On 2/24/19 11:36 PM, Stephen Frost wrote:
Greetings,
* Laurenz Albe (laurenz.a...@cybertec.at) wrote:
Stephen Frost wrote:
Yes, it *is* impossible to do safe backups with the existing API. There
is an unquestionable race condition where a system restart will cause
your system to not come back up without you going in and removing the
backup_label file- and the only way you make that race window small is
to remove the backup_label file right after you run pg_start_backup and
copy it, and then PUT IT BACK at the end before you call pg_stop_backup,
which is insane, but otherwise the 'race window' is the ENTIRE length of
the backup.
I just have an idea:
What about an option to keep WAL around for the duration of an exclusive backup?
That way PostgreSQL can still restart after a crash. It will take longer than
expected, but it will work. But then, perhaps the long recovery time is only
marginally better than having to manually delete the backup_label file...
I'm afraid that we'd end up with many, many complaints about people
running out of disk space on WAL when they are trying to take a backup..
This would also require replaying all that WAL during crash recovery
which could mean a much longer startup time.
--
-David
da...@pgmasters.net
