Skip to content

Promote PostgreSQL Cloud SQL DR in GCP (HyOps Blueprint)

Purpose: Gate the cutover decision and then repoint the stable PostgreSQL service endpoint to the managed GCP DR lane.
Owner: Platform engineering / SRE
Trigger: Controlled DR event or promotion drill after the managed standby has already been promoted with provider-native controls
Impact: Applications are redirected to the managed GCP PostgreSQL endpoint.
Severity: P1
Pre-reqs: The managed standby lane already exists, provider-native promotion has been completed, the old primary is fenced, and DNS authority credentials are available.
Rollback strategy: If the manual gate has not been confirmed, do nothing. If DNS cutover completes incorrectly, restore the DNS target only after re-verifying write authority and split-brain safety.

Context

Blueprint ref: dr/postgresql-cloudsql-promote-gcp@v1
Location: hybridops-core/blueprints/dr/postgresql-cloudsql-promote-gcp@v1/blueprint.yml

Default step flow:

  1. core/shared/manual-gate
  2. platform/network/dns-routing

Important:

  • this blueprint does not perform the provider-native promotion action for you
  • it exists to make the fencing and approval decision explicit and auditable
  • DNS cutover consumes endpoint_host from org/gcp/cloudsql-external-replica#managed_standby because the route uses an A record

Manual gate expectations

Set the manual gate only after all of these are already true:

  • source_primary_fenced=true
  • managed_target_promoted=true
  • application_cutover_approved=true

If any of those statements are still uncertain, do not execute the blueprint.

Validate and execute

hyops blueprint validate --ref dr/postgresql-cloudsql-promote-gcp@v1
hyops blueprint preflight --env dev --ref dr/postgresql-cloudsql-promote-gcp@v1
hyops blueprint deploy --env dev --ref dr/postgresql-cloudsql-promote-gcp@v1 --execute

Verify

Confirm:

  • manual gate state is cap.control.manual_gate = confirmed
  • DNS routing state is cap.network.dns_routing = ready
  • the published record now targets the managed Cloud SQL endpoint
  • application writes land only on the promoted GCP primary