Postgres Pro
Downloads
Home   >   mailing lists

Re: Synchronization levels in SR - Mailing list pgsql-hackers

From Simon Riggs
Subject Re: Synchronization levels in SR
Date
Msg-id 1274810117.6203.2517.camel@ebony
Whole thread Raw
In response to Re: Synchronization levels in SR  (Robert Haas <robertmhaas@gmail.com>)
List pgsql-hackers
Tree view 
On Tue, 2010-05-25 at 13:31 -0400, Robert Haas wrote:
> So I agree that we need to talk about whether or not we want to do
> this.  I'll give my opinion.  I am not sure how useful this really is.
>  Consider a master with two standbys.  The master commits a
> transaction and waits for one of the two standbys, then acknowledges
> the commit back to the user.  Then the master crashes.  Now what?
> It's not immediately obvious which standby we should being online as
> the primary, and if we guess wrong we could lose transactions thought
> to be committed.  This is probably a solvable problem, with enough
> work: we can write a script to check the last LSN received by each of
> the two standbys and promote whichever one is further along.
> 
> But... what happens if the master and one standby BOTH crash
> simultaneously?  There's no way of knowing (until we get at least one
> of them back up) whether it's safe to promote the other standby.

Not much of a problem really, is it? If you have one server left out of
3, then you promote it OR you stay down - your choice.

There is no "safe to promote" knowledge in *any* scenario; you never
know what was on the primary, only what was received by the standby. If
you have N standbys still up, you can pick which using the algorithm you
mention.

Remember that the WAL is sequential, so its not like the commit order of
transactions will differ across servers if we use quorum commit. So not
a problem.

The multiple simultaneous case is fairly common for people that pick the
"synch to server in next rack" because there's a 100 reasons why we'd
take out both at the same time, ask JD.

> I like the idea of a "quorum commit" type feature where we promise the
> user that things are committed when "enough" servers have acknowledged
> the commit.  But I think most people are not going to want that
> configuration unless we also provide some really good management tools
> that we don't have today.

Good name.

Management tools has nothing to do with this; completely orthogonal.

-- Simon Riggs           www.2ndQuadrant.com

pgsql-hackers by date:

Previous
From: Michael Tharp
Date:
Subject: Re: [PATCH] Add XMLEXISTS function from the SQL/XML standard
Next
From: Alastair Turner
Date:
Subject: Re: Synchronization levels in SR