Skip site navigation (1) Skip section navigation (2)

Re: beta testing version

From: Hannu Krosing <hannu(at)tm(dot)ee>
To: xuyifeng <jamexu(at)telekbird(dot)com(dot)cn>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: beta testing version
Date: 2000-11-29 10:23:30
Message-ID: 3A24D922.1D4CC36E@tm.ee (view raw or flat)
Thread:
Lists: pgsql-hackers
xuyifeng wrote:
> 
> NO, I just tested how solid PgSQL  is,  I run a program busy inserting record into PG table,  when I
> suddenly pulled out power from my machine and  restarted PG, I can not insert any record into database
> table,  all backends are dead without any respone (not core dump), note that I am using FreeBSD 4.2,
> it's rock solid,  it's not OS crash, it just losted power.  We use WindowsNT and MSSQL on our production
> server,  before we accept MSSQL, we use this method to test if MSSQL can endure this kind of strik,
> it's OK, all databases are safely recovered, we can continue our work.

The only way to safely recover them after a major crash would be
manual/supervised recovery from backups + logs

As not even NTFS is safe from power failures (I have lost an NTFS file
system a few times due to not 
having an UPS) it is irrelevant if MSSQL is. Even if MSSQL is "crash
proof" (tm), how can you _prove_ 
your customers/superiors that the last N minutes of transactions were
not lost ? 

If the DB is able to "continue your work" after the crash, you can of
course cover up the fact that the 
crash even happened and blame the lost transactions on someone else when
they surface at the next audit ;)

Or just claim thet computer technology is so complicated that losing a
few transactions is normal - but 
you could go on working ;) :~) ;-p

What you want for mission-critical data is replicated databases or at
least off-site logging, not "crash 
recovery" at some arbitrarily chosen layer. You will need to recover
from the crash even if it destroys 
the whole computer.

May I suggest another test for your NT/MSSQL setup - dont pull the plug
but change the input voltage 
to 10 000 VAC, if this goes well, test vith 100 000 VAC ;)
This is also a scenario much less likely to be protected by an UPS than
power loss.

> we are a stock exchange company,
> our server are storing millilion $ finance number, we don't hope there are any problems in this case,
> we are using UPS,  but UPS is not everything,  it you bet everything on UPS, you must be idiot.

So are you, if you bet everything on hoping that DB will do crash
recovery from any type of crash.

A common case of "crash" that may need to be recovered from is also a
human error , like typing drop database 
at the wrong console;

> I know you must be an avocation of PG, but we are professional customer, corporation user, we store critical
> data into database, not your garbage data.

Then you'd better have a crash recovery infrastructure/procedures in
place and not hope that DB server 
will do that automatically for you

--------------------
Hannu

In response to

pgsql-hackers by date

Next:From: Magnus Naeslund(f)Date: 2000-11-29 11:07:45
Subject: Re: Please advise features in 7.1 (SUMMARY)
Previous:From: Zeugswetter Andreas SBDate: 2000-11-29 08:55:10
Subject: AW: beta testing version

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group