Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nnzZH-0002wh-FS for pgsql-hackers@arkaria.postgresql.org; Mon, 09 May 2022 09:20:39 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1nnzZG-00063k-5Q for pgsql-hackers@arkaria.postgresql.org; Mon, 09 May 2022 09:20:38 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1nnzZF-00063a-Qw for pgsql-hackers@lists.postgresql.org; Mon, 09 May 2022 09:20:37 +0000 Received: from mail-pl1-x62b.google.com ([2607:f8b0:4864:20::62b]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1nnzZD-0002c6-9h for pgsql-hackers@lists.postgresql.org; Mon, 09 May 2022 09:20:37 +0000 Received: by mail-pl1-x62b.google.com with SMTP id i1so13280201plg.7 for ; Mon, 09 May 2022 02:20:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ABOpABz/jSwBz/zNlgSPNPudzfjE/tbQlcipQ13BQXs=; b=maqejlmIFjggPtPjQeKam6OhCeDo1VsddVs89Z8TwCZTnCwmRxOWG4t3OhZD7vg3At XOAMKnIlvSkNciu3J46eUmyTadDwgaSwLdnxWSy1Cb20VR64EBTspRQsz8rzH+OVoDOo zsoVqjTp1vlK7XwqnOyo9SbEFW3eYyLRt5BvETSZrbqDHgYgnuiWLo1hCaBJw+dsyvrU JVX9YIfa0poHORnFAM5F7Cfx3sBkk2Ne8ElYwcUnU5eNgtwKZmCRlRN+R8dk51p30cRE 7o9EnCHxp+FMC/2dzuBQdxI/v6r1zFOUSm/hkq1WQJkRgn9mnelABGNUooS74K11MjPJ AIbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ABOpABz/jSwBz/zNlgSPNPudzfjE/tbQlcipQ13BQXs=; b=3VitrD4qOpgf8ooDG9E5mi4LliEgVW/z/G3Ko62u2w714/sfJaqz4b2MTZLYDaOXg1 9iaBOyN6Tg4RrCYxVE7zqJezGt3U1WK3tqSuDfUP+aYFJkUVe33GLSigqVk/rA/HAexW AX3ajzsjd4rn3nQlAb3IuKlNjQodaMjZXJobG0cD7cEAEHnn/cUI6nk7t+lquNsh1ApR 75WaYZCpi3RYM6GrrH6CcSAAQDNGXjTkGpDQaxZIC3KVYTQnMjy89fJEOLKrN2koniwK 2+klVt0WXj2q7iJ4WEgMIKI+z1Q7WvcKEFU0xgdk9KzfRyE3Txyupp75Hv+yIFfhLimY lxog== X-Gm-Message-State: AOAM5310oP3qVNXG5CfideQ5J6lCpAGtZbIo3Zq9pOMQNQgFUSMaSpSh eb/VYXG/gEtTR/yaHm4pVh6g3k8Wtc/Uh+LDG1M= X-Google-Smtp-Source: ABdhPJxP+kZVQfB7StsS4Yme6CIUg6xNtOGbU4PdP974cfRhOO8JczL83kTQ20luOEqb4ubfeprYGi6quRCNdJM6Zqg= X-Received: by 2002:a17:90b:4f8d:b0:1dc:6cca:1d96 with SMTP id qe13-20020a17090b4f8d00b001dc6cca1d96mr25670298pjb.135.1652088032861; Mon, 09 May 2022 02:20:32 -0700 (PDT) MIME-Version: 1.0 References: <9290b55b6ae2b04e002ca9dadadd1cca09461482.camel@cybertec.at> In-Reply-To: <9290b55b6ae2b04e002ca9dadadd1cca09461482.camel@cybertec.at> From: Bharath Rupireddy Date: Mon, 9 May 2022 14:50:21 +0530 Message-ID: Subject: Re: An attempt to avoid locally-committed-but-not-replicated-to-standby-transactions in synchronous replication To: Laurenz Albe Cc: PostgreSQL Hackers , SATYANARAYANA NARLAPURAM Content-Type: text/plain; charset="UTF-8" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk On Tue, Apr 26, 2022 at 11:57 AM Laurenz Albe wrote: > > On Mon, 2022-04-25 at 19:51 +0530, Bharath Rupireddy wrote: > > With synchronous replication typically all the transactions (txns) > > first locally get committed, then streamed to the sync standbys and > > the backend that generated the transaction will wait for ack from sync > > standbys. While waiting for ack, it may happen that the query or the > > txn gets canceled (QueryCancelPending is true) or the waiting backend > > is asked to exit (ProcDiePending is true). In either of these cases, > > the wait for ack gets canceled and leaves the txn in an inconsistent > > state [...] > > > > Here's a proposal (mentioned previously by Satya [1]) to avoid the > > above problems: > > 1) Wait a configurable amount of time before canceling the sync > > replication by the backends i.e. delay processing of > > QueryCancelPending and ProcDiePending in Introduced a new timeout GUC > > synchronous_replication_naptime_before_cancel, when set, it will let > > the backends wait for the ack before canceling the synchronous > > replication so that the transaction can be available in sync standbys > > as well. > > 2) Wait for sync standbys to catch up upon restart after the crash or > > in the next txn after the old locally committed txn was canceled. > > While this may mitigate the problem, I don't think it will deal with > all the cases which could cause a transaction to end up committed locally, > but not on the synchronous standby. I think that only using the full > power of two-phase commit can make this bulletproof. Not sure if it's recommended to use 2PC in postgres HA with sync replication where the documentation says that "PREPARE TRANSACTION" and other 2PC commands are "intended for use by external transaction management systems" and with explicit transactions. Whereas, the txns within a postgres HA with sync replication always don't have to be explicit txns. Am I missing something here? > Is it worth adding additional complexity that is not a complete solution? The proposed approach helps to avoid some common possible problems that arise with simple scenarios (like cancelling a long running query while in SyncRepWaitForLSN) within sync replication. [1] https://www.postgresql.org/docs/devel/sql-prepare-transaction.html Regards, Bharath Rupireddy.