Hi,
On Mon, Apr 24, 2023 at 12:03:05PM +0000, Hayato Kuroda (Fujitsu) wrote:
>
> > I think that this test should be different when just checking for the
> > prerequirements (live_check / --check) compared to actually doing the upgrade,
> > as it's almost guaranteed that the slots won't have sent everything when the
> > source server is up and running.
>
> Hmm, you assumed that the user application is still running and data is coming
> continuously when doing --check, right? Personally I have thought that the
> --check operation is executed just before the actual upgrading, therefore I'm not
> sure your assumption is real problem.
The checks are always executed before doing the upgrade, to prevent it if
something isn't right. But you can also just do those check on a live
instance, so you can get a somewhat strong guarantee that the upgrade operation
will succeed before needing to stop all services and shut down postgres. It's
basically free to run those checks and can avoid an unnecessary service
interruption so I'm pretty sure people use it quite often.
> And I could not find any checks which their
> contents are changed based on the --check option.
Yes, because other checks are things that you can actually fix when the
instance is running, like getting rid of tables with oids. The only semi
exception if for 2pc which can be continuously prepared and committed, but if
you hit that problem at least you know you have to stop cleanly your XA-like
application and make sure there are no 2pc left.
> Yeah, if we support the case checking pg_replication_slots.active may be sufficient.
> Actually this cannot handle the case that pg_create_logical_replication_slot()
> is executed just before upgrading, but I'm not sure it should be.
It shouldn't, same for any of the other checks. The live check can't predict
the future, it just tells you if there's anything that would prevent the
upgrade *at the moment it's executed*.