Re: pg_checksums? - Mailing list pgsql-general

From Peter J. Holzer
Subject Re: pg_checksums?
Date
Msg-id 20231029153841.vl4bqwv33j3q2xgu@hjp.at
Whole thread Raw
In response to Re: pg_checksums?  (Paul Förster <paul.foerster@gmail.com>)
Responses Re: pg_checksums?
List pgsql-general
On 2023-10-29 16:15:37 +0100, Paul Förster wrote:
> On Oct 29, 2023, at 11:49, Peter J. Holzer <hjp-pgsql@hjp.at> wrote:
> > It *might* work if there are zero writes on the primary during the
> > downtime of the replica (because those writes couldn't be replicated),
> > but that seems hard to ensure. Even if you could get away with making
> > the primary read-only (is this even possible?) I wouldn't have much
> > confidence in the result and reinit the (new) replica anyway.
>
> As soon as I stop the replica to enable checksums, even writes can't
> get replicated anymore. So during enabling checksums, a replica is
> definitely protected against modifications by its primary, simply
> because it's down. The modifications of the primary are applied to the
> replica when it comes back online.

And this is where it would break down. The modifications can't be
applied to the replica any more because the replica now contains
checksums and the modifications don't. In the best case the replica
would catch the discrepancy and refuse to apply the modifications which
would lead to the loss of these modifications. In the worst case it
would apply them anyway causing severe data corruption.

> So, I don't see a problem at this particular stage.
>
> My fear is merely that enabling checksums does something to the
> physical state of the data files which are not compatible with the
> other side.

Exactly. Those checksums have to be stored somewhere.

> Like for example manipulate the file headers in some way.

Not just the file headers. Every single data block.

(Ok, it looks like the space for the checksum is reserved even if
checksums aren't enabled[1]. So at least pg_checksums doesn't have to
move data around to enable them. But overwriting a page with a checksum
with one without one would still be bad.)

        hp

[1] https://www.postgresql.org/docs/current/storage-page-layout.html#PAGEHEADERDATA-TABLE

--
   _  | Peter J. Holzer    | Story must make more sense than reality.
|_|_) |                    |
| |   | hjp@hjp.at         |    -- Charles Stross, "Creative writing
__/   | http://www.hjp.at/ |       challenge!"

Attachment

pgsql-general by date:

Previous
From: Ron
Date:
Subject: Re: pg_checksums?
Next
From: pf@pfortin.com
Date:
Subject: Re: [SOLVED?] Re: Disk wait problem... not hardware...