Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oJWGt-0004q3-E9 for pgsql-hackers@arkaria.postgresql.org; Thu, 04 Aug 2022 08:31:59 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1oJWGr-0001Ah-T6 for pgsql-hackers@arkaria.postgresql.org; Thu, 04 Aug 2022 08:31:57 +0000 Received: from makus.postgresql.org ([2001:4800:3e1:1::229]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1oJWGr-00016H-Jg for pgsql-hackers@lists.postgresql.org; Thu, 04 Aug 2022 08:31:57 +0000 Received: from mail-lf1-x12e.google.com ([2a00:1450:4864:20::12e]) by makus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1oJWGn-0001p6-OR for pgsql-hackers@lists.postgresql.org; Thu, 04 Aug 2022 08:31:56 +0000 Received: by mail-lf1-x12e.google.com with SMTP id e15so19763603lfs.0 for ; Thu, 04 Aug 2022 01:31:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc; bh=9H3C0Z3ne42V5MfIDt0URDyRsCHupGAqGWsqm2lZIHE=; b=od4temzk1LE1NVJWqqu/+63ZtCDgcOuq41v2FViwqUKm1jcdrY3Ro/Y2X/FnCn11Ho Oqg/dHa2m9mRY11o4P/bIO7TwA3J16/r88HpqFordKG3sd75e2B38Za7d0xyLQqZFwtU 7os+OI/4ITsH0lj79nQnaylDQBs08L1m4pmAWCd90ef5/AnuyIcOIDebEihwkVMBAthI uH5KIsFmUVRB5uAfY/jMAiG05qnjJGj0TEYt//NBMOWBCGTj2SJYsxxwQB+XdKkNH/YX dXZfpBk5uY9dtY0wCz9rGMxfdu3XREMu8nJshYjJnv3hqA7H3vs9JC3Rf+b5OgbDZ0k6 c4Rg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc; bh=9H3C0Z3ne42V5MfIDt0URDyRsCHupGAqGWsqm2lZIHE=; b=BTsdbdn2PjbfI9XVphLI0sVsWk/5EuIdb6eNS/pMBoTBM/65m0AGtSSRI9iX/007Gh fRTHVutEgphQLYvhLxfyACzStrCgVT1RblnjS2qMMYAEfcLTYJALDyHXYza053ORus9D 74lIfgY+HRBrTRnHAV2Zkc2nsenZZ72WNS4W2Kx/VGSwmA19LjeyPKlhmqj/Dl2urxIW 4QxrYiZoeVmp6jNEM7vcaSJFP4sgfBwIsTEXQx23a2Gbz7YZ6mVXDvLmKLob80LZ+xO4 w4pJua90PfzItFnaCrMx3Jkktk8ORZ0sUi6cXlx/xLDXuEr2SFIN2PaTcxs0KRd3egK2 p1nQ== X-Gm-Message-State: ACgBeo0cYhwwkiyqJK8pZlNXV0jszdqIvjeKdZS8IhKNEIIxs9Tb/uJH jOsmzlvVxDwARyuMwnzxigpdUTjMiJXfmE0TYK0= X-Google-Smtp-Source: AA6agR5nRLxewfmZEcwS+cWO4WpV7IYRMQ9x9sFdNDUKTs03VWyUxSkE+rZNgH9sd60g0Aw4TtVU7xd7EbeP1tlolEw= X-Received: by 2002:ac2:4db6:0:b0:48a:f9b6:bac1 with SMTP id h22-20020ac24db6000000b0048af9b6bac1mr318334lfe.669.1659601911295; Thu, 04 Aug 2022 01:31:51 -0700 (PDT) MIME-Version: 1.0 References: <9290b55b6ae2b04e002ca9dadadd1cca09461482.camel@cybertec.at> <763B5AF0-1C9E-4796-9639-F969A2E66189@yandex-team.ru> <11FF616C-C78C-41AA-A823-E3D4E745ACE5@yandex-team.ru> <4F070B19-51EC-4A05-A111-6001A961F991@yandex-team.ru> In-Reply-To: From: Bharath Rupireddy Date: Thu, 4 Aug 2022 14:01:40 +0530 Message-ID: Subject: Re: An attempt to avoid locally-committed-but-not-replicated-to-standby-transactions in synchronous replication To: Andrey Borodin , PostgreSQL Hackers , Dilip Kumar , Laurenz Albe , SATYANARAYANA NARLAPURAM Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Thu, Aug 4, 2022 at 1:42 PM Bharath Rupireddy wrote: > > On Mon, Jul 25, 2022 at 4:20 PM Andrey Borodin wro= te: > > > > > 25 =D0=B8=D1=8E=D0=BB=D1=8F 2022 =D0=B3., =D0=B2 14:29, Bharath Rupir= eddy =D0=BD=D0=B0=D0=BF=D0=B8=D1= =81=D0=B0=D0=BB(=D0=B0): > > > > > > Hm, after thinking for a while, I tend to agree with the above > > > approach - meaning, query cancel interrupt processing can completely > > > be disabled in SyncRepWaitForLSN() and process proc die interrupt > > > immediately, this approach requires no GUC as opposed to the proposed > > > v1 patch upthread. > > GUC was proposed here[0] to maintain compatibility with previous behavi= our. But I think that having no GUC here is fine too. If we do not allow ca= ncelation of unreplicated backends, of course. > > > > >> > > >> And yes, we need additional complexity - but in some other place. Tr= ansaction can also be locally committed in presence of a server crash. But = this another difficult problem. Crashed server must not allow data queries = until LSN of timeline end is successfully replicated to synchronous_standby= _names. > > > > > > Hm, that needs to be done anyways. How about doing as proposed > > > initially upthread [1]? Also, quoting the idea here [2]. > > > > > > Thoughts? > > > > > > [1] https://www.postgresql.org/message-id/CALj2ACUrOB59QaE6=3DjF2cFAy= v1MR7fzD8tr4YM5+OwEYG1SNzA@mail.gmail.com > > > [2] 2) Wait for sync standbys to catch up upon restart after the cras= h or > > > in the next txn after the old locally committed txn was canceled. One > > > way to achieve this is to let the backend, that's making the first > > > connection, wait for sync standbys to catch up in ClientAuthenticatio= n > > > right after successful authentication. However, I'm not sure this is > > > the best way to do it at this point. > > > > > > I think ideally startup process should not allow read only connections = in CheckRecoveryConsistency() until WAL is not replicated to quorum al leas= t up until new timeline LSN. > > We can't do it in CheckRecoveryConsistency() unless I'm missing > something. Because, the walsenders (required for sending the remaining > WAL to sync standbys to achieve quorum) can only be started after the > server reaches a consistent state, after all walsenders are > specialized backends. Continuing on the above thought (I inadvertently clicked the send button previously): A simple approach would be to check for quorum in PostgresMain() before entering the query loop for (;;) for non-walsender cases. A disadvantage of this would be that all the backends will be waiting here in the worst case if it takes time for achieving the sync quorum after restart - roughly we can do the following in PostgresMain(), of course we need locking mechanism so that all the backends whoever reaches here will wait for the same lsn: if (sync_replicaion_defined =3D=3D true && shmem->wait_for_sync_repl_upon_restart =3D=3D true) { SyncRepWaitForLSN(pg_current_wal_flush_lsn(), false); shmem->wait_for_sync_repl_upon_restart =3D false; } Thoughts? --=20 Bharath Rupireddy RDS Open Source Databases: https://aws.amazon.com/rds/postgresql/