Re: Remove Deprecated Exclusive Backup Mode - Mailing list pgsql-hackers

> On Feb 26, 2019, at 09:26, Robert Haas <robertmhaas@gmail.com> wrote:
>
> On Tue, Feb 26, 2019 at 12:20 PM Fujii Masao <masao.fujii@gmail.com> wrote:
>> So, let me clarify the situations;
>>
>> (1) If backup_label and recovery.signal exist, the recovery starts safely.
>>       This is the normal case of recovery from the base backup.
>>
>> (2)If backup_label.pending and recovery.signal exist, as described above,
>>       PANIC error happens at the start of recovery. This case can happen
>>       if the operator forgets to rename backup_label.pending, i.e.,
>>       operation mistake. So, after PANIC, the operator needs to fix her or
>>       his mistake (i.e., rename backup_label.pending) and restart
>>       the recovery.
>>
>> (3) If backup_label.pending exists but recovery.signal doesn't, the server
>>       ignores (or removes) backup_label.pending and do the recovery
>>       starting the pg_control's REDO location. This case can happen if
>>       the server crashes while an exclusive backup is in progress.
>>       So crash-in-the-middle-of-backup doesn't prevent the recovery from
>>       starting in this idea.
>
> The if-conditions for 1 and 2 appear to be the same, which is confusing.

I believe #1 is when backup_label (no .pending) exists, #2 is when backup_label.pending (with .pending) exists.

At the absolute minimum, this discussion has convinced me that we need to create a wiki page to accurately describe the failure scenarios for both exclusive and non-exclusive backups, and the recovery actions for them.  If it exists already, my search attempts weren't successful.  If it doesn't, I'm happy to start one.