| From: | David Steele <david(at)pgmasters(dot)net> |
|---|---|
| To: | Kyotaro Horiguchi <horikyota(dot)ntt(at)gmail(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Issue with recovery_target = 'immediate' |
| Date: | 2022-07-14 21:21:03 |
| Message-ID: | 4b6e1ec2-ca08-3baa-db9d-ea444939226e@pgmasters.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 7/14/22 04:26, Kyotaro Horiguchi wrote:
> At Wed, 13 Jul 2022 14:41:40 -0400, David Steele <david(at)pgmasters(dot)net> wrote in
>> While it is certainly true that timeline 2 cannot be replayed to from
>> timeline 1, it should not matter for an immediate recovery that stops
>> at consistency. No timeline switch will occur until promotion. Of
>> course the cluster could be shut down before promotion and the target
>> changed, but in that case couldn't timeline be adjusted at that point?
>>
>> This works by default for PostgreSQL < 12 because the default timeline
>> is current. Since PostgreSQL 12 the default has been latest, which
>> does not work by default.
>>
>> When a user does a number of recoveries it is pretty common for the
>> timelines to get in a state that will make most subsequent recoveries
>> fail. We think it makes sense for recovery_target = 'immediate' to be
>> a fail safe that always works no matter the state of the latest
>> timeline.
>>
>> Our solution has been to force recovery_target_timeline = 'current'
>> when recovery_target = 'immediate', but it seems like this is
>> something that should be done in PostgreSQL instead.
>>
>> Thoughts?
>
> I think it is natural that recovery defaultly targets the most recent
> update. In that sense, at the time the admin decided to recover the
> server from the first backup, the second backup is kind of dead, at
> least which should be forgotten in the future operation.
Well, I dislike the idea of a dead backup. Certainly no backup can be
followed along all timelines but it should still be recoverable.
> Even if we want "any" backup usable, just re-targeting to the current
> timeline after the timeline error looks kind of inconsistent to the
> behavior mentioned above. To make "dead" backups behave like the
> "live" ones, we would need to check if the backup is in the history of
> each "future" timelines, then choose the latest timeline from them.
I think this makes sense for for non-immediate targets. The idea is that
recovering to the "latest" timeline would actually recover to the latest
timeline that is valid for the backup. Is that what you had in mind?
However, for immediate targets, only the current timeline makes sense so
I feel like it would be better to simply force the current timeline.
> # Mmm. I remember about a recent patch for pg_rewind to do the same...
Do you have a link for this?
Regards,
-David
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Thomas Munro | 2022-07-14 21:22:36 | Re: EINTR in ftruncate() |
| Previous Message | Tom Lane | 2022-07-14 21:17:17 | Re: Making the subquery alias optional in the FROM clause |