Re: Configuring synchronous replication - Mailing list pgsql-hackers
| From | Simon Riggs |
|---|---|
| Subject | Re: Configuring synchronous replication |
| Date | |
| Msg-id | 1285325851.21874.1524.camel@ebony Whole thread Raw |
| In response to | Re: Configuring synchronous replication (Heikki Linnakangas <heikki.linnakangas@enterprisedb.com>) |
| Responses |
Re: Configuring synchronous replication
|
| List | pgsql-hackers |
On Fri, 2010-09-24 at 11:08 +0300, Heikki Linnakangas wrote: > On 24/09/10 01:11, Simon Riggs wrote: > >> But that's not what I call synchronous replication, it doesn't give > >> you the guarantees that > >> textbook synchronous replication does. > > > > Which textbook? > > I was using that word metaphorically, but for example: > > Wikipedia > http://en.wikipedia.org/wiki/Replication_%28computer_science%29 > (includes a caveat that many commercial systems skimp on it) Yes, I read that. The example it uses shows only one standby, which does suffer from the problem/caveat it describes. Two standbys resolves that problem, yet there is no mention of multiple standbys in Wikipedia. > Oracle docs > > http://download.oracle.com/docs/cd/B10500_01/server.920/a96567/repoverview.htm > Scroll to "Synchronous Replication" That document refers to sync rep *only* in the context of multimaster replication. We aren't discussing that here and so that link is not relevant at all. Oracle Data Guard in Maximum availability mode is roughly where I think we should be aiming http://download.oracle.com/docs/cd/B10500_01/server.920/a96653/concepts.htm#1033871 But I disagree with consulting other companies' copyrighted material, and I definitely don't like their overcomplicated configuration. And they have not yet thought of per-transaction controls. So I believe we should learn many lessons from them, but actually ignore and surpass them. Easily. > Googling for "synchronous replication textbook" also turns up this > actual textbook: > Database Management Systems by R. Ramakrishnan & others > which uses synchronous replication with this meaning, although in the > context of multi-master replication. > > Interestingly, "Transaction Processing: Concepts and techniques" by > Grey, Reuter, chapter 12.6.3, defines three levels: > > 1-safe - what we call asynchronous > 2-safe - commit is acknowledged after the slave acknowledges it, but if > the slave is down, fall back to asynchronous mode. > 3-safe - commit is acknowledged only after slave acknowledges it. If it > is down, refuse to commit Which again is a one-standby viewpoint on the problem. Wikipedia is right that there is a problem when using just one server. "3-safe" mode is not more safe than "2-safe" mode when you have 2 standbys. If you want high availability you need N+1 redundancy. If you want a standby server that is N=1. If you want a highly available standby configuration then N+1 = 2. Show me the textbook that describes what happens with 2 standbys. If one exists, I'm certain it would agree with my analysis. (I'll read and comment on your other points later today.) -- Simon Riggs www.2ndQuadrant.comPostgreSQL Development, 24x7 Support, Training and Services
pgsql-hackers by date: