Tom, > > ... In the case of a postmaster crash, I think > > something in the system is so wrong that I'd prefer an immediate shutdown. > > Surely some other people have opinions on this? Hello out there?
Well, my opinion is based on the question, can we restart the postmaster if it dies and the other backends are still running? If not, why are we even discussing this? Otherwise, as someone who does support for a number of high-demand databases, I'd like to give you the rules that such applications need to have enforced in order to continue using Postgres: 1) If any transaction is reported as complete to the client, it must be written to disk and not rolled back, even in the event of a sudden power outage. 2) If any transaction is *not* reported as complete, except in split-second timing cases, it should be rolled back. Always. Basically, in high-demand situations where one expects occasional failures due to load, one depends on the application log, the syslog and the transaction log being in synch. Otherwise on restart one doesn't know what has or hasn't been committed. -- -Josh Berkus Aglio Database Solutions San Francisco ---------------------------(end of broadcast)--------------------------- TIP 7: don't forget to increase your free space map settings
