On Fri, Jul 13, 2012 at 09:12:56AM +0200, Hampus Wessman wrote:
> How you decide what to do with the servers on failures isn't that
> important here, really. You can probably run e.g. Pacemaker on 3+
> machines and have it check for quorums to accomplish this. That's a
> good approach at least. You can still have only 2 database servers
> (for cost reasons), if you want. PostgreSQL could have all this
> built-in, but I don't think it sounds overly useful to only be able
> to disable synchronous replication on the primary after a timeout.
> Then you can never safely do a failover to the secondary, because
> you can't be sure synchronous replication was active on the failed
> primary...
So how about this for a Postgres TODO:
Add configuration variable to allow Postgres to disable synchronousreplication after a specified timeout, and add
variableto alertadministrators of the change.
-- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB
http://enterprisedb.com
+ It's impossible for everything to be true. +
