| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Magnus Hagander" <mha(at)sollentuna(dot)net> |
| Cc: | "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Josh Berkus" <josh(at)agliodbs(dot)com>, "PostgreSQL-patches" <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: [HACKERS] Function to kill backend |
| Date: | 2004-07-25 17:04:35 |
| Message-ID: | 14393.1090775075@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
"Magnus Hagander" <mha(at)sollentuna(dot)net> writes:
> That's not quite the argument I think I had :-) But withuot being able
> to kill the backends, there just no way for me to handle the sitaution
> when I have a hundred clients eating up all available connections and/or
> memory, just sitting idle, because of some freak bug in a client. Yes,
> if they keep reconnecting it will not save me. But if it's just a client
> that does a new connect say every hour and then forgets to close the old
> one, I can easily manage the situation (until I can fix the client. Or,
> which probably takes a lot more time, convince a vendor that this is
> actually a problem in the client).
How often does that situation really come up? This sounds more like
a theoretical concern than something that actually happens on a regular
basis.
Would you use a kill operation in the way you describe above if you knew
that it had, say, a 1% chance of causing a database-wide PANIC each time
you used it?
The odds of a problem are probably a great deal less than 1%, especially
if the backend is sitting idle. But they're not nil, and I don't think
we have the resources to make them nil in this release cycle.
Therefore I'm uneager to provide this feature simply because of "it
might be nice to have" arguments. There's a lot of other stuff that is
higher on the priority list, IMHO anyway.
> Don't know exactly what Bruce's patch did, but perhaps if this
> restriction can be put on it the dangerous parts of the patch can be
> reverted without removing the capability to terminate a backend that is
> idle?
You have that backwards. The dangerous part is killing a single backend.
Bruce's patch was an unsuccessful attempt to make it less dangerous.
Note also that what's at stake is not whether you can do this at all.
You can issue manual SIGTERMs all you like. What's at stake is whether
we promote the feature into an easy-to-use, presumably supported
operation. My real complaint here is that I don't think we are prepared
to support it.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2004-07-25 17:34:36 | Re: [HACKERS] Function to kill backend |
| Previous Message | Peter Eisentraut | 2004-07-25 12:00:40 | Re: French translation updates for 7.4 and 7.5 |