| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Meel Velliste <meel(at)fivetran(dot)com> |
| Cc: | PostgreSQL mailing lists <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Logical decoding client has the power to crash the server |
| Date: | 2017-09-20 07:43:19 |
| Message-ID: | CAB7nPqTu6UD3RgUYG9p2EqTe=y53ga0azcgdBN7S219JvYpYKg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Sep 20, 2017 at 3:14 PM, Meel Velliste <meel(at)fivetran(dot)com> wrote:
> From what I understand about logical decoding, there is no limit to how many
> log entries will be retained by the server if nobody reads them from the
> logical slot. This means that a client that fails to read from the slot has
> the power to bring down the master database because the server's disk will
> get full at which point all subsequent write operations will fail and even
> read operations will fail because they too need temporary space. Even the
> underlying operating system may be affected as it too may need temporary
> disk space to carry out its basic functions.
Monitoring is a mandatory part of the handling of replication slots.
One possible solution is to use a background worker that scans slots
causing bloat in pg_xlog and to automatically get rid of them so as
the primary is preserved from any crash. Note that advancing a slot is
doable for a physical slot, but advancing a logical slot is trickier
(not sure if that's doable actually but Andres can comment on that)
because it involves being sure that the catalog_xmin is still
preserved so as past logical changes can be looked at consistently.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2017-09-20 07:44:06 | Re: Logcal replication in large scale |
| Previous Message | Nicklas Avén | 2017-09-20 06:53:44 | Logcal replication in large scale |