Cross-regional replica for Cloud SQL
Google has officially introduced its Cross-Regional capabilites - as it was announed on their official site (link in the description below)
What is a cross-region replica for Cloud SQL?
Cross-region replica makes it easy to create a fully managed read replica in a different region than that of the primary instance. You can create a replica in any Google Cloud region
Having cross regional replicas come with its benefits and, can be summarised to four main notes taken by Google Cloud;
- Minimize recovery point objective (RPO): A cross-region replica is a copy of the primary that reflects changes to the primary instance in almost real time, so data loss is very small in the event of a Google Cloud region failure.
- Minimize recovery time objective (RTO): Cross-region replica maintains an online copy of your data in another region. In the event of Google Cloud region failure, a replica can be promoted within minutes.
- Make globally distributed applications faster: Read replicas are closer to their application in another region.
- Migrate data between regions: Use cross-region replicas to minimize downtime when moving data between regions.
The addition also comes with security benefits, listed by Google in their official documentation as below;
- Easily set up, maintain, manage, and administer replicas in any region on Google Cloud.
Google Cloud Networking
- Creating a cross-region replica requires no networking setup. Global VPC uses private IP for replication traffic between regions—eliminating the need of complex VPN and VPC configuration, which would be otherwise needed to set up cross-region networking.
- Cross-region replication traffic uses reliable, high-performing, and scalable Google Cloud networking.
- Network monitoring, verification, and optimization is simplified using proactive network operations with Network Intelligence Center.
Cloud SQL security and privacy
- Data at rest in replicas is encrypted using customer-managed encryption keys (CMEK).
- Cross-region replication traffic remains private, without access to and from the public internet, when a private IP option is used.
- Cross-region replicas are supported as part of Access Transparency, which represents Google's long-term commitment to security and transparency by providing you with logs that capture the actions Google personnel take when accessing your content.
- Connection org policy control provides centralized control of the public IP settings of Cloud SQL to reduce the security attack surface of Cloud SQL instances from the internet.
- Cloud SQL will enforce the data residency policy you define. Replicas can only be created in permitted regions.
Links to the original articles;