Re: Server won't start with fallback setting by initdb.

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Robert Haas <robertmhaas(at)gmail(dot)com>
Cc: Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Server won't start with fallback setting by initdb.
Date: 2018-03-04 20:31:31
Message-ID: 28271.1520195491@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox
Thread:
Lists: pgsql-hackers

Robert Haas <robertmhaas(at)gmail(dot)com> writes:
> On Fri, Feb 9, 2018 at 3:08 AM, Kyotaro HORIGUCHI
> <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp> wrote:
>> I think that we can safely increase the fallback value to 20 with
>> which regtests are known not to fail.

> I propose an alternative fix: let's instead change the code like this:
> if (max_wal_senders > MaxConnections)

I think there is a bigger reason not to like that code. If you look
a bit wider at the context, we are independently constraining
max_wal_senders and ReservedBackends:

if (ReservedBackends >= MaxConnections)
{
write_stderr("%s: superuser_reserved_connections must be less than max_connections\n", progname);
ExitPostmaster(1);
}
if (max_wal_senders >= MaxConnections)
{
write_stderr("%s: max_wal_senders must be less than max_connections\n", progname);
ExitPostmaster(1);
}

But this is insufficient to prevent trouble, because elsewhere we learn that

* The last few connections slots are reserved for superusers. Although
* replication connections currently require superuser privileges, we
* don't allow them to consume the reserved slots, which are intended for
* interactive use.

Therefore, the condition that actually ought to be getting enforced here
is either "ReservedBackends + max_wal_senders < MaxConnections", or
"ReservedBackends + max_wal_senders <= MaxConnections", depending on
whether you think it's appropriate to require at least one not-reserved-
for-superusers connection slot to remain available if the walsenders
slots are fully populated.

Then, seeing that the factory defaults are ReservedBackends = 3 and
max_wal_senders = 10, something's got to give; there's no way that
max_connections = 10 can work with those. But what I would argue is that
of those three choices, the least defensible one is max_wal_senders = 10.
Where did that come from? What fraction of real-world installations will
need that? We don't choose defaults that overprovision small
installations by 5X or 10X anywhere else, so why here?

My proposal is to default max_wal_senders to perhaps 3, and leave
initdb's logic alone.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tomas Vondra 2018-03-04 20:36:55 Re: slow array(subselect)
Previous Message Pavel Stehule 2018-03-04 20:19:37 slow array(subselect)