pg_rewind — synchronize a PostgreSQL data directory with another data directory that was forked from the first one
pg_rewind is a tool for synchronizing a PostgreSQL cluster with another copy of the same cluster, after the clusters' timelines have diverged. A typical scenario is to bring an old master server back online after failover, as a standby that follows the new master.
The result is equivalent to replacing the target data directory with the source one. All files are copied, including configuration files. The advantage of pg_rewind over taking a new base backup, or tools like rsync, is that pg_rewind does not require reading through all unchanged files in the cluster. That makes it a lot faster when the database is large and only a small portion of it differs between the clusters.
pg_rewind examines the timeline histories of the source and target clusters to determine the point where they diverged, and expects to find WAL in the target cluster's
pg_xlog directory reaching all the way back to the point of divergence. In the typical failover scenario where the target cluster was shut down soon after the divergence, that is not a problem, but if the target cluster had run for a long time after the divergence, the old WAL files might not be present anymore. In that case, they can be manually copied from the WAL archive to the
pg_xlog directory. Fetching missing files from a WAL archive automatically is currently not supported.
When the target server is started up for the first time after running pg_rewind, it will go into recovery mode and replay all WAL generated in the source server after the point of divergence. If some of the WAL was no longer available in the source server when pg_rewind was run, and therefore could not be copied by pg_rewind session, it needs to be made available when the target server is started up. That can be done by creating a
recovery.conf file in the target data directory with a suitable
pg_rewind requires that the target server either has the wal_log_hints option is enabled in
postgresql.conf or that data checksums were enabled when the cluster was initialized with initdb. Neither of these are currently on by default. full_page_writes must also be enabled. That is the default.
If pg_rewind fails while processing, then the data folder of the target is likely not in a state that can be recovered. In such a case, taking a new fresh backup is recommended.
pg_rewind will fail immediately if it finds files it cannot write directly to. This can happen for example when the source and the target server use the same file mapping for read-only SSL keys and certificates. If such files are present on the target server it is recommended to remove them before running pg_rewind. After doing the rewind, some of those files may have been copied from the source, in which case it may be necessary to remove the data copied and restore back the set of links used before the rewind.
pg_rewind accepts the following command-line arguments:
This option specifies the target data directory that is synchronized with the source. The target server must shut down cleanly before running pg_rewind
Specifies path to the data directory of the source server, to synchronize the target with. When
--source-pgdatais used, the source server must be cleanly shut down.
Specifies a libpq connection string to connect to the source PostgreSQL server to synchronize the target with. The connection must be a normal (non-replication) connection with superuser access. The server must be up and running, and must not be in recovery mode.
Do everything except actually modifying the target directory.
Enables progress reporting. Turning this on will deliver an approximate progress report while copying data over from the source cluster.
Print verbose debugging output that is mostly useful for developers debugging pg_rewind.
Display version information, then exit.
Show help, then exit.
--source-server option is used, pg_rewind also uses the environment variables supported by libpq (see Section 31.14).
When executing pg_rewind using an online cluster as source which has been recently promoted, it is necessary to execute a
CHECKPOINT after promotion so as its control file reflects up-to-date timeline information, which is used by pg_rewind to check if the target cluster can be rewound using the designated source cluster.
How it works
The basic idea is to copy everything from the new cluster to the old cluster, except for the blocks that we know to be the same.
Scan the WAL log of the old cluster, starting from the last checkpoint before the point where the new cluster's timeline history forked off from the old cluster. For each WAL record, make a note of the data blocks that were touched. This yields a list of all the data blocks that were changed in the old cluster, after the new cluster forked off.
Copy all those changed blocks from the new cluster to the old cluster.
Copy all other files such as
clogand configuration files from the new cluster to the old cluster, everything except the relation files.
Apply the WAL from the new cluster, starting from the checkpoint created at failover. (Strictly speaking, pg_rewind doesn't apply the WAL, it just creates a backup label file indicating that when PostgreSQL is started, it will start replay from that checkpoint and apply all the required WAL.)