Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qe9Ob-005uIG-N8 for pgsql-hackers@arkaria.postgresql.org; Thu, 07 Sep 2023 07:25:46 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1qe9Oa-00GMWa-JJ for pgsql-hackers@arkaria.postgresql.org; Thu, 07 Sep 2023 07:25:44 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qe9OY-00GMWM-WD for pgsql-hackers@lists.postgresql.org; Thu, 07 Sep 2023 07:25:44 +0000 Received: from wout3-smtp.messagingengine.com ([64.147.123.19]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1qe9OU-003aQY-1V for pgsql-hackers@lists.postgresql.org; Thu, 07 Sep 2023 07:25:42 +0000 Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.west.internal (Postfix) with ESMTP id F0F2B320097E; Thu, 7 Sep 2023 03:25:34 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 07 Sep 2023 03:25:35 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=paquier.xyz; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm1; t=1694071534; x=1694157934; bh=2A wiAg2jN1cNfSsc0Aic7iGQw0ZDHXXX6Dp/xgvYkck=; b=objMgacOYSQfFTVLVC AtkZvPy5de8PHiYRmNf2R19878n0msmwB7pwPAWE1ASCf1RM7dn8mgv+aO2dfRws uyhR3ocX/JplsvBnM3/CcUFVHVzL3nYxnM9bDJuVVL1SO/qS1kOmx+37W1y7b7ue 7pxLNsDmwjLKWmSfz+UQHSI3ZdaXk4c5LtNMRfq7YBnzXvBwsDOZq0w4LQH5GKco pXctF4YrKOxsywgXR86HXgiONIngqZSEKeF9QOA3fbs9SsZ57cfKAo1BaXfFakpa el7EshOBZip9KqaA466UckBHJnBtVWoolReM4JELKlw6qrEU2LsqErfh9JUX6rJ0 GcCA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm1; t=1694071534; x=1694157934; bh=2AwiAg2jN1cNf Ssc0Aic7iGQw0ZDHXXX6Dp/xgvYkck=; b=rNhyp/KJIp9yN3oJFG6khEhz0V9TG s52MfBhYiNUJ5Prab8eaEkamq2qZJLC6uQjMAqIxEvd/E7RA1NCo3q+QBDC9hylX pgZ7TPQ78B7Et/OaLwvsg9yZjAV8Lir9F/uaX+izhwHrZwhBWkmTKwN7m/rhNmrW Nib5SlGQ7XCfYG35B4ovg88OkrCChTmdkx69To4WNoVfhTEjHwKy6NQNly3k2H76 3zJn/KQOrA4xt7oykUTiJMiFZmzWC8ouL6y5D9wjr8+cGiVu0Lb3Q+x4asMirOKp jM2HocsZwos0b8qP3CO6e12bXKr+RiDgD+DauoWxE9Lygkkg36oIEebQA== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrudehgedguddvvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enfghrlhcuvffnffculdejtddmnecujfgurhepfffhvfevuffkfhggtggujgesghdtreer tddtvdenucfhrhhomhepofhitghhrggvlhcurfgrqhhuihgvrhcuoehmihgthhgrvghlse hprghquhhivghrrdighiiiqeenucggtffrrghtthgvrhhnpeetleeifedufffhhfdtteel geeggeffhfekueevteeigfduudevudetgfegiedvjeenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehmihgthhgrvghlsehprghquhhivghrrdig hiii X-ME-Proxy: Feedback-ID: i0fe9450f:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu, 7 Sep 2023 03:25:31 -0400 (EDT) Date: Thu, 7 Sep 2023 16:25:27 +0900 From: Michael Paquier To: Amit Kapila Cc: PostgreSQL Hackers , Sawada Masahiko , Dilip Kumar , "Hayato Kuroda (Fujitsu)" , vignesh C , =?utf-8?B?SG91LCBaaGlqaWUv5L6vIOW/l+adsA==?= , Peter Smith Subject: Re: Impact of checkpointer during pg_upgrade Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="zVL4WyyJzzoQg5T1" Content-Disposition: inline In-Reply-To: List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --zVL4WyyJzzoQg5T1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable (Just dumping what I have in mind while reading the thread.) On Sat, Sep 02, 2023 at 10:08:51AM +0530, Amit Kapila wrote: > During pg_upgrade, we start the server for the old cluster which can > allow the checkpointer to remove the WAL files. It has been noticed > that we do generate certain types of WAL records (e.g > XLOG_RUNNING_XACTS, XLOG_CHECKPOINT_ONLINE, and XLOG_FPI_FOR_HINT) > even during pg_upgrade for old cluster, so additional WAL records > could let checkpointer decide that certain WAL segments can be removed > (e.g. say wal size crosses max_slot_wal_keep_size_mb) and invalidate > the slots. Currently, I can't see any problem with this but for future > work where we want to migrate logical slots during an upgrade[1], we > need to decide what to do for such cases. The initial idea we had was > that if the old cluster has some invalid slots, we won't allow an > upgrade unless the user removes such slots or uses some option like > --exclude-slots. It is quite possible that slots got invalidated > during pg_upgrade due to no user activity. Now, even though the > possibility of the same is less I think it is worth considering what > should be the behavior. >=20 > The other possibilities apart from not allowing an upgrade in such a > case could be (a) Before starting the old cluster, we fetch the slots > directly from the disk using some tool like [2] and make the decisions > based on that state; (b) During the upgrade, we don't allow WAL to be > removed if it can invalidate slots; (c) Copy/Migrate the invalid slots > as well but for that, we need to expose an API to invalidate the > slots; (d) somehow distinguish the slots that are invalidated during > an upgrade and then simply copy such slots because anyway we ensure > that all the WAL required by slot is sent before shutdown. Checking for any invalid slots at the beginning of the upgrade and complain sounds like a good thing to do, because these are not expected to begin with, no? That's similar to a pre-check requirement that the slots should have fed the subscribers with all the data available up to the shutdown checkpoint when the publisher was stopped before running pg_upgrade. So (a) is a good idea to prevent an upgrade based on a state we don't expect from the start, as something in check.c, I assume. On top of that, (b) sounds like a good idea to me anyway to be more defensive. But couldn't we do that just like we do for autovacuum and force the GUCs that could remove the slot's WAL to not do their work instead? An upgrade is a special state of the cluster, and I'm not much into painting more checks based on IsBinaryUpgrade to prevent WAL segments to be removed while we can have a full control of what we want with just the GUCs that force the hand of the slots. That just seems simpler to me, and the WAL recycling logic is already complex particularly with all the GUCs popping lately to force some conditions to do the WAL recycling and/or removal. =20 During the upgrade, if some segments are removed and some of the slots we expect to still be valid once the upgrade is done are marked as invalid and become unusable, I think that we should just copy these slots, but also update their state data so as they can still be used with what we expect, as these could be wanted by the subscribers. That's what you mean with (d), I assume. Do you think that it would be possible to force the slot's data on the publishers so as they use a local LSN based on the new WAL we are resetting at? At least that seems more friendly to me as this limits the set of manipulations to do on the slots for the end-user. The protection from (b) ought to be enough, in itself. (c) overlaps with (a), especially if we want to be able to read or write some of the slot's data offline. -- Michael --zVL4WyyJzzoQg5T1 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEG72nH6vTowiyblFKnvQgOdbyQH0FAmT5eucACgkQnvQgOdby QH18Pw/7Bt7XGVZ06JukKSK3FGMwOjSquaoUXN5z6NaEOlfJROTutVLB59M3mGal MiN99+I3HlklZttMayRa1uqOXqA5eCOmzq2mZG0CbSITswW3+v0dGyq1GIjfg1dK fNiwC+xqOMolXIpdVyrunFQS09ZxvySr4yONAoaurIJD7b2qAhEV5abCYe+f83UN 65Q3NBxfBki9mm7hA8rYGE8IQp5gXZGQRvnudk4oH3iK/qnzs3FRlUlfa3uRoqBG lErVeTQfPBbUmWn8uSaYLI9yY7kUiFDwPi4bAKMxZNtLImbr7ljbQfByaAYpLhlQ kuAwxTEf/4gTEAAEXaR2X+V71wnIM4mYBxc5L5aDroIG0yOQf7TGgbZZJlyIAo0w OAHAoMOU01xkyB/kpv1LGh6ARAcds4GIq4ZEDXj9YBZ0ZF+g8IexSlLzwT+OSaO/ FUACGEphBk7sI+PhFXVb7YdUPi8jV5v++vVCdqTk6/wrnm5bro8Gvejo8h2hP2Ci Dbk23UcGDH211trpSFJSdTRHy9+xC2QaA2I/SkdmdhGaKIKvhincPwiOQyg71P8O P//egWMhEeqxQmy4I6fjDwlfaqiZNE6frkYUrGrp0OxXtJ8Tg3iRJTKQoMr+sMi4 gjAQOKPSlB/RotZnVpipJoqt843xPZ4a0pFt7LXBSOeDv2Tz9qQ= =8QJQ -----END PGP SIGNATURE----- --zVL4WyyJzzoQg5T1--