Thread: Demoting master to slave without an rsync...is it safe?

I have a master+slave set up using asynchronous streaming replication.  If I do a graceful (-fast) shutdown of the master, and then promote the slave to master, my understanding is that I should not have any data loss.  At that point in order to bring the old master back up as a slave the docs say I should do a base-backup etc....however I've found that simply setting recovery_target_timeline='latest' does allow the old master to start back up as a slave, and everything appears to be happy, all data seems to be synced properly.  My question is, is this safe to do?  It's a very attractive option as it removes a significant amount of load from the master server for planned switch-overs (maintenance/upgrades/whatever).  Thanks!

Chris Redekop wrote:
> I have a master+slave set up using asynchronous streaming replication.
>  If I do a graceful (-fast) shutdown of the master, and then promote
> the slave to master, my understanding is that I should not have any
> data loss.  At that point in order to bring the old master back up as
> a slave the docs say I should do a base-backup etc....however I've
> found that simply setting recovery_target_timeline='latest' does allow
> the old master to start back up as a slave, and everything appears to
> be happy, all data seems to be synced properly.  My question is, is
> this safe to do?  It's a very attractive option as it removes a
> significant amount of load from the master server for planned
> switch-overs (maintenance/upgrades/whatever).  Thanks!
Hi Chris,

I don't have an answer for you, but I am doing the kind of tests you are
doing.
I tested the following cases:
case-1  Shutdown master, slave still available for read-only
           Then started master, both master and slave works properly

case-2  Shutdown slave while master still running and lots of inserts
and updates
            After 10 minutes, started slave, and it catched up with the
changes within minutes

case-3  Assume master is crash, shutdown master, slave in read-only and
waiting for the WAL update.
            Then, I touch the recovery failover file indicated in
recovery.conf.
            The slave changed into read-write mode.
            A lots of inserts and update to the slave now become
master.  (I am not sure its a good idea, but in real case if master down
I want the slave can act as master while waiting for the another slave
available.)
            I am not sure the changes are updated to arch_replicate
directory where  are the  old  Master write  to it.
            I real case I need to make sure no changes to the new master
right after the fail over.
            Then copy the postgresql.conf and recovery.conf to the
$PGDATA of the new master then restart  the database.
            Then resyn $PGDATA to another location of the old master
host, then copy slave conf to the new $PGDATA.  I have about 1TB of
database can take up to 30 minues.
            Then restart the new slave, every thing works.

I have two questions:
(1) Did you set recovery_target_timeline='latest' in both master and slave?
(2) Did you make any changes after promote the slave to be master?

--

Best regards,


Alex Lai
OMI SIPS DBA ADNET Systems , Inc.
7515 Mission Drive,
Suite A100 Lanham, MD 20706
301-352-4657 (phone)
301-352-0437 (fax)
alai@sesda2.com

Chris Redekop wrote:
>
>
>     I have two questions:
>     (1) Did you set recovery_target_timeline='latest' in both master
>     and slave?
>
>
> Yes....but it's in recovery.conf so it only really applies to
> whichever server is currently the slave...
>
>
>     (2) Did you make any changes after promote the slave to be master?
>
>
> Yes, some....however I'm not sure I've done enough changes to have the
> slave rotate+archive an xlog before bringing the old master back up as
> a slave....I would assume that wouldn't make a difference but it's
> something to test I guess....
Did you set trigger_file in recovery?  That is the required step to
switch slave to master.   I set my log rotate+archive to 15 minutes.
When I touch fail over file, it mostly like force it to rotate+archive.

--
Best regards,


Alex Lai
OMI SIPS DBA ADNET Systems , Inc.
7515 Mission Drive,
Suite A100 Lanham, MD 20706
301-352-4657 (phone)
301-352-0437 (fax)
alai@sesda2.com

Yes, but I don't understand at all where this conversation is going, or how it's relevant.  I have fail-over working perfectly fine.....my original question was: is it safe to bring a former master back up as a slave without doing a base-backup first? (using recovery_target_timeline='latest')

On 09/07/11 2:43 PM, Chris Redekop wrote:
> my original question was: is it safe to bring a former master back up
> as a slave without doing a base-backup first? (using
> recovery_target_timeline='latest')
>

no.  you must first sync the new slave's files from the current master.
if you can do this with rsync odds are most of the old files on the
master won't need copying.   of course, this sync must be bracketed with
the same pg_start_backup() and pg_end_backup() as when the original
slave was created.



--
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast