High availability of a Managed Service for PostgreSQL cluster
High availability of a Managed Service for PostgreSQL cluster depends on the number and placement of its hosts, replication settings, and other cluster parameters.
Number and placement of cluster hosts
A single-host cluster does not provide high availability. If the master host VM fails, your cluster will be unavailable for reading and writing until the VM recovers completely. Single-host clusters are not covered by the Service level agreement (SLA).
A cluster with two hosts located in different availability zones is considered highly available and is subject to the SLA. This option is sutable for medium-sized applications in a production environment.
A cluster with three or more hosts located in three different availability zones is considered highly available and is subject to the SLA. Such clusters are suitable for production environments with high availability and performance requirements.
For more information, see Planning cluster topology.
Replication and master failover settings
High availability is achived through replication and master failover, which work as follows:
- Clusters uses streaming replication. Each replica host receives a replication stream from another host, typically the master. Managed Service for PostgreSQL manages replication streams in the cluster automatically, but you can manage them manually if you need to. When you set the replication source manually, the replicas will have a number of limitations.
- By default, clusters provide automatic failover of master hosts. You can disable auto failover, but if the master fails, you will need to select a new master and perform the failover manually.
- If you use public access for the host, you must also enable it for the replicas, otherwise the cluster will become unavailable after master failover.
Warning
Using a special FQDN simplifies application development, but your cluster will be unavailabile during master failover. To quickly switch to a new master, you need to implement monitoring of master replacement on the application side.
Maintenance settings
During maintenance, a cluster with two or more hosts may not be available for writes until the master automatically fails over. A single host cluster is completely unavailable during maintenance. Therefore, consider the expected load on your cluster when selecting the maintenance day and hour.
When updating a PostgreSQL version, a cluster with three or more hosts is unavailable for writes but has at least one readable replica. A cluster with one or two hosts is completely unavailable during PostgreSQL version updates. Consider the expected load on your cluster when planning updates.
Other settings
The following settings may also affect cluster availability: