)
   • primary-instance-name: The name of the primary instance
   • primary-instance-region: The region of the primary instance
   • replica-region: The region of the replica instance
   • replica-name: The name of the replica instance
   • machine-type: Enum string of the machine type. For example: "db-custom-1-3840"
   • private-network: The authorized network that you're adding or selecting to create a private connection.
   You set the value of theipv4Enabled parameter tofalse because you want the Cloud SQL instance to be associated with a private IP address, not a public IP one.

   You can use thesqlNetworkArchitecture field to enforce the use of the new networkarchitecture for the instance upon creation, even if the project isn't fully upgraded.For more details about the new network architecture and its implications, seeUpgrade an instance to the new network architecture andAllocate an IP address range.

   HTTP method and URL:

   POST https://sqladmin.googleapis.com/v1/projects/project-id/instances

   Request JSON body:

   {  "masterInstanceName": "primary-instance-name",  "project": "project-id",  "databaseVersion": "database-version",  "name": "replica-name",  "region": "replica-region",  "settings":  {    "tier": "machine-type",    "settingsVersion": 0,    "ipConfiguration": {    object (IpConfiguration)  },  {  "ipv4Enabled": false,  "privateNetwork":private-network,  "requireSsl": boolean,  "authorizedNetworks": [    {      object (AclEntry)    }  ],  "allocatedIpRange": string    }  },  "sqlNetworkArchitecture": "NEW_NETWORK_ARCHITECTURE"}

   To send your request, expand one of these options:

   curl (Linux, macOS, or Cloud Shell)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   curl -X POST \
        -H "Authorization: Bearer $(gcloud auth print-access-token)" \
        -H "Content-Type: application/json; charset=utf-8" \
        -d @request.json \
        "https://sqladmin.googleapis.com/v1/projects/project-id/instances"

   PowerShell (Windows)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   $cred = gcloud auth print-access-token
   $headers = @{ "Authorization" = "Bearer $cred" }
   
   Invoke-WebRequest `
       -Method POST `
       -Headers $headers `
       -ContentType: "application/json; charset=utf-8" `
       -InFile request.json `
       -Uri "https://sqladmin.googleapis.com/v1/projects/project-id/instances" | Select-Object -Expand Content

   You should receive a JSON response similar to the following:

   Response

   {  "kind": "sql#operation",  "targetLink": "https://sqladmin.googleapis.com/v1/projects/project-id/instances/instance-id",  "status": "PENDING",  "user": "user@example.com",  "insertTime": "2020-01-21T22:43:37.981Z",  "operationType": "CREATE_REPLICA",  "name": "operation-id",  "targetId": "instance-id",  "selfLink": "https://sqladmin.googleapis.com/v1/projects/project-id/operations/operation-id",  "targetProject": "project-id"}

REST v1beta4

1. Get the current backup configuration

   Use theget method of the instances resource to return the database version and current backup configuration for the master.

   Before using any of the request data, make the following replacements:

   • project-id: The project ID
   • primary-instance-name: The name of the primary instance

   HTTP method and URL:

   GET https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances/primary-instance-name

   To send your request, expand one of these options:

   curl (Linux, macOS, or Cloud Shell)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

   Execute the following command:

   curl -X GET \
        -H "Authorization: Bearer $(gcloud auth print-access-token)" \
        "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances/primary-instance-name"

   PowerShell (Windows)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

   Execute the following command:

   $cred = gcloud auth print-access-token
   $headers = @{ "Authorization" = "Bearer $cred" }
   
   Invoke-WebRequest `
       -Method GET `
       -Headers $headers `
       -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances/primary-instance-name" | Select-Object -Expand Content

   You should receive a JSON response similar to the following:

   Response

   "backupConfiguration": {    "kind": "sql#backupConfiguration",    "startTime": "12:00",    "enabled": false,    "binaryLogEnabled": false}

2. Verify that the replication fields are set

   If eitherenabled orbinaryLogEnabled arefalse on the primary instance, use thepatch method of the instances resource to enable them both. In the request, specify any properties of the backup configuration that you want to change.

   To enable backups, setenabled totrue and thestartTime to a time of day inHH:MM format. ThestartTime parameter is specified in 24-hour time, in the UTC±00 time zone, and specifies the start of a 4-hour backup window. Backups can start any time during the backup window.

   To enable point-in-time recovery, setbinaryLogEnabled totrue on the primary instance.

   Binary logging is supported on read replica instances (MySQL 5.7 and later only). Enable binary logging on a replica with the same API, using the replica's instance ID instead of the primary's instance ID.

   Binary logging durability on the replica (but not on the primary) instance can be set with thesync_binlog flag, which controls how often the MySQL server synchronizes the binary log to disk.

   Backups cannot be enabled on replica instances, but binary logging can be enabled on a replica even when backups are disabled, unlike the primary.

   Before using any of the request data, make the following replacements:

   • PROJECT_ID: the ID orproject number of the Google Cloud project that contains the instance
   • INSTANCE_NAME: the name of the primary or read replica instance that you're configuring for high availability
   • START_TIME: the time (in hours and minutes)

   HTTP method and URL:

   PATCH https://sqladmin.googleapis.com/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME

   Request JSON body:

   {  "settings":  {    "backupConfiguration":    {      "startTime": "START_TIME",      "enabled": true,      "binaryLogEnabled": true    }  }}

   To send your request, expand one of these options:

   curl (Linux, macOS, or Cloud Shell)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   curl -X PATCH \
        -H "Authorization: Bearer $(gcloud auth print-access-token)" \
        -H "Content-Type: application/json; charset=utf-8" \
        -d @request.json \
        "https://sqladmin.googleapis.com/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME"

   PowerShell (Windows)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   $cred = gcloud auth print-access-token
   $headers = @{ "Authorization" = "Bearer $cred" }
   
   Invoke-WebRequest `
       -Method PATCH `
       -Headers $headers `
       -ContentType: "application/json; charset=utf-8" `
       -InFile request.json `
       -Uri "https://sqladmin.googleapis.com/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME" | Select-Object -Expand Content

   You should receive a JSON response similar to the following:

   Response

   {  "kind": "sql#operation",  "targetLink": "https://sqladmin.googleapis.com/v1beta4/projects/PROJECT_ID/instances/INSTANCE_NAME",  "status": "PENDING",  "user": "user@example.com",  "insertTime": "2020-01-21T22:43:37.981Z",  "operationType": "UPDATE",  "name": "OPERATION_ID",  "targetId": "INSTANCE_NAME",  "selfLink": "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/operations/OPERATION_ID",  "targetProject": "PROJECT_ID"}

3. Create the read replica

   Use theinsert method of the instances resource to create the read replica. ThedatabaseVersion property must be the same as the primary. If the primary instance uses an internal IP address, you can specify anallocatedIpRange the same way as when youcreate a primary instance. For a cross-region read replica, specify a region other than the primary instance's region.

   Before using any of the request data, make the following replacements:

   • project-id: The project ID
   • database-version: Enum version string (for example, MYSQL_8_0)
   • primary-instance-name: The name of the primary instance
   • primary-instance-region: The region of the primary instance
   • replica-region: The region of the replica instance
   • replica-name: The name of the replica instance
   • machine-type: Enum string of the machine type. For example: "db-custom-1-3840"
   • private-network: The authorized network that you're adding or selecting to create a private connection.
   You set the value of theipv4Enabled parameter tofalse because you want the Cloud SQL instance to be associated with a private IP address, not a public IP one.

   You can use thesqlNetworkArchitecture field to enforce the use of the new networkarchitecture for the instance upon creation, even if the project isn't fully upgraded.For more details about the new network architecture and its implications, seeUpgrade an instance to the new network architecture andAllocate an IP address range.

   HTTP method and URL:

   POST https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances

   Request JSON body:

   {  "masterInstanceName": "primary-instance-name",  "project": "project-id",  "databaseVersion": "database-version",  "name": "replica-name",  "region": "replica-region",  "settings":  {    "tier": "machine-type",    "settingsVersion": 0,        "ipConfiguration": {    object (IpConfiguration)  },  {  "ipv4Enabled": false,  "privateNetwork":private-network,  "requireSsl": boolean,  "authorizedNetworks": [    {      object (AclEntry)    }  ],  "allocatedIpRange": string    }      },  "sqlNetworkArchitecture": "NEW_NETWORK_ARCHITECTURE"}

   To send your request, expand one of these options:

   curl (Linux, macOS, or Cloud Shell)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login , or by usingCloud Shell, which automatically logs you into thegcloud CLI . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   curl -X POST \
        -H "Authorization: Bearer $(gcloud auth print-access-token)" \
        -H "Content-Type: application/json; charset=utf-8" \
        -d @request.json \
        "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances"

   PowerShell (Windows)

   Note: The following command assumes that you have logged in to thegcloud CLI with your user account by runninggcloud init orgcloud auth login . You can check the currently active account by runninggcloud auth list.

   Save the request body in a file namedrequest.json, and execute the following command:

   $cred = gcloud auth print-access-token
   $headers = @{ "Authorization" = "Bearer $cred" }
   
   Invoke-WebRequest `
       -Method POST `
       -Headers $headers `
       -ContentType: "application/json; charset=utf-8" `
       -InFile request.json `
       -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances" | Select-Object -Expand Content

   You should receive a JSON response similar to the following:

   Response

   {  "kind": "sql#operation",  "targetLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/instances/instance-id",  "status": "PENDING",  "user": "user@example.com",  "insertTime": "2020-01-21T22:43:37.981Z",  "operationType": "CREATE_REPLICA",  "name": "operation-id",  "targetId": "instance-id",  "selfLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/project-id/operations/operation-id",  "targetProject": "project-id"}

gcloud

To create a read replica of an instance, use thegcloud sql instances create command:

gcloudsqlinstancescreateREPLICA_INSTANCE_NAME\--master-instance-name=PRIMARY_INSTANCE_NAME\--project=PROJECT_ID\--region=REGION_NAME\--enable-private-service-connect\--allowed-psc-projects=ALLOWED_PROJECTS\--availability-type=AVAILABILITY_TYPE\--no-assign-ip

Make the following replacements:

• REPLICA_INSTANCE_NAME: the name of the replica instance.
• PRIMARY_INSTANCE_NAME: the name of the primary instance.
• PROJECT_ID: the ID orproject number of the Google Cloud project that contains the instance.
• REGION_NAME: the region name for the replica instance.

• ALLOWED_PROJECTS: a list of allowed project IDs or numbers, separated by commas. If a project isn't contained in this list, then you can't use it to create an instance and enable Private Service Connect for it.

  Cloud SQL doesn't copy the allowed projects for the primary instance over to the replica. For each replica, you must create aPrivate Service Connect endpoint. If you're using theCloud SQL Auth Proxy orCloud SQL Language Connectors, then create aDNS zone andDNS record for the replicas.

• AVAILABILITY_TYPE: enable high availability for the instance. For this parameter, specify one of the following values:
  • REGIONAL: enable high availability and is recommended for production instances. The instance fails over to another zone within your selected region.
  • ZONAL: provide no failover capability. This is the default value.

  For more information about setting and removing high availability for instances, seeConfigure an existing instance for high availability andDeactivate high availability for an instance.

REST v1

Before using any of the request data, make the following replacements:

• PRIMARY_INSTANCE_NAME: the name of the primary instance.
• PROJECT_ID: the ID orproject number of the Google Cloud project that contains the instance.
• REPLICA_INSTANCE_NAME: the name of the replica instance.
• REGION_NAME: the region name for the replica instance.
• MACHINE_TYPE: the machine type for the instance.
• AVAILABILITY_TYPE: enable high availability for the instance. For this parameter, specify one of the following values:
  • REGIONAL: enable high availability and is recommended for production instances. The instance fails over to another zone within your selected region.
  • ZONAL: provide no failover capability. This is the default value.

  For more information about setting and removing high availability for instances, seeConfigure an existing instance for high availability andDeactivate high availability for an instance.

• ALLOWED_PROJECTS: a list of allowed project IDs or numbers, separated by commas. If a project isn't contained in this list, then you can't use it to create an instance and enable Private Service Connect for it.

  Cloud SQL doesn't copy the allowed projects for the primary instance over to the replica. For each replica, you must create aPrivate Service Connect endpoint. If you're using theCloud SQL Auth proxy orCloud SQL Language Connectors, then you must create aDNS zone andDNS record for the replicas.

HTTP method and URL:

POST https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances

Request JSON body:

{  "masterInstanceName": "PRIMARY_INSTANCE_NAME",  "project": "PROJECT_ID",  "databaseVersion": "MYSQL_8_0",  "name": "REPLICA_INSTANCE_NAME",  "region": "REGION_NAME",  "kind": "sql#instance",  "settings":  {    "tier": "MACHINE_TYPE",    "availabilityType": "AVAILABILITY_TYPE",    "settingsVersion": 0,    "ipConfiguration": {      "ipv4Enabled": false,      "pscConfig": {        "allowedConsumerProjects": [ALLOWED_PROJECTS],        "pscEnabled": true      }    },    "kind": "sql#settings",    "pricingPlan": "PER_USE",    "replicationType": "ASYNCHRONOUS",    "tier": "MACHINE_TYPE"  }}

To send your request, expand one of these options:

curl -X POST \
     -H "Authorization: Bearer $(gcloud auth print-access-token)" \
     -H "Content-Type: application/json; charset=utf-8" \
     -d @request.json \
     "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances"

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method POST `
    -Headers $headers `
    -ContentType: "application/json; charset=utf-8" `
    -InFile request.json `
    -Uri "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances" | Select-Object -Expand Content

You should receive a JSON response similar to the following:

{  "kind": "sql#operation",  "targetLink": "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances/REPLICA_INSTANCE_NAME",  "status": "PENDING",  "user": "user@example.com",  "insertTime": "2020-01-16T02:32:12.281Z",  "operationType": "CREATE_REPLICA",  "name": "OPERATION_ID",  "targetId": "REPLICA_INSTANCE_NAME",  "selfLink": "https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/operations/OPERATION_ID",  "targetProject": "PROJECT_ID"}

REST v1beta4

Before using any of the request data, make the following replacements:

• PRIMARY_INSTANCE_NAME: the name of the primary instance.
• PROJECT_ID: the ID orproject number of the Google Cloud project that contains the instance.
• REPLICA_INSTANCE_NAME: the name of the replica instance.
• REGION_NAME: the region name for the replica instance.
• MACHINE_TYPE: the machine type for the instance.
• AVAILABILITY_TYPE: enable high availability for the instance. For this parameter, specify one of the following values:
  • REGIONAL: enable high availability and is recommended for production instances. The instance fails over to another zone within your selected region.
  • ZONAL: provide no failover capability. This is the default value.

  For more information about setting and removing high availability for instances, seeConfigure an existing instance for high availability andDeactivate high availability for an instance.

• ALLOWED_PROJECTS: a list of allowed project IDs or numbers, separated by commas. If a project isn't contained in this list, then you can't use it to create an instance and enable Private Service Connect for it.

  Cloud SQL doesn't copy the allowed projects for the primary instance over to the replica. For each replica, you must create aPrivate Service Connect endpoint. If you're using theCloud SQL Auth proxy orCloud SQL Language Connectors, then you must create aDNS zone andDNS record for the replicas.

HTTP method and URL:

PATCH https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances

Request JSON body:

{  "masterInstanceName": "PRIMARY_INSTANCE_NAME",  "project": "PROJECT_ID",  "databaseVersion": "MYSQL_8_0",  "name": "REPLICA_INSTANCE_NAME",  "region": "REGION_NAME",  "kind": "sql#instance",  "settings":  {    "tier": "MACHINE_TYPE",    "availabilityType": "AVAILABILITY_TYPE",    "settingsVersion": 0,    "ipConfiguration": {      "ipv4Enabled": false,      "pscConfig": {        "allowedConsumerProjects": [ALLOWED_PROJECTS],          "pscEnabled": true      }    },    "kind": "sql#settings",    "pricingPlan": "PER_USE",    "replicationType": "ASYNCHRONOUS",    "tier": "MACHINE_TYPE"  }}

To send your request, expand one of these options:

curl -X PATCH \
     -H "Authorization: Bearer $(gcloud auth print-access-token)" \
     -H "Content-Type: application/json; charset=utf-8" \
     -d @request.json \
     "https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances"

$cred = gcloud auth print-access-token
$headers = @{ "Authorization" = "Bearer $cred" }

Invoke-WebRequest `
    -Method PATCH `
    -Headers $headers `
    -ContentType: "application/json; charset=utf-8" `
    -InFile request.json `
    -Uri "https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances" | Select-Object -Expand Content

You should receive a JSON response similar to the following:

{  "kind": "sql#operation",  "targetLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/instances/REPLICA_INSTANCE_NAME",  "status": "PENDING",  "user": "user@example.com",  "insertTime": "2020-01-16T02:32:12.281Z",  "operationType": "CREATE_REPLICA",  "name": "OPERATION_ID",  "targetId": "REPLICA_INSTANCE_NAME",  "selfLink": "https://sqladmin.googleapis.com/sql/v1beta4/projects/PROJECT_ID/operations/OPERATION_ID",  "targetProject": "PROJECT_ID"}

Console

1. In the Google Cloud console, go to theCloud SQL Instances page.

   Go to Cloud SQL Instances

2. For MySQL 5.7 or later,enable replication.
3. Click theReplicas tab for the replica that will act as a parent for the replica that you want to create.
4. ClickCreate replica.
5. On theCreate read replica page, update the instance ID, and any other configuration options, including the name, region, and zone.
6. ClickCreate.

   Cloud SQL creates a replica. You're returned to the instance page for the parent replica.

7. Follow steps 4-6 for each new cascading replica that you want to create.

gcloud

1. If you're using MySQL version 5.7 or later, then enable binlogs for the primary of the new replica:
   

   gcloudsqlinstancespatch--enable-bin-logPARENT_REPLICA_NAME

   ReplacePARENT_REPLICA_NAME with the name of the parent replica.
2. Create the new replica by specifying your primary replica as the primary instance using the--master-instance-name flag:

gcloudsqlinstancescreateREPLICA_NAME\--master-instance-name=PARENT_REPLICA_NAME\

Replace the following:

• REPLICA_NAME: the unique ID for the replica that you are creating
• PARENT_REPLICA_NAME: the name of the parent replica
3. After you create the cascading replica, you can see that the changesmade to the primary instance are replicated through all the replicas inthe cascading replicas chain.

curl

1. If you are using MySQL version 5.7 or later, enable binary logging:
   
   To enable binary logging, save the following JSON in a file named request.JSON, then invoke the curl command to enable binary logging.
   

   {"settings":{"backupConfiguration":{"enabled":false,"binaryLogEnabled":true}}}

2. To create a replica under the parent replica, edit the following JSON code sample, and save it to a file calledrequest.json:

   {"masterInstanceName":"PARENT_REPLICA_NAME","project":"PROJECT_ID","name":"REPLICA_NAME","region":"REPLICA_REGION","settings":{"tier":"MACHINE_TYPE",}}

3. Run the following command:

   curl-XPOST-H"Authorization: Bearer "$(gcloudauthprint-access-token)-H"Content-Type: application/json; charset=utf-8"-d@request.json"https://sqladmin.googleapis.com/v1/projects/PROJECT_ID/instances"