Thread: Back Port Request for INVALID Startup Packet
Hi Team,
Can you please back port patch where if a 0 byte packet sent to PG instance (Health Checks), it starts complaining about invalid startup packet and flood the log which increases log size considerably if the health checks are every 3 seconds or something like that.
Patch Requested - https://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=342cb650e
Please let me know if you have already back ported this to supported versions.
Regards,
Virendra Kumar
Virendra Kumar <viru_7683@yahoo.com> writes: > Can you please back port patch where if a 0 byte packet sent to PG instance (Health Checks), it starts complaining aboutinvalid startup packet and flood the log which increases log size considerably if the health checks are every 3 secondsor something like that. > Patch Requested - https://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=342cb650e We generally don't like to change behavior of back branches without ironclad agreement that the existing behavior is a bug ... which this surely isn't. Also, the discussion leading up to that patch specifically considered and rejected back-patching; so I'm disinclined to overrule that decision now. I would suggest that an every-three-second health check is not appropriate, especially one that is so minimal that it only detects whether the postmaster is alive. regards, tom lane
Hi Tom,
Thank you for your reply!
This is simple patch, would that impact badly if patched to prior versions or some other constraints forced to not do that. I am just trying to understand this a bit.
On AWS RDS we have primary and secondary hosts known in advance in most cases. So if a primary instance fails over it will be other host and hence we have to update the active nodes in targets using lamda function. AWS RDS fails over very quickly under 3 seconds mostly and hence we have set that health checks to 3seconds. I'll go back to AWS folks and see if they can do this in prior releases.
Regards,
Virendra Kumar
On Wednesday, March 11, 2020, 5:29:38 PM PDT, Tom Lane <tgl@sss.pgh.pa.us> wrote:
Virendra Kumar <viru_7683@yahoo.com> writes:
> Can you please back port patch where if a 0 byte packet sent to PG instance (Health Checks), it starts complaining about invalid startup packet and flood the log which increases log size considerably if the health checks are every 3 seconds or something like that.
> Patch Requested - https://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=342cb650e
We generally don't like to change behavior of back branches without
ironclad agreement that the existing behavior is a bug ... which this
surely isn't. Also, the discussion leading up to that patch specifically
considered and rejected back-patching; so I'm disinclined to overrule
that decision now.
I would suggest that an every-three-second health check is not
appropriate, especially one that is so minimal that it only
detects whether the postmaster is alive.
regards, tom lane
> Can you please back port patch where if a 0 byte packet sent to PG instance (Health Checks), it starts complaining about invalid startup packet and flood the log which increases log size considerably if the health checks are every 3 seconds or something like that.
> Patch Requested - https://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=342cb650e
We generally don't like to change behavior of back branches without
ironclad agreement that the existing behavior is a bug ... which this
surely isn't. Also, the discussion leading up to that patch specifically
considered and rejected back-patching; so I'm disinclined to overrule
that decision now.
I would suggest that an every-three-second health check is not
appropriate, especially one that is so minimal that it only
detects whether the postmaster is alive.
regards, tom lane
On Thu, 2020-03-12 at 01:16 +0000, Virendra Kumar wrote: > This is simple patch, would that impact badly if patched to prior versions or some other > constraints forced to not do that. I am just trying to understand this a bit. It is not that this patch would have a terrible impact. There is a good reason for being very strict about what to backport: we want users to install the latest minor release without them worrying if that will change any behavior they rely on or not. If the users are not confident that they can always install the latest minor release without extra testing, they won't install them and run old, buggy releases. This would be bad for PostgreSQL's reputation of being stable and reliable. So also "harmless" changes that don't actually fix a bug are not backported. > On AWS RDS we have primary and secondary hosts known in advance in most cases. > So if a primary instance fails over it will be other host and hence we have to > update the active nodes in targets using lamda function. AWS RDS fails over very > quickly under 3 seconds mostly and hence we have set that health checks to 3seconds. > I'll go back to AWS folks and see if they can do this in prior releases. Hm. A system that fails over withing three seconds seems fragile to me. Doesn't that mean that evvery little hiccup will cause a failover? Maybe I don't understand what you are doing, but wouldn't it be better to catch errors whenever you perform a database operation and retry the operation if the error indicates that you have lost the connection? Yours, Laurenz Albe -- Cybertec | https://www.cybertec-postgresql.com
On 12/03/2020 00:29, Tom Lane wrote: > Virendra Kumar <viru_7683@yahoo.com> writes: >> Can you please back port patch where if a 0 byte packet sent to PG instance (Health Checks), it starts complaining aboutinvalid startup packet and flood the log which increases log size considerably if the health checks are every 3 secondsor something like that. >> Patch Requested - https://git.postgresql.org/gitweb/?p=postgresql.git;a=patch;h=342cb650e > > We generally don't like to change behavior of back branches without > ironclad agreement that the existing behavior is a bug ... which this > surely isn't. Also, the discussion leading up to that patch specifically > considered and rejected back-patching; so I'm disinclined to overrule > that decision now. > > I would suggest that an every-three-second health check is not > appropriate, especially one that is so minimal that it only > detects whether the postmaster is alive. Does the backend explicitly configure the kernel's TCP accept queue? Unless Postgres sets it to impractically low numbers, the above test sounds weak from yet another angle; the postmaster might be "alive" as a process but completely seized for other reasons: at least in Linux the TCP accept queue progresses the 3-way handshake so long as the bound socket's file descriptor is still held, without even waiting for accept(). I'd recommend a better probe that at least sends a startup message and expects the backend to follow up with the authentication request (no need to craft messages manually, testing for more abstract messages/states out of psql or some libpq wrapper would do). Better still, if credentials/access are available, run a query. -- Notice: This email is confidential and may contain copyright material of members of the Ocado Group. Opinions and views expressed in this message may not necessarily reflect the opinions and views of the members of the Ocado Group. If you are not the intended recipient, please notify us immediately and delete all copies of this message. Please note that it is your responsibility to scan this message for viruses. References to the "Ocado Group" are to Ocado Group plc (registered in England and Wales with number 7098618) and its subsidiary undertakings (as that expression is defined in the Companies Act 2006) from time to time. The registered office of Ocado Group plc is Buildings One & Two, Trident Place, Mosquito Way, Hatfield, Hertfordshire, AL10 9UL.