This page describes a configuration that replicatesdata from a source database server to PostgreSQL replicas. Thisconfiguration is sometimes referred to as anexternal server configuration.

The source database server can be any PostgreSQL server,including servers running on other Google Cloud services (such as Cloud SQL orCompute Engine) or on other cloud providers (such as Amazon RDS), ifthey meet the requirements. For step-by-step instructions for setting up thisconfiguration, seeReplicating from an external server.

Use cases for external server configuration

External server configuration helps you achieve the following goals:

1. Migrate your data from your self-managed PostgreSQL server to Google Cloudwith a minimum of downtime.

2. Retain colocation and control of your server while off-loading theadministration of the replicas to Cloud SQL.

   This use case is sometimes called ahybrid cloud. Replication between yourself-managed server and the Cloud SQL replica continuesindefinitely.

External replication configuration

External replication configuration includes the following instances:

• The PostgreSQL server that you manage, also called thesource database server.

• The Cloud SQL replica.

  There can be multiple replicas for a single source database server.

• Thesource representation instance.

  The source representation instance is a Cloud SQL instance thatrepresents the source database server to the Cloud SQL replica. It isvisible in the Google Cloud console and appears the same as a regularCloud SQL instance, but it contains no data, requires no configurationor maintenance, and does not affect billing.

The following diagram shows these instances:

SSL/TLS configuration

Replicating from an external server requires that all changes to the data besent between the source database server and the Cloud SQL replicas.

If the connection is made over a public network (by using IP allowlists),Google recommend using SSL/TLS encryption for the connection between the sourceand destination databases.

Cloud SQL offers the following options for SSL/TLS configuration:

• None: the Cloud SQL destination instance connects to the source database without encryption.
• Server-only authentication

Note: For information about creating certificates and keys for yourexternal server, seeSecure TCP/IP Connections with SSL.

Server-only authentication

When the replica connects to the primary instance, the replica authenticates theprimary instance. This helps make sure the replica connects to the correct hostand helps prevent on-path attacks. The primary instance doesn't authenticatethe replica.

To use server-only authentication, at replica creation time, provide thex509 PEM-encoded certificate of the certificate authority (CA) that signed theexternal server's certificate. The CA must contain only a single certificate,and it must be self signed. In other words, the Certificate Authority thatsigned the server's certificate must be a root CA.

External server SSL expiration notification

If the external server's server CA certificate is expiring, thenrotate the SSL certificates,including the server CA certificate on the on-premises instance.

For more information, seeManage SSL/TLS certificates.

Multiple replicas from the same database server

You can create multiple replicas from the same source database server. You mightwant to provide more bandwidth or create replicas in different regions.

If you're creating multiple replicas in the same region, they can all usethe same source representation instance or different ones. If you use theGoogle Cloud console to create multiple replicas, they will have differentsource representation instances.

If you're creating multiple replicas in different regions, they must havedifferent source representation instances.

You cannot create more than one replica in the same operation. As soon as youfinish creating the replica configuration for the first replica,you can startcreating the replica configuration for the otherreplicas. You don't need to wait until the first replica is completelyfunctional before starting to create other replicas.

Cascading replicas for an external server

Cascading read replicaslet you create a read replica under another read replicain the same or different region. You can add up to four levels of cascading replicas, includingthe primary instance. When you promote the replica at the top of a cascading replicahierarchy, it becomes the primary instance and its cascading replicas continue to replicate.

With external servers, you can create read replicas under an external server replicaafter migrating your data, but before promoting the external server replica toprimary. This lets you test read replica topologies before the external serverreplica is promoted.

Note: You can't directly promote a cascading read replicathat's a replica of an external server replica. First, promote the external server replica.Then, you can promote the replica of the promoted external server replica.