Skip to main content
Google Cloud Platform (GCP)
CHAPTER 11

Cloud SQL and Managed Databases

Updated: May 15, 2026
20 min read

# CHAPTER 11

Cloud SQL and Managed Databases

1. Introduction

You *could* install a MySQL database directly onto a Compute Engine Virtual Machine. However, this means you are responsible for updating the Linux OS, patching MySQL security flaws, configuring Master-Slave replication, and writing scripts to perform nightly backups. If you make a mistake, you lose your company's data. To eliminate this massive operational burden, GCP offers Cloud SQL: a fully managed, relational database service. In this chapter, we will deploy a production-grade database that maintains itself.

2. Learning Objectives

By the end of this chapter, you will be able to:
  • Differentiate between Self-Managed databases and Managed Database Services (DBaaS).
  • Identify the relational database engines supported by Cloud SQL.
  • Deploy a Cloud SQL instance.
  • Configure High Availability (HA) and automated backups.
  • Secure the database connection using Private IP and Cloud SQL Auth Proxy.

3. Beginner-Friendly Explanation

Imagine maintaining a classic car.
  • Self-Managed (Compute Engine): You own the car, but you also have to change the oil, rebuild the engine when it breaks, and lock the garage yourself. It requires intense mechanical knowledge.
  • Managed Service (Cloud SQL): You lease a car that comes with an invisible mechanic. The mechanic automatically changes the oil while you are driving, instantly swaps the engine if it fails, and guarantees the car will never be stolen. You just get in and drive.

4. Supported Database Engines

Cloud SQL strictly hosts Relational Databases (SQL). It currently supports three enterprise-grade engines:
  1. 1. MySQL: The world's most popular open-source database (used by WordPress).
  1. 2. PostgreSQL: An advanced, highly compliant open-source database. Extremely popular for complex, enterprise applications.
  1. 3. SQL Server: Microsoft's proprietary database.

5. High Availability (HA) and Backups

The defining features of Cloud SQL are its managed resilience:
  • Automated Backups: By simply checking a box, Google will take a snapshot of your database every night at 2:00 AM.
  • High Availability (Regional): If you check the HA box, Google creates a primary database in Zone A, and a hidden "Standby" replica in Zone B. Every piece of data written to A is instantly copied to B. If Zone A loses power, Google automatically fails over, pointing your application to the database in Zone B with zero data loss.

6. Security and Connectivity

Databases are the crown jewels of your architecture. They should never have a Public IP Address.
  • Private IP: You configure Cloud SQL to only accept traffic from *inside* your specific VPC.
  • Cloud SQL Auth Proxy: If a developer needs to access the database from their laptop at home, they run a small software tool called the Auth Proxy. It creates a highly secure, encrypted tunnel from their laptop directly to the private database using their IAM credentials.

7. Mini Project: Create a Managed MySQL Database

Let's provision a database that we never have to maintain.

Step-by-Step Tutorial:

  1. 1. In the GCP Console, navigate to SQL.
  1. 2. Click Create Instance.
  1. 3. Choose Choose MySQL.
  1. 4. Instance ID: my-production-db
  1. 5. Password: Generate a highly secure password.
  1. 6. Choose region and zonal availability: Select your region. For this test, select Single zone (to save money, though in real life you'd select Multiple zones for HA).
  1. 7. Expand the Show configuration options menu.
  1. 8. Connections: Uncheck Public IP. Check Private IP. Select your default (or custom) VPC network.
  1. 9. Backups, recovery, and high availability: Ensure "Automated backups" is checked.
  1. 10. Click Create Instance.
*(Note: Provisioning a database takes about 5-10 minutes).*
  1. 11. Once created, any Virtual Machine located inside the same VPC can instantly connect to the database using its internal IP address!

8. Real-World Scenarios

An e-commerce company relies on Cloud SQL PostgreSQL for its shopping cart system. A junior developer accidentally runs a SQL command that deletes the entire "Users" table at 3:00 PM. Panic ensues. However, because the Cloud Engineer enabled Point-in-Time Recovery (PITR) in Cloud SQL, they simply click a button in the console to restore the entire database to its exact state at 2:59 PM. The crisis is averted in minutes.

9. Best Practices

  • Read Replicas: If your application is incredibly read-heavy (e.g., a news website where millions read articles, but few write them), the Primary database will become overwhelmed. You can click a button to create Read Replicas. Google spins up identical copies of the database that *only allow read queries*, drastically reducing the load on the Primary server.

10. Cost Optimization Tips

  • Stop Idle Instances: Cloud SQL instances are relatively expensive because you pay for the dedicated CPU/RAM 24/7. If you create a test database, remember to Stop the instance when you are not actively using it! You will only pay pennies for the storage space while it is stopped.

11. CLI Examples

To create a PostgreSQL instance via the terminal:
bash
1234 
gcloud sql instances create my-pg-instance \
    --database-version=POSTGRES_14 \
    --cpu=2 --memory=8Gi \
    --region=us-central1

12. Exercises

  1. 1. What is the fundamental difference between High Availability (Regional failover) and a Read Replica?
  1. 2. Why is enabling a Public IP address on a Cloud SQL instance considered a severe security vulnerability?

13. FAQs

Q: Does Cloud SQL scale infinitely like Cloud Storage? A: No. Cloud SQL is a relational database. It scales *vertically*. If you need more power, you must restart the database with more CPU/RAM. If you need a database that scales *horizontally* across thousands of servers infinitely, you need Google Cloud Spanner or Bigtable (which are highly advanced and extremely expensive).

14. Interview Questions

  • Q: Explain the mechanics of a High Availability (HA) failover event within Google Cloud SQL. How does synchronous replication ensure zero data loss during a zonal outage?
  • Q: A developer complains they cannot connect to a newly provisioned Cloud SQL instance from their local development environment via a standard database client (like DBeaver). The instance is configured exclusively with a Private IP. Detail the secure architectural solution you would implement to grant them access without exposing the instance to the public internet.

15. Summary

In Chapter 11, we liberated ourselves from Database Administration. We contrasted the operational agony of self-managed databases with the elegant automation of Cloud SQL. We explored the relational engines available (MySQL, PostgreSQL), established resilience via Automated Backups and Multi-Zone High Availability, and solidified our security posture by strictly isolating the database within our private VPC, ensuring our critical data remains impenetrable from the public internet.

16. Next Chapter Recommendation

Cloud SQL is perfect for structured, relational data. But what if we are building a fast-paced mobile app with dynamic, unstructured data? Proceed to Chapter 12: Firestore and NoSQL Databases.

Finish this Chapter

Save your progress on your learning path and prepare for coding interview challenges.

Previous Chapter Docker and Container Registry
Next Chapter Firestore and NoSQL Databases

Discussion

Join the discussion

Log in or create a free account to participate.

Sort: ·

Explore More

📖 Related Tutorials 5

Related Quizzes 6