Thread: Re: [PATCHES] Improve shutdown during online backup
[what should happen if a smart shutdown request is received during online backup mode? I'll cc: the hackers list, maybe others have something to say to this] Heikki Linnakangas wrote: > Albe Laurenz wrote: >> Moreover, if Shutdown == SmartShutdown, new connections won't be accepted, >> and nobody can connect and call pg_stop_backup(). >> So even if I'd add a check for >> (pmState == PM_WAIT_BACKENDS) && !BackupInProgress() somewhere in the >> ServerLoop(), it wouldn't do much good, because the only way for somebody >> to cancel online backup mode would be to manually remove the file. > > Good point. > >> So the only reasonable thing to do on smart shutdown during an online >> backup is to have the shutdown request fail, right? The only alternative being >> that a smart shutdown request should interrupt online backup mode. > > Or we can add another state, PM_WAIT_BACKUP, before PM_WAIT_BACKENDS, > that allows new connections, and waits until the backup ends. That's an option. Maybe it is possible to restrict connections to superusers (who are the only ones who can call pg_stop_backup() anyway). Or, we could allow superuser connections in state PM_WAIT_BACKENDS... Opinions? Yours, Laurenz Albe
On Tue, 2008-04-08 at 09:16 +0200, Albe Laurenz wrote: > Heikki Linnakangas wrote: > > Albe Laurenz wrote: > >> Moreover, if Shutdown == SmartShutdown, new connections won't be accepted, > >> and nobody can connect and call pg_stop_backup(). > >> So even if I'd add a check for > >> (pmState == PM_WAIT_BACKENDS) && !BackupInProgress() somewhere in the > >> ServerLoop(), it wouldn't do much good, because the only way for somebody > >> to cancel online backup mode would be to manually remove the file. > > > > Good point. > > > >> So the only reasonable thing to do on smart shutdown during an online > >> backup is to have the shutdown request fail, right? The only alternative being > >> that a smart shutdown request should interrupt online backup mode. > > > > Or we can add another state, PM_WAIT_BACKUP, before PM_WAIT_BACKENDS, > > that allows new connections, and waits until the backup ends. > > That's an option. Maybe it is possible to restrict connections to superusers > (who are the only ones who can call pg_stop_backup() anyway). > > Or, we could allow superuser connections in state PM_WAIT_BACKENDS... That sounds right. Completely unrelated to backups, if you issue a smart shutdown and it doesn't, you probably would like to connect and see what is happening and why. The reason may not be a backup-in-progress. Personally, I think "smart" shutdown could be even smarter. It should kick off unwanted sessions, such as an idle pgAdmin session - maybe a rule like "anything that has been idle for >30 seconds". -- Simon Riggs 2ndQuadrant http://www.2ndQuadrant.com
"Simon Riggs" <simon@2ndquadrant.com> writes: > Personally, I think "smart" shutdown could be even smarter. It should > kick off unwanted sessions, such as an idle pgAdmin session - maybe a > rule like "anything that has been idle for >30 seconds". That's not a bad idea in itself but I don't think it's something the server should be in the business of doing. One big reason is that the server shouldn't be imposing arbitrary policy. That should be something the person running the shutdown is in control over. What you could do is have a separate program (I would write a client but a server-side function would work too) to kick off users based on various criteria you can specify. Then you can put in your backup scripts two commands, one to kick off idle users and then do a smart shutdown. -- Gregory Stark EnterpriseDB http://www.enterprisedb.com Ask me about EnterpriseDB's PostGIS support!