Tom Lane wrote:
> Oliver Elphick <olly(at)lfix(dot)co(dot)uk> writes:
> > On Sat, 2003-01-04 at 02:17, Tom Lane wrote:
> >> There isn't any simple way to lock *everyone* out of the DB and still
> >> allow pg_upgrade to connect via the postmaster, and even if there were,
> >> the DBA could too easily forget to do it.
> > I tackled this issue in the Debian upgrade scripts.
> > I close the running postmaster and open a new postmaster using a
> > different port, so that normal connection attempts will fail because
> > there is no postmaster running on the normal port.
> That's a good kluge, but still a kluge: it doesn't completely guarantee
> that no one else connects while pg_upgrade is trying to do its thing.
I was thinking about using GUC:
#max_connections = 32
#superuser_reserved_connections = 2
Set both of those to 1, and you lock out everyone but the super-user.
In fact, we can specify those on postmaster start with -c
> I am also concerned about the consequences of automatic background
> activities. Even the periodic auto-CHECKPOINT done by current code
> is not obviously safe to run behind pg_upgrade's back (it does make
> WAL entries). And the auto-VACUUM that we are currently thinking of
> is even less obviously safe. I think that someday, running pg_upgrade
> standalone will become *necessary*, not just a good safety feature.
Yes, certainly we are in major hack mode with pg_upgrade.
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
In response to
pgsql-hackers by date
|Next:||From: Tom Lane||Date: 2003-01-05 04:37:59|
|Subject: Re: Upgrading rant. |
|Previous:||From: Giles Lean||Date: 2003-01-05 03:05:45|
|Subject: Re: [GENERAL] v7.3.1 Bundled and Released ... |