This topic describes how to use the one-click migration feature of RDS PostgreSQL to migrate a public PostgreSQL database or an instance from another cloud provider to RDS PostgreSQL.
Background
RDS PostgreSQL runs in a Virtual Private Cloud (VPC). By default, the one-click migration feature supports migrating other databases to RDS PostgreSQL over a private network. To migrate a PostgreSQL database from the public network, you must configure a NAT Gateway and an associated Elastic IP Address (EIP).
This topic describes how to configure a NAT Gateway and associate an EIP for an RDS PostgreSQL instance, enabling the one-click migration feature for public network sources.
This method ensures the network security of the RDS PostgreSQL instance while enabling one-click migration from the public network.
An SNAT entry in the NAT Gateway allows the RDS PostgreSQL instance to access the internet. The instance itself is not exposed and does not provide services through the NAT Gateway. For more information about NAT Gateway and SNAT, see Use the SNAT feature of a NAT Gateway to access the internet.
Use cases
-
Migrate a self-managed PostgreSQL database from the public internet to the cloud.
-
Migrate a PostgreSQL instance from another cloud provider, such as Google Cloud SQL or Amazon RDS for PostgreSQL, to RDS PostgreSQL.
NoteOther cloud providers may have custom PostgreSQL plugins. If you encounter a plugin incompatibility error during the migration, submit a ticket.
Prerequisites
The RDS PostgreSQL instance must meet the following requirements:
-
The major versions of the source and destination instances must match. This feature supports PostgreSQL 10 or later.
Note-
If the source instance version is earlier than PostgreSQL 10, upgrade its major version before you perform the one-click migration.
-
If the major versions of the source and destination instances do not match, the feasibility assessment fails, and the migration cannot proceed.
-
-
The destination instance must be a primary instance; read-only instances are not supported.
-
The storage type of the destination instance must be cloud disk.
-
The destination instance must be empty. Its available storage space must be greater than or equal to the total data size of the source instance.
NoteIf the destination instance contains data, the feasibility assessment fails, and the migration cannot proceed. Back up the data and then empty the instance, or purchase a new instance.
Limitations
None.
Impacts
None.
Precautions
During the migration task, ensure that the source instance is accessible. Do not perform operations such as restarting the instance. If the source instance experiences a transient connection issue or an HA switchover, the migration task fails.
Billing
Configuring a NAT Gateway and associating an Elastic IP Address (EIP) incurs fees. For more information, see NAT Gateway billing.
Procedure
Step 1: Configure a NAT Gateway and EIP
In this step, you associate a public IP address with the VPC of the RDS PostgreSQL instance. This allows the RDS PostgreSQL instance to access a self-managed database or a database from another cloud provider that has a public IP address.
Before you begin, make sure that no NAT Gateway is configured for the VPC where the RDS instance resides and that no other public IP addresses are associated with the VPC. Otherwise, connectivity issues may occur.
Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
-
In the navigation pane on the left, click Database Connection, and then click the link for the VPC that appears next to Network Type.
-
In the VPC console, select the Resource Management tab. In the Public Access Service section, click Create Now.
-
On the NAT Gateway creation page, configure the following key parameters and use the default values for the remaining parameters.
Parameter
Description
Example
Elastic IP Address
If you already have an Elastic IP Address, you can select it. For this example, select Purchase Elastic IP Address.
Purchase Elastic IP Address
Peak Bandwidth
Select a peak bandwidth based on your needs. For this one-click migration, you can set the peak bandwidth to its maximum value to prevent migration slowdowns caused by bandwidth limits.
200 Mbps
-
Click Buy Now.
-
Confirm that the parameter settings are correct, select the terms of service checkbox, and then click Confirm Order.
After the operation is complete, the NAT Gateway is created, an EIP is associated with it, and an SNAT entry is configured.
-
Click the resource ID of the Elastic IP Address. On the Instance Information page of the EIP, you can view the public IP Address.
Step 2: Configure the source database
Self-managed PostgreSQL database
-
Important
The IP address configured in the pg_hba.conf file is the
Elastic IP Address/32associated with the RDS PostgreSQL instance in Step 1.
PostgreSQL from other providers
-
Modify the value of the wal_keep_segments or wal_keep_size parameter. For more information, see the official documentation of the cloud provider.
This setting ensures enough past log files are kept in the pg_wal directory. This prevents the source instance from deleting required WAL logs after a full backup, which would otherwise force the migration to restart.
-
wal_keep_segments: Applies to PostgreSQL 10, 11, and 12. We recommend that you set this parameter to 4096 or greater.
-
wal_keep_size: Applies to PostgreSQL 13, 14, and 15. We recommend that you set this parameter to 65536 or greater.
-
-
Create a migration account.
CREATE USER migratetest CREATEROLE REPLICATION LOGIN PASSWORD '123456'; GRANT pg_monitor TO migratetest;NoteThe account (
migratetest) and password (123456) in the preceding command are examples. Modify them based on your requirements. -
Enable public network connections and configure the security group or whitelist to allow access from the Elastic IP Address configured in Step 1. For more information, see the official documentation of the cloud provider.
ImportantMake sure that the ICMP protocol is enabled for the PostgreSQL instance from the other cloud provider. You can run the
ping <public endpoint of the PostgreSQL instance>command to verify connectivity.
Step 3: Run a feasibility assessment
Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
-
In the navigation pane on the left, choose Cloud Migration/DR Deployment. Then, click the Feasibility Assessment tab.
-
In the Configure Scenario and Source Type step of the configuration wizard, select Migration to Cloud for the scenario and Self-managed Instance or Other Instance for the source type. Then, click Next.
-
In the Configure Destination Instance step, click Next.
-
In the Configure Source Instance step, select all options, and then click Next.
-
In the Start Feasibility Assessment step, set the following parameters.
Parameter
Description
Migration Task Name
The system automatically generates a name. No modification is required.
Source VPC/DNS IP
-
For a self-managed PostgreSQL database on the public network: the public IP address of the database server.
-
For a PostgreSQL instance from another cloud provider: the public endpoint of the instance.
Port of Source Instance
-
For a self-managed PostgreSQL database on the public network: the database port. You can run the
netstat -a | grep PGSQLcommand to view the port. -
For a PostgreSQL instance from another cloud provider: find this information in the management console of the cloud provider.
Username
The username and password for the migration account created in Step 2.
Password
-
-
Click Create Feasibility Assessment Task.
After the migration assessment is complete, you can view the status of the migration assessment task in the Migration to Cloud list on the Feasibility Assessment page.
-
You can proceed with Migration to Cloud only if the Status is Successful.
-
If the Status is Failed, click View Report in the Actions column and resolve the issue based on the error message. For information about common errors, see Interpret the migration assessment report.
NoteOther cloud providers may have custom PostgreSQL plugins. If you encounter a plugin incompatibility error during the migration, submit a ticket.
After you resolve the errors, you can click Re-assess in the Actions column to run the assessment again.
-
Step 4: Migrate to the cloud
You can perform this step only after the feasibility assessment task succeeds.
Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.
-
In the navigation pane on the left, choose Cloud Migration/DR Deployment, switch to the Migration to Cloud tab, and then click Create Migration to Cloud Task.
-
In the Create Cloud Migration Task window, select the successful task from Step 3 in the Associated Assessment Task drop-down list.
After you select an Associated Assessment Task, the other parameters are automatically populated.
-
Click Initiate Migration to Cloud to begin the migration task.
WarningDuring the migration task, ensure that the source instance is accessible. Do not perform operations such as restarting the instance. If the source instance experiences a transient connection issue or an HA switchover, the migration task fails.
-
Perform the cutover.
-
In the migration task list, you can click the link in the Cloud Migration Phase column to view the progress of the task.
-
When the migration phase is Incremental Data Synchronization, click Switchover in the Actions column to promote the RDS PostgreSQL instance to the primary instance and start serving production traffic.
-
In the Switchover window, follow the on-screen instructions to set the source instance to read-only or stop writes from your applications.
To set the source instance to read-only:
-- Set the database to read-only. ALTER SYSTEM SET default_transaction_read_only=on; -- Reload the parameter configuration to apply the change. SELECT pg_reload_conf(); -- Terminate all existing sessions. SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE usename not in ('replicator', 'monitor', 'pgsql', 'aurora') AND pid != pg_backend_pid(); -
Select all checkboxes and click Switch Now. Then, wait for the migration to complete.
-