Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mU4Zn-0006mS-VV for pgsql-hackers@arkaria.postgresql.org; Sat, 25 Sep 2021 10:06:36 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1mU4Zm-0008Q2-Og for pgsql-hackers@arkaria.postgresql.org; Sat, 25 Sep 2021 10:06:34 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mU4Zm-0008Ps-3s for pgsql-hackers@lists.postgresql.org; Sat, 25 Sep 2021 10:06:34 +0000 Received: from mail-ed1-x529.google.com ([2a00:1450:4864:20::529]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1mU4Zi-00033C-EW for pgsql-hackers@lists.postgresql.org; Sat, 25 Sep 2021 10:06:33 +0000 Received: by mail-ed1-x529.google.com with SMTP id dm26so12011863edb.12 for ; Sat, 25 Sep 2021 03:06:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=enterprisedb.com; s=google; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=1t+gWZFKN03pKf3Er+8V9dutJ3AyK5+QoM1U41n9O3A=; b=O+MBVtoIsOz+2+SeHoBZ9LEUxkbjlVvpcucK9oC4zcxC1XcyjgD9RwzQzFEGb9P+5M yA7QH6qx36H9oYXfX5CPAJ32iYv8X/i5v27fiv1X213wiwTaXWqW1L1tHUIAPahkZuuK PfPllpOerx+f+JZKjJ/xB4hbqHSiDlTGDnyj2iRgiGiNj0kSSc4+Xnockw1MWTOuJcYX JhV0MTC7PDC//DGD263ayvzoq/JMdWAhfoYVt2nkxNUpjoJwb1PuxtTxGNXQyIfgHN5T pKzPGzFy3/FkIensJjCSMClCzlwn5RIYEnMPnOpcvtpogZ09KodMxVwg3N4aMt5ByJd9 n58A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=1t+gWZFKN03pKf3Er+8V9dutJ3AyK5+QoM1U41n9O3A=; b=iCkwspfMoiWwk4NuIoNlnl6zZzYrLiIeOQojD9q2DRPu8lJL0d5qYK3m8PocdjB0Hr uugXNhh8BGNF4G5FGSb+w5hsi8Yx5Fs5gHNLrARebAYt1e0axry0NOOAtZuVi6V9D8a2 ou7Vp1hjbks4QtELbO9QSVLKxqj1cimymi1Zo1M+difxXMTTAshz2U+69yuKFJCO6ArK NphkEMJo2N0uKD8D3Dm8Slwd8tAS20ECCEVSG0q/G5jBJvSu2ittlRuDUxlcCo3l9kjj F9eK/SezfH/ZUJY786IGfqyS2WLvbxSAlsYNPuspyKw0BesOVIAghqzGmEzhXnqKPLrX Wq6g== X-Gm-Message-State: AOAM533375+/U0gPBlR6/JNsqPQZSVEOUR27ZAFiEJUFROxyCpOJ/Wsh hYXxWR//YKcOjf38JnNuL6a8WK3jAHsAr1I8OtN6+MzoLC2YhyHTOxifmqI0//PLz+hXEXvu/+D 0c+tAY8xh5U3YVX7tXuJxCl7yY3zpWKkkDn8u1Ng5sT1Kh/eGDfaJw3GYUTTGh14e09Wc6a8GKJ O/smfUPC4JPgUpX5UpIzQCj0ZWbnQXevYCZe1kvNIKSnU+VgCfFCzg2eRefIEz2eXcDPwxOz7n8 IPbg1FCEIGw88Nrh/TNZtENtc5pSIGlnxQn/LXBFTHf7cyqYBvJ+A== X-Google-Smtp-Source: ABdhPJxXEFmeiilpNXIthFaeR+vyW5o2gkh4kyMJtPsCGenLAgV/lq81hEWw6yXvCmhflKMUmOm0yw== X-Received: by 2002:a50:bf0f:: with SMTP id f15mr6251758edk.43.1632564389058; Sat, 25 Sep 2021 03:06:29 -0700 (PDT) Received: from [10.137.0.18] (ip-86-49-251-104.net.upcbroadband.cz. [86.49.251.104]) by smtp.gmail.com with ESMTPSA id qc12sm5943802ejb.117.2021.09.25.03.06.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 25 Sep 2021 03:06:28 -0700 (PDT) Subject: Re: row filtering for logical replication To: Amit Kapila Cc: Ajin Cherian , Euler Taveira , Peter Smith , Rahila Syed , Peter Eisentraut , =?UTF-8?B?w5ZuZGVyIEthbGFjxLE=?= , japin , Michael Paquier , David Steele , Craig Ringer , Tomas Vondra , Amit Langote , PostgreSQL Hackers References: <0c2464d4-65f4-4d91-aeb2-c5584c1350f5@www.fastmail.com> <574b4e78-2f35-acf3-4bdc-4b872582e739@enterprisedb.com> <9d5073b7-e461-d0f3-89b7-0ddb09936f73@enterprisedb.com> From: Tomas Vondra Message-ID: <4f87a67c-bf95-ae53-9632-475415b4a7db@enterprisedb.com> Date: Sat, 25 Sep 2021 12:06:25 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-CLOUD-SEC-AV-Info: enterprisedb,google_mail,monitor X-CLOUD-SEC-AV-Sent: true X-Gm-Spam: 0 X-Gm-Phishy: 0 List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On 9/25/21 6:23 AM, Amit Kapila wrote: > On Sat, Sep 25, 2021 at 3:30 AM Tomas Vondra > wrote: >> >> On 9/24/21 7:20 AM, Amit Kapila wrote: >>> >>> I think the right way to support functions is by the explicit marking >>> of functions and in one of the emails above Jeff Davis also agreed >>> with the same. I think we should probably introduce a new marking for >>> this. I feel this is important because without this it won't be safe >>> to access even some of the built-in functions that can access/update >>> database (non-immutable functions) due to logical decoding environment >>> restrictions. >>> >> >> I agree that seems reasonable. Is there any reason why not to just use >> IMMUTABLE for this purpose? Seems like a good match to me. >> > > It will just solve one part of the puzzle (related to database access) > but it is better to avoid the risk of broken replication by explicit > marking especially for UDFs or other user-defined objects. You seem to > be okay documenting such risk but I am not sure we have an agreement > on that especially because that was one of the key points of > discussions in this thread and various people told that we need to do > something about it. I personally feel we should do something if we > want to allow user-defined functions or operators because as reported > in the thread this problem has been reported multiple times. I think > we can go ahead with IMMUTABLE built-ins for the first version and > then allow UDFs later or let's try to find a way for explicit marking. > Well, I know multiple people mentioned that issue. And I certainly agree just documenting the risk would not be an ideal solution. Requiring the functions to be labeled helps, but we've seen people marking volatile functions as immutable in order to allow indexing, so we'll have to document the risks anyway. All I'm saying is that allowing built-in functions/operators but not user-defined variants seems like an annoying break of extensibility. People are used that user-defined stuff can be used just like built-in functions and operators. >> Yes, the user can lie and label something that is not really IMMUTABLE, >> but that's his fault. Yes, it's harder to fix than e.g. for indexes. >> > > Agreed and I think we can't do anything about this. > >>>> >>>> 12) misuse of REPLICA IDENTITY >>>> >>>> The more I think about this, the more I think we're actually misusing >>>> REPLICA IDENTITY for something entirely different. The whole purpose of >>>> RI was to provide a row identifier for the subscriber. >>>> >>>> But now we're using it to ensure we have all the necessary columns, >>>> which is entirely orthogonal to the original purpose. I predict this >>>> will have rather negative consequences. >>>> >>>> People will either switch everything to REPLICA IDENTITY FULL, or create >>>> bogus unique indexes with extra columns. Which is really silly, because >>>> it wastes network bandwidth (transfers more data) or local resources >>>> (CPU and disk space to maintain extra indexes). >>>> >>>> IMHO this needs more infrastructure to request extra columns to decode >>>> (e.g. for the filter expression), and then remove them before sending >>>> the data to the subscriber. >>>> >>> >>> Yeah, but that would have an additional load on write operations and I >>> am not sure at this stage but maybe there could be other ways to >>> extend the current infrastructure wherein we build the snapshots using >>> which we can access the user tables instead of only catalog tables. >>> Such enhancements if feasible would be useful not only for allowing >>> additional column access in row filters but for other purposes like >>> allowing access to functions that access user tables. I feel we can >>> extend this later as well seeing the usage and requests. For the first >>> version, this doesn't sound too limiting to me. >>> >> >> I'm not really buying the argument that this means overhead for write >> operations. Well, it does, but the current RI approach is forcing users >> to either use RIF or add an index covering the filter attributes. >> Neither of those options is free, and I'd bet the extra overhead of >> adding just the row filter columns would be actually lower. >> >> If the argument is merely to limit the scope of this patch, fine. >> > > Yeah, that is one and I am not sure that adding extra WAL is the best > or only solution for this problem. As mentioned in my previous > response, I think we eventually need to find a way to access user > tables to support UDFs (that access database) or sub-query which other > databases already support, and for that, we might need to enhance the > current snapshot mechanism after which we might not need any > additional WAL even for additional columns in row filter. I don't > think anyone of us has evaluated in detail the different ways this > problem can be solved and the pros/cons of each approach, so limiting > the scope for this purpose doesn't seem like a bad idea to me. > Understood. I don't have a very good idea which of those options is the best one either, although I think enhancing the snapshot mechanism would be rather tricky. regards -- Tomas Vondra EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company