<div dir="ltr"><br /><div class="gmail_extra"><br /><div class="gmail_quote">On Wed, Oct 8, 2014 at 11:38 PM, Heikki
Linnakangas<span dir="ltr"><<a href="mailto:hlinnakangas@vmware.com"
target="_blank">hlinnakangas@vmware.com</a>></span>wrote:<br /><blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px#ccc solid;padding-left:1ex"><span class="">On 10/08/2014 04:59 PM, Fujii Masao wrote:<br
/></span><blockquoteclass="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span
class="">On Wed, Oct 8, 2014 at 6:54 PM, Heikki Linnakangas<br /> <<a href="mailto:hlinnakangas@vmware.com"
target="_blank">hlinnakangas@vmware.com</a>>wrote:<br /></span><span class=""><blockquote class="gmail_quote"
style="margin:00 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"> Instead of creating any .done files during
recovery,we could scan pg_xlog<br /> at promotion, and create a .done file for every WAL segment that's present<br />
atthat point. That would be more robust. And then apply your patch, to<br /> recycle old segments during archive
recovery,ignoring .done files.<br /></blockquote><br /> What happens if a user shutdowns the standby, removes
recovery.confand<br /> starts the server as the master?<br /></span></blockquote><br /> Um, that's not a safe thing to
doanyway, is it?<span class="HOEnZb"><font color="#888888"><br /></font></span></blockquote><div
class="gmail_extra">That'snot safe as it bypasses all the consistency checks of promotion. Now, it is also something
thatrepmgr for example does as far as I recall to do a node "promotion". What if we simply document the problem
properlythen? The apparition of those phantom WAL files is more scary than a user or a utility that does a promotion
witha server restart. Not to mention as well that users as free to add themselves files to pg_xlog.<br />-- <br
/>Michael<br/></div></div></div></div>
