| From: | Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com> |
|---|---|
| To: | Simon Riggs <simon(at)2ndQuadrant(dot)com> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Fujii Masao <masao(dot)fujii(at)gmail(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Backup history file should be replicated in Streaming Replication? |
| Date: | 2009-12-30 13:31:36 |
| Message-ID: | 4B3B5638.7050402@enterprisedb.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Simon Riggs wrote:
> On Wed, 2009-12-23 at 12:50 +0200, Heikki Linnakangas wrote:
>
>> I just realized that the current history file fails to recognize this
>> scenario:
>>
>> 1. pg_start_backup()
>> 2. cp -a $PGDATA data-backup
>> 3. create data-backup/recovery.conf
>> 4. postmaster -D data-backup
>>
>> That is, starting postmaster on a data directory, without ever calling
>> pg_stop_backup(). Because pg_stop_backup() was not called, the history
>> file is not there, and recovery won't complain about not reaching the
>> safe starting point.
>>
>> That is of course a case of "don't do that!", but perhaps we should
>> refuse to start up if the backup history file is not found? At least in
>> the WAL-based approach, I think we should refuse to start up if we don't
>> see the pg_stop_backup WAL record.
>
> The code has always been capable of starting without this, which was
> considered a feature to be able start from a hot copy.
Why is that desirable? The system is in an inconsistent state. To force
it, you can always use pg_resetxlog.
--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Oleg Bartunov | 2009-12-30 14:20:32 | Re: KNNGiST for knn-search (WIP) |
| Previous Message | Heikki Linnakangas | 2009-12-30 13:26:19 | Re: Backup history file should be replicated in Streaming Replication? |