RE: Stronger safeguard for archive recovery not to miss data

On Tuesday, April 6, 2021 9:41 AM Fujii Masao <masao(dot)fujii(at)oss(dot)nttdata(dot)com>
> On 2021/04/05 23:54, osumi(dot)takamichi(at)fujitsu(dot)com wrote:
> >> This makes me think that we should document this risk.... Thought?
> > +1. We should notify the risk when user changes
> > the wal_level higher than minimal to minimal to invoke a carefulness
> > of user for such kind of operation.
>
> I removed the HINT message "or recover to the point in ..." and added the
> following note into the docs.
>
> Note that changing <varname>wal_level</varname> to
> <literal>minimal</literal> makes any base backups taken before
> unavailable for archive recovery and standby server, which may
> lead to database loss.
Thank you for updating the patch. Let's make the sentence more strict.

My suggestion for this explanation is
"In order to prevent database corruption, changing
wal_level to minimal from higher level in the middle of
WAL archiving requires careful attention. It makes any base backups
taken before the operation unavailable for archive recovery
and standby server. Also, it may lead to whole database loss when
archive recovery fails with an error for that change.
Take a new base backup immediately after making wal_level back to higher level."

Then, we can be consistent with our new hint message,
"Use a backup taken after setting wal_level to higher than minimal.".

Is it better to add something similar to "Take an offline backup when you stop the server
and change the wal_level" around the end of this part as another option for safeguard, also?
For the performance technique part, what we need to explain is same.

Another minor thing I felt we need to do might be to add double quotes to wrap minimal in errhint.
Other errhints do so when we use it in a sentence.

There is no more additional comment from me !

Best Regards,
Takamichi Osumi