stolon: implement strict synchronous replication #219
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This was referenced Dec 6, 2016
28543f6 to
40446b1
Compare
Currently synchronous replication just sets all the standbys as `synchronous_standby_names`. So postgres will choose one of them as the synchronous standby. If this fails, another will be automicatally choosen by postgres. So currently stolon has no way to be sure which standby was the current synchronous one when the master died and just uses the last reported state to find the best one. This patch makes synchronous replication more strict and fixes this problem. Now the sentinel define only the synchronous standbys in `synchronous_standby_names`. For postgresql < 9.5 this will be only one, with postgresql >= 9.6 there can be more than one. If there're not enough available standbys then it will also add a fake standby server. Adding a non existing standby server will ensure the master will always block waiting for remote commits. In this way the sentinel always know which was the latest synchronous standby avoiding any data loss caused by choosing a non synchronous standby. If both the master and the sync standby dies at the same time it won't elect another non sync standby.
40446b1 to
1cca095
Compare
sgotti
added a commit
that referenced
this pull request
Dec 8, 2016
stolon: implement strict synchronous replication
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently synchronous replication just sets all the standbys as
synchronous_standby_names. So postgres will choose one of them as thesynchronous standby. If this fails, another will be automicatally
choosen by postgres. So currently stolon has no way to be sure which standby
was the current synchronous one when the master died and just uses the
last reported state to find the best one.
This patch makes synchronous replication more strict and fixes this
problem.
Now the sentinel define only the synchronous standbys in
synchronous_standby_names.For postgresql < 9.5 this will be only one, with postgresql >= 9.6 there
can be more than one.
If there're not enough available standbys then it will also add a fake
standby server. Adding a non existing standby server will ensure the
master will always block waiting for remote commits.
In this way the sentinel always know which was the latest synchronous
standby avoiding any data loss caused by choosing a non synchronous
standby. If both the master and the sync standby dies at the same time
it won't elect another non sync standby.