ApsaraDB RDS Guide

ApsaraDB RDS: Managed Relational Databases

ApsaraDB RDS (Relational Database Service) is Alibaba Cloud's fully managed relational database service supporting MySQL, PostgreSQL, SQL Server, MariaDB, and PolarDB (Alibaba's cloud-native database). RDS handles the operational complexity of database administration — provisioning, patching, backups, replication, failover, and monitoring — so you can focus on application development and schema design. With over a decade of production experience running some of the world's largest database workloads for Alibaba Group, ApsaraDB RDS delivers enterprise-grade reliability at cloud-scale efficiency.

RDS powers databases for Alibaba's own business units, handling the transaction volumes of Taobao, Tmall, and Alipay. This operational heritage means RDS has been optimized for scenarios that most managed database services have never encountered — sustained throughput of millions of transactions per second, zero-downtime upgrades during peak shopping events, and automatic failover with sub-second recovery times. These battle-tested features are available to all RDS customers.

This guide covers RDS engine selection, instance sizing, high availability configurations, read replicas, backup and restore, security, monitoring, and performance optimization for production database workloads.

Engine Selection

Choosing the right database engine depends on your application requirements, existing expertise, and ecosystem compatibility:

MySQL

The most popular engine on RDS, supporting versions 5.7 and 8.0. RDS MySQL includes Alibaba Cloud's AliSQL enhancements — a fork of MySQL with performance optimizations, security patches, and features not available in community MySQL. AliSQL improvements include thread pool optimization, parallel query execution, and binlog optimization that delivers up to 70% higher throughput compared to community MySQL on equivalent hardware.

PostgreSQL

Full-featured PostgreSQL support including versions 13, 14, 15, and 16. RDS PostgreSQL includes Ganos (spatiotemporal engine), HyperLogLog, pg_roaringbitmap, and other extensions optimized for Alibaba Cloud. Best for applications requiring advanced SQL features, JSON processing, GIS capabilities, or complex query patterns.

SQL Server

Licensed SQL Server instances supporting 2016, 2017, 2019, and 2022 editions (Web, Standard, Enterprise). The license cost is included in the instance price. Best for .NET applications, enterprise workloads migrating from on-premises SQL Server, and applications requiring features like Always Encrypted, columnstore indexes, or Reporting Services.

PolarDB

Alibaba Cloud's cloud-native distributed database, compatible with MySQL, PostgreSQL, and Oracle. PolarDB uses a compute-storage separation architecture with a shared distributed storage layer that delivers up to 6x the throughput of MySQL and supports up to 128 TB per instance. PolarDB is covered in detail in its own section below.

Instance Sizing

RDS instances are sized by vCPU, memory, maximum connections, and maximum IOPS. Choose the right instance class based on your workload characteristics:

• General Purpose (mysql.n2): Shared CPU resources with burstable performance. Best for development, testing, and small production workloads with variable CPU demand.
• Dedicated (mysql.x4/x8): Dedicated CPU and memory with guaranteed performance. x4 series has a 1:4 CPU:memory ratio; x8 series has a 1:8 ratio. Best for production workloads requiring consistent performance.
• Dedicated Host (mysql.x4/x8 with dedicated host group): Physical server isolation for compliance and licensing requirements. Full control over CPU, memory, and storage allocation on dedicated hardware.

# Create a high-availability MySQL RDS instance
aliyun rds CreateDBInstance \
  --Engine MySQL \
  --EngineVersion 8.0 \
  --DBInstanceClass rds.mysql.s3.large \
  --DBInstanceStorage 500 \
  --DBInstanceStorageType cloud_essd \
  --DBInstanceNetType Intranet \
  --PayType Postpaid \
  --Category HighAvailability \
  --VPCId vpc-bp1**** \
  --VSwitchId vsw-bp1**** \
  --ZoneId cn-hangzhou-g \
  --ZoneIdSlave1 cn-hangzhou-h \
  --SecurityIPList "10.0.0.0/16" \
  --DBInstanceDescription "Production MySQL Primary"

# Create a database
aliyun rds CreateDatabase \
  --DBInstanceId rm-bp1**** \
  --DBName "app_production" \
  --CharacterSetName utf8mb4

# Create a database account
aliyun rds CreateAccount \
  --DBInstanceId rm-bp1**** \
  --AccountName "app_user" \
  --AccountPassword "****" \
  --AccountType Normal

# Grant database permissions
aliyun rds GrantAccountPrivilege \
  --DBInstanceId rm-bp1**** \
  --AccountName "app_user" \
  --DBName "app_production" \
  --AccountPrivilege ReadWrite

High Availability

RDS offers three deployment categories with different availability guarantees:

Basic Edition

Single-node deployment without standby. Lowest cost but no automatic failover — if the node fails, recovery requires restoring from backup, which can take minutes to hours. Only suitable for development, testing, and non-critical workloads.

High Availability Edition

Two-node deployment with a primary and a standby in different availability zones. Uses semi-synchronous replication (for MySQL) to minimize data loss during failover. Automatic failover typically completes in 30-120 seconds. The standby instance is not accessible for reads — it serves exclusively as a failover target. This is the recommended configuration for production workloads.

Enterprise Edition (Three-Node)

Three-node deployment with one primary and two standby nodes using the Paxos consensus protocol for synchronous replication. Provides the highest availability with zero data loss (RPO=0) during failover. Available for MySQL 8.0 and PostgreSQL. Best for financial, e-commerce, and other workloads where data loss is unacceptable.

Read Replicas

Read replicas distribute read traffic across multiple instances to improve query throughput and reduce load on the primary instance. RDS supports up to 10 read replicas per primary instance, each running as an independent RDS instance with its own connection endpoint.

# Create a read replica
aliyun rds CreateReadOnlyDBInstance \
  --DBInstanceId rm-bp1**** \
  --EngineVersion 8.0 \
  --DBInstanceClass rds.mysql.s2.large \
  --DBInstanceStorage 200 \
  --DBInstanceStorageType cloud_essd \
  --ZoneId cn-hangzhou-h \
  --PayType Postpaid \
  --DBInstanceDescription "Read Replica 1"

# Enable read/write splitting proxy
aliyun rds AllocateReadWriteSplittingConnection \
  --DBInstanceId rm-bp1**** \
  --ConnectionStringPrefix "prod-mysql-proxy" \
  --Port 3306 \
  --DistributionType Standard \
  --Weight '{"rm-bp1****":"50","rr-bp1****":"25","rr-bp2****":"25"}'

The built-in read/write splitting proxy (DatabaseProxy) automatically routes write queries to the primary instance and distributes read queries across replicas based on configurable weights. The proxy provides a single connection endpoint for your application, eliminating the need for application-level read/write routing logic.

Backup and Restore

RDS provides comprehensive backup capabilities for data protection and disaster recovery:

• Automatic Backups: Full backups performed daily during a configurable backup window. Retained for 7-730 days depending on your configuration.
• Log Backups: Continuous binlog/WAL backups enabling point-in-time recovery (PITR) to any second within the retention period.
• Manual Snapshots: On-demand snapshots for pre-change safety nets. Retained until manually deleted.
• Cross-Region Backup: Automatic replication of backups to a secondary region for disaster recovery. Enables instance restoration in a different region.

# Configure backup policy
aliyun rds ModifyBackupPolicy \
  --DBInstanceId rm-bp1**** \
  --PreferredBackupTime "02:00Z-03:00Z" \
  --PreferredBackupPeriod "Monday,Wednesday,Friday,Sunday" \
  --BackupRetentionPeriod 30 \
  --LogBackupRetentionPeriod 7 \
  --EnableBackupLog 1 \
  --LocalLogRetentionHours 18

# Enable cross-region backup
aliyun rds ModifyInstanceCrossBackupPolicy \
  --DBInstanceId rm-bp1**** \
  --CrossBackupType 1 \
  --BackupEnabled 1 \
  --LogBackupEnabled 1 \
  --CrossBackupRegion cn-shanghai \
  --RetentType 1 \
  --Retention 30

# Restore to a point in time (creates new instance)
aliyun rds CloneDBInstance \
  --DBInstanceId rm-bp1**** \
  --RestoreTime "2026-03-14T10:30:00Z" \
  --PayType Postpaid \
  --DBInstanceClass rds.mysql.s3.large \
  --DBInstanceStorage 500 \
  --VSwitchId vsw-bp1****

Security

Securing RDS instances involves multiple layers of protection:

• Network Isolation: Deploy RDS instances in private vSwitches with no public endpoint. Use VPC internal endpoints for application access.
• IP Whitelist: Configure the security IP list to restrict access to specific IP addresses or CIDR ranges. Only whitelisted IPs can connect to the instance.
• SSL/TLS Encryption: Enable SSL for data in transit. RDS supports TLS 1.2 and 1.3 for encrypted connections between applications and the database.
• Transparent Data Encryption (TDE): Enable TDE to encrypt data at rest using KMS-managed keys. Available for MySQL and SQL Server. Once enabled, TDE cannot be disabled.
• Audit Logging: Enable SQL audit to log all database operations including queries, connections, and schema changes. Audit logs are delivered to SLS for analysis and compliance.
• Data Masking: Use dynamic data masking to protect sensitive data in query results. Configure masking rules for columns containing PII, financial data, or other sensitive information.

Performance Optimization

RDS provides several tools and features for monitoring and optimizing database performance:

• CloudDBA: Built-in database advisor that analyzes slow queries, provides index recommendations, and detects performance anomalies. CloudDBA continuously monitors your instance and surfaces actionable insights.
• Performance Insights: Real-time and historical database performance monitoring with wait event analysis. Identifies bottlenecks by showing where the database spends time — CPU, I/O, lock waits, or network.
• Slow Query Logs: Automatic capture and analysis of queries exceeding a configurable threshold (default 1 second). Review slow queries in the console or query them through SLS.
• Parameter Tuning: RDS allows modification of most database engine parameters through the console or API. Common tuning parameters include innodb_buffer_pool_size, max_connections, and query_cache_type.

Cost Optimization

Database costs often represent the largest portion of cloud spending. Optimize RDS costs with these strategies:

• Right-size instances: Use CloudDBA and Performance Insights to identify over-provisioned instances. Downgrade instances that consistently use less than 30% of CPU or memory.
• Use Subscription pricing: Commit to 1-3 year terms for production instances to save 30-60% compared to Pay-As-You-Go.
• Optimize storage: Use ESSD PL0 for development instances and PL1 or higher only for production workloads that need the IOPS. Monitor storage usage and avoid over-provisioning.
• Read/write splitting: Use read replicas and the built-in proxy to distribute read traffic. This often allows a smaller primary instance since read load is offloaded.
• Connection pooling: Use connection pooling (PgBouncer for PostgreSQL, ProxySQL for MySQL, or application-level pools) to reduce connection overhead and allow smaller instance sizes.
• Archive old data: Partition tables by date and archive old partitions to OSS using Data Transmission Service (DTS). This reduces active database size and improves query performance.