| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Florian G(dot) Pflug" <fgp(at)phlo(dot)org> |
| Cc: | Simon Riggs <simon(at)2ndquadrant(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: [PATCH] A crash and subsequent recovery of themaster can cause the slave to get out-of-sync |
| Date: | 2007-07-05 18:13:25 |
| Message-ID: | 19664.1183659205@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
[ back to dealing with this patch, finally ]
"Florian G. Pflug" <fgp(at)phlo(dot)org> writes:
> While creating the patch, I've been thinking if it might be worthwile
> to note that we just did recovery in the ShutdownCheckpoint
> (or create a new checkpoint type RecoveryCheckpoint). This wouldl allow
> for more error checking, because then the slave could check that
> safe_restartpoint() is true for all ShutdownCheckpoints that were not
> after recovering.
I concur that this is a good idea --- we should have a third checkpoint
record type that shows that a crash recovery occurred. However, we can
probably only do that for 8.3 and beyond. If we try to do it in
existing release branches then there's likelihood of trouble due to WAL
incompatibility between master and standby. While we do advise people
to update their standbys first, I don't think it's worth risking such
problems just to add some more error checking.
Conclusion: we should apply Florian's patch as-is in 8.2, do something
morally equivalent in 8.1 and before, and invent a
CrashRecoveryCheckpoint record type in HEAD.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Florian G. Pflug | 2007-07-05 18:43:31 | Re: [PATCH] A crash and subsequent recovery of themaster can cause the slave to get out-of-sync |
| Previous Message | Kevin Grittner | 2007-07-05 15:00:53 | Re: Still recommending daily vacuum... |