| From: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Vladimir Borodin <root(at)simply(dot)name>, Amit Kapila <amit(dot)kapila16(at)gmail(dot)com>, Dmitriy Sarafannikov <dsarafannikov(at)yandex(dot)ru>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Broken hint bits (freeze) |
| Date: | 2017-05-28 01:30:14 |
| Message-ID: | CAB7nPqQHgjLD1y5GzBqTFs4C_+z6N67e+eTA78YyPm5sMjoaUg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sat, May 27, 2017 at 12:56 PM, Andres Freund <andres(at)anarazel(dot)de> wrote:
> On 2017-05-27 19:48:24 +0300, Vladimir Borodin wrote:
>> Well, actually clean shutdown of master with exit code 0 from `pg_ctl
>> stop -m fast` guarantees that all WAL has been replicated to standby.
>
> It does not. It makes it likely, but the connection to the standby
> could be not up just then, you could run into walsender timeout, and a
> bunch of other scenarios.
Amen.
>> And if something would go wrong in above logic, postgres will not let you attach old master as a standby of new master. So it is highly probable not a setup problem.
>
> There's no such guarantee. There's a bunch of checks that'll somewhat
> likely trigger, but nothing more than that.
Yes. Take for example the case where the host with a primary is
plugged off, and another host with a standby is promoted. If at next
restart you add directly for the old primary a recovery.conf and
attempt to use it as a standby to the new primary it may be able to
connect and to begin replication. That will result in a corrupted
standby.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Janes | 2017-05-28 01:50:34 | simplehash.h typo |
| Previous Message | Erik Rijkers | 2017-05-28 00:05:33 | Re: logical replication - still unstable after all these months |