Re: Configuring synchronous replication - Mailing list pgsql-hackers
From | Simon Riggs |
---|---|
Subject | Re: Configuring synchronous replication |
Date | |
Msg-id | 1285157538.2029.170.camel@ebony Whole thread Raw |
In response to | Re: Configuring synchronous replication (Josh Berkus <josh@agliodbs.com>) |
Responses |
Re: Configuring synchronous replication
Re: Configuring synchronous replication |
List | pgsql-hackers |
On Tue, 2010-09-21 at 17:04 -0700, Josh Berkus wrote: > > That said, the timeout option also feels a bit wishy-washy to me. With a > > timeout, acknowledgment of a commit means "your transaction is safely > > committed in the master and slave. Or not, if there was some glitch with > > the slave". That doesn't seem like a very useful guarantee; if you're > > happy with that why not just use async replication? > > Ah, I wasn't clear. My thought was that a standby which exceeds the > timeout would be marked as "nonresponsive" and no longer included in the > list of standbys which needed to be synchronized. That is, the timeout > would be a timeout which says "this standby is down". > > > So the only case where standby registration is required is where you > > deliberately choose to *not* have N+1 redundancy and then yet still > > require all N standbys to acknowledge. That is a suicidal config and > > nobody would sanely choose that. It's not a large or useful use case for > > standby reg. (But it does raise the question again of whether we need > > quorum commit). This is becoming very confusing. Some people advocating "standby registration" have claimed it allows capabilities which aren't possible any other way; all but one of those claims has so far been wrong - the remaining case is described above. If I'm the one that is wrong, please tell me where I erred. > Thinking of this as a sysadmin, what I want is to have *one place* I can > go an troubleshoot my standby setup. If I have 12 synch standbys and > they're creating too much load on the master, and I want to change half > of them to async, I don't want to have to ssh into 6 different machines > to do so. If one standby needs to be taken out of the network because > it's too slow, I want to be able to log in to the master and instantly > identify which standby is lagging and remove it there. The above case is one where I can see your point and it does sound easier in that case. But I then think: "What happens after failover?". We would then need to have 12 different standby.conf files, one on each standby that describes what the setup would look like if that standby became the master. And guess what, every time we made a change on the master, you'd need to re-edit all 12 standby.conf files to reflect the new configuration. So we're still back to having to edit in multiple places, ISTM. Please, please, somebody write down what the design proposal is *before* we make a decision on whether it is a sensible way to proceed. It would be good to see a few options written down and some objective analysis of which way is best to let people decide. -- Simon Riggs www.2ndQuadrant.comPostgreSQL Development, 24x7 Support, Training and Services
pgsql-hackers by date: