Andrew Sullivan wrote:
> On Sat, Sep 27, 2003 at 09:13:27AM -0300, Marc G. Fournier wrote:
> >
> > I think it was Andrew that suggested it ... when the slave timesout, it
> > should "trigger" a READ ONLY mode on the slave, so that when/if the master
> > tries to start to talk to it, it can't ...
> >
> > As for the master itself, it should be smart enough that if it times out,
> > it knows to actually abandom the slave and not continue to try ...
>
> Yes, but now we're talking as though this is master-slave
> replication. Actually, "master" and "slave" are only useful terms in
> a transaction for 2PC. So every machine is both a master and a
> slave.
>
> It seems that one way out is just to fall back to "read only" as soon
> as a single failure happens. That's the least graceful but maybe
> safest approach to failure, analogous to what fsck does to your root
> filesystem at boot time. Of course, since there's no "read only"
> mode at the moment, this is all pretty hand-wavy on my part :-/
OK, I think we came to the conclusion that we want 2-phase commit, but
want some way to mark a server as offline/read-only, or notify an
administrator. Can we communicate this to the Japanese guys working on
2-phase commit so they can start working toward including in 7.5?
Added to TODO:
* Add two-phase commit to all distributed transactions with offline/readonly server status or administrator
notification for failure
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610)
359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square,
Pennsylvania19073
