On Sat, 2004-07-17 at 00:57, Bruce Momjian wrote:
> OK, I think I have some solid ideas and reasons for them.
>
Sorry for taking so long to reply...
> First, I think we need server-side functions to call when we start/stop
> the backup. The advantage of these server-side functions is that they
> will do the required work of recording the pg_control values and
> creating needed files with little chance for user error. It also allows
> us to change the internal operations in later releases without requiring
> admins to change their procedures. We are even able to adjust the
> internal operation in minor releases without forcing a new procedure on
> users.
Yes, I think we should go down this route. ....there's a "but" and that
is we don't absolutely need it for correctness....and so I must decline
adding it to THIS release. I don't imagine I'll stop be associated with
this code for a while yet....
Can we recommend that users should expect to have to call a start and
end backup routine in later releases? Don't expect you'll agree to
that..
>
> Second, I think once we start a restore, we should rename recovery.conf
> to recovery.in_progress, and when complete rename that to
> recovery.done. If the postmaster starts and sees recovery.in_progress,
> it will fail to start knowing its recovery was interrupted. This allows
> the admin to take appropriate action. (I am not sure what that action
> would be. Does he bring back the backup files or just keep going?)
>
Superceded by Tom's actions. Two states are required: start and stop.
Recovery isn't going to be checkpoint-restartable anytime soon, IMHO.
Best regards, Simon Riggs
