Re: Re: Continue work on changes to recovery.conf API

From: David Steele <david(at)pgmasters(dot)net>
To: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
Cc: Stephen Frost <sfrost(at)snowman(dot)net>, Andres Freund <andres(at)anarazel(dot)de>, Michael Paquier <michael(at)paquier(dot)xyz>, Sergei Kornilov <sk(at)zsrv(dot)org>, PostgreSQL mailing lists <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Re: Continue work on changes to recovery.conf API
Date: 2019-02-28 15:41:19
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

Hi Peter,

On 11/27/18 5:34 PM, Stephen Frost wrote:
> Greetings,
> * Peter Eisentraut (peter(dot)eisentraut(at)2ndquadrant(dot)com) wrote:
>> On 27/11/2018 13:21, David Steele wrote:
>>> I would prefer a specific file that will be auto-included into
>>> postgresql.conf when present but be ignored when not present. Some
>>> settings are generally ephemeral (recovery_target_time) and it would be
>>> nice for them to go away. When recovery is complete the file would be
>>> renamed to .done just as recovery.conf is now.
>> That might be a useful facility, but it wouldn't really address the
>> pg_basebackup -R issue, because that creates settings that you don't
>> want going away in this manner. You'd then need two separate such
>> files, one for targeted recovery that goes away when recovery ends, and
>> one that is automatically included that pg_basebackup can overwrite at will.
> I've been thinking about this also and I agree that there's some
> challenges when it comes to having another file- what happens if someone
> does an ALTER SYSTEM on primary_conninfo while it's in the
> '' (or whatever) file? Does that go into
>, or somewhere else? What if they do a RESET?
> Then there's the other side of things- do we really want things like
> recovery_target_time being kept around in after a
> promotoion? Do we want to keep appending primary_conninfo into
> I haven't looked but I'm also concerned that
> something like ALTER SYSTEM RESET isn't really prepared to find
> duplicates in
> Maybe thinking through what we want to have happen in each scenario
> would be good. If you perform a pg_basebackup -R and there's already
> something set in for primary conninfo- what should
> happen? If we reach the end of recovery and promote while
> has recovery_target_time set, what should happen?
> If third-party tools want to do what pg_basebackup -R does and modify
> things in, how should they do that?
> Here's my thoughts on answers to the above:
> - pg_basebackup -R should INSERT .. ON CONFLICT UPDATE the settings that
> it wants to set in
> - When we reach the end of recovery and promote, we should DELETE from
> the the recovery target settings.
> - External tools should either be told that they can modify
> and given guideance on how to do so, or we should
> provide a tool which allows them to do so (or maybe both).
> As we already have a section for recovery target settings that clearly
> has them as independent, hopefully this will make sense to users. Open
> to other ideas too, of course, but I don't think we can continue to just
> append things to the end of when pg_basebackup is
> run with -R.

I'd be interested to get your take to these questions.

Just about every third-party backup and HA tool out there writes
recovery.conf files and automates restores. This is a huge change.

I personally would prefer to have something like
postgresql.recovery.conf file that is automatically included if it is
present. This simplifies the issue of how to maintain recovery settings
in The file could be renamed to
postgresql.recovery.conf.done similar to how recovery.conf is now.

Of course, some settings like primary_conninfo could just stay in
postgresql.conf or since they are far less subject
to change. Or they could be in postgresql.recovery.conf for HA

I don't see why this won't work with pg_basebackup -R -- it just may be
the case that some settings get overridden. In HA scenarios it's hard
to see how pg_basebackup would have the correct info for something like
primary_conninfo anyway.

I like the flexibility of recovery options being available as GUCs but
I'm not sure the ramifications of these changes have been completely
thought through.


In response to

Browse pgsql-hackers by date

  From Date Subject
Next Message Ildus Kurbangaliev 2019-02-28 15:44:15 Re: [HACKERS] Custom compression methods
Previous Message David Steele 2019-02-28 15:38:13 Re: Re: Continue work on changes to recovery.conf API