Overview
To create a migration in Database Migration Service, connectivity must be established between the source instance and the Cloud SQL destination instance. There are various methods supported. Choose the one that works best for the specific workload.This method works by configuring the source database server to accept connections from the outgoing IP of the Cloud SQL instance.
If you choose this method, then Database Migration Service guides you through the setup process during the migration creation.
- Easy to configure.
- Doesn't require any custom firewall configuration.
- Network traffic occurs over the public Internet.
- Less secure.
- Decreased performance.
Establishes connectivity from the destination to the source through a secure reverse SSH tunnel.
Requires a bastion host VM in the Google Cloud Platform project as well as a machine (for example, a laptop on the network) that has connectivity to the source.
Database Migration Service collects the required information at migration creation time, and auto-generates the script for setting it all up.
- Easy to configure.
- Doesn't require any custom firewall configuration.
- Recommended for short-lived migration scenarios (POC or small database migrations).
- The bastion VM is owned and managed by you, and may incur additional costs.
This method works by configuring the VPCs to communicate with one another.
- Native Google Cloud solution.
- Easy to configure.
- High bandwidth.
- Recommended for long-running or high-volume migrations.
- Applicable if both the source and destination databases are hosted in Google Cloud, or if the source is connected to the destination VPC using a VPN (cloud-hosted or on-premises) or Cloud Interconnect.
Private Service Connect interfaces let your destination database initiate connections to the private IP of your source database without consuming peering quota. Instead, this connectivity method utilizes network attachments you create in your VPC.
- Establishes connections to your source private IP by using a network attachment. This method doesn't consume peering quota in your VPC.
- The easiest source private connectivity method to configure.
- This connectivity method is only available when you migrate to an existing instance .
- Requires setting up a network attachment and adjusting firewall rules.
- You can't modify the network attachment after you establish the connection.
For more information about private services access and Private Service Connect in Cloud SQL for PostgreSQL see Private Service Connect outbound connections in the Cloud SQL documentation.
