pgsql: Stop archive recovery if WAL generated with wal_level=minimal is

From: Fujii Masao <fujii(at)postgresql(dot)org>
To: pgsql-committers(at)lists(dot)postgresql(dot)org
Subject: pgsql: Stop archive recovery if WAL generated with wal_level=minimal is
Date: 2021-04-06 13:59:25
Message-ID: E1lTmEn-0006d4-F1@gemulon.postgresql.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-committers

Stop archive recovery if WAL generated with wal_level=minimal is found.

Previously if hot standby was enabled, archive recovery exited with
an error when it found WAL generated with wal_level=minimal.
But if hot standby was disabled, it just reported a warning and
continued in that case. Which could lead to data loss or errors
during normal operation. A warning was emitted, but users could
easily miss that and not notice this serious situation until
they encountered the actual errors.

To improve this situation, this commit changes archive recovery
so that it exits with FATAL error when it finds WAL generated with
wal_level=minimal whatever the setting of hot standby. This enables
users to notice the serious situation soon.

The FATAL error is thrown if archive recovery starts from a base
backup taken before wal_level is changed to minimal. When archive
recovery exits with the error, if users have a base backup taken
after setting wal_level to higher than minimal, they can recover
the database by starting archive recovery from that newer backup.
But note that if such backup doesn't exist, there is no easy way to
complete archive recovery, which may make the database server
unstartable and users may lose whole database. The commit adds
the note about this risk into the document.

Even in the case of unstartable database server, previously by just
disabling hot standby users could avoid the error during archive
recovery, forcibly start up the server and salvage data from it.
But note that this commit makes this procedure unavailable at all.

Author: Takamichi Osumi
Reviewed-by: Laurenz Albe, Kyotaro Horiguchi, David Steele, Fujii Masao
Discussion: https://postgr.es/m/OSBPR01MB4888CBE1DA08818FD2D90ED8EDF90@OSBPR01MB4888.jpnprd01.prod.outlook.com

Branch
------
master

Details
-------
https://git.postgresql.org/pg/commitdiff/9de9294b0c4dac77edb80f029648afca79d14653

Modified Files
--------------
doc/src/sgml/config.sgml | 4 ++
doc/src/sgml/perform.sgml | 4 +-
src/backend/access/transam/xlog.c | 12 ++--
src/test/recovery/t/024_archive_recovery.pl | 95 +++++++++++++++++++++++++++++
4 files changed, 106 insertions(+), 9 deletions(-)

Browse pgsql-committers by date

  From Date Subject
Next Message Tom Lane 2021-04-06 14:34:53 pgsql: Clean up treatment of missing default and CHECK-constraint recor
Previous Message Alvaro Herrera 2021-04-06 13:53:47 Re: pgsql: Implement pipeline mode in libpq