|From:||Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>|
|To:||Robert Haas <robertmhaas(at)gmail(dot)com>|
|Cc:||Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>|
|Subject:||Re: Server won't start with fallback setting by initdb.|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, Feb 9, 2018 at 3:08 AM, Kyotaro HORIGUCHI
> <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp> wrote:
>> I think that we can safely increase the fallback value to 20 with
>> which regtests are known not to fail.
> I propose an alternative fix: let's instead change the code like this:
> if (max_wal_senders > MaxConnections)
I think there is a bigger reason not to like that code. If you look
a bit wider at the context, we are independently constraining
max_wal_senders and ReservedBackends:
if (ReservedBackends >= MaxConnections)
write_stderr("%s: superuser_reserved_connections must be less than max_connections\n", progname);
if (max_wal_senders >= MaxConnections)
write_stderr("%s: max_wal_senders must be less than max_connections\n", progname);
But this is insufficient to prevent trouble, because elsewhere we learn that
* The last few connections slots are reserved for superusers. Although
* replication connections currently require superuser privileges, we
* don't allow them to consume the reserved slots, which are intended for
* interactive use.
Therefore, the condition that actually ought to be getting enforced here
is either "ReservedBackends + max_wal_senders < MaxConnections", or
"ReservedBackends + max_wal_senders <= MaxConnections", depending on
whether you think it's appropriate to require at least one not-reserved-
for-superusers connection slot to remain available if the walsenders
slots are fully populated.
Then, seeing that the factory defaults are ReservedBackends = 3 and
max_wal_senders = 10, something's got to give; there's no way that
max_connections = 10 can work with those. But what I would argue is that
of those three choices, the least defensible one is max_wal_senders = 10.
Where did that come from? What fraction of real-world installations will
need that? We don't choose defaults that overprovision small
installations by 5X or 10X anywhere else, so why here?
My proposal is to default max_wal_senders to perhaps 3, and leave
initdb's logic alone.
regards, tom lane
|Next Message||Tomas Vondra||2018-03-04 20:36:55||Re: slow array(subselect)|
|Previous Message||Pavel Stehule||2018-03-04 20:19:37||slow array(subselect)|