2012-10-02 12:37:19 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
|
*
|
|
|
|
|
* xlogarchive.c
|
|
|
|
|
* Functions for archiving WAL files and restoring from the archive.
|
|
|
|
|
*
|
|
|
|
|
*
|
2024-01-04 02:49:05 +01:00
|
|
|
* Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
|
2012-10-02 12:37:19 +02:00
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
|
|
|
*
|
|
|
|
|
* src/backend/access/transam/xlogarchive.c
|
|
|
|
|
*
|
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "postgres.h"
|
|
|
|
|
|
|
|
|
|
#include <sys/stat.h>
|
2012-10-02 16:19:52 +02:00
|
|
|
#include <sys/wait.h>
|
2012-10-02 12:37:19 +02:00
|
|
|
#include <signal.h>
|
|
|
|
|
#include <unistd.h>
|
|
|
|
|
|
2012-12-13 13:59:13 +01:00
|
|
|
#include "access/xlog.h"
|
2012-10-02 12:37:19 +02:00
|
|
|
#include "access/xlog_internal.h"
|
2020-03-31 08:33:04 +02:00
|
|
|
#include "access/xlogarchive.h"
|
2023-02-06 00:28:42 +01:00
|
|
|
#include "common/archive.h"
|
|
|
|
|
#include "common/percentrepl.h"
|
2012-10-02 12:37:19 +02:00
|
|
|
#include "miscadmin.h"
|
2021-11-22 02:28:21 +01:00
|
|
|
#include "pgstat.h"
|
Make archiver process an auxiliary process.
This commit changes WAL archiver process so that it's treated as
an auxiliary process and can use shared memory. This is an infrastructure
patch required for upcoming shared-memory based stats collector patch
series. These patch series basically need any processes including archiver
that can report the statistics to access to shared memory. Since this patch
itself is useful to simplify the code and when users monitor the status of
archiver, it's committed separately in advance.
This commit simplifies the code for WAL archiving. For example, previously
backends need to signal to archiver via postmaster when they notify
archiver that there are some WAL files to archive. On the other hand,
this commit removes that signal to postmaster and enables backends to
notify archier directly using shared latch.
Also, as the side of this change, the information about archiver process
becomes viewable at pg_stat_activity view.
Author: Kyotaro Horiguchi
Reviewed-by: Andres Freund, Álvaro Herrera, Julien Rouhaud, Tomas Vondra, Arthur Zakirov, Fujii Masao
Discussion: https://postgr.es/m/20180629.173418.190173462.horiguchi.kyotaro@lab.ntt.co.jp
2021-03-15 05:13:14 +01:00
|
|
|
#include "postmaster/pgarch.h"
|
2024-03-13 15:07:00 +01:00
|
|
|
#include "postmaster/startup.h"
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
#include "replication/walsender.h"
|
2012-10-02 12:37:19 +02:00
|
|
|
#include "storage/fd.h"
|
|
|
|
|
#include "storage/ipc.h"
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Attempt to retrieve the specified file from off-line archival storage.
|
|
|
|
|
* If successful, fill "path" with its complete path (note that this will be
|
|
|
|
|
* a temp file name that doesn't follow the normal naming convention), and
|
2017-08-16 06:22:32 +02:00
|
|
|
* return true.
|
2012-10-02 12:37:19 +02:00
|
|
|
*
|
|
|
|
|
* If not successful, fill "path" with the name of the normal on-line file
|
|
|
|
|
* (which may or may not actually exist, but we'll try to use it), and return
|
2017-08-16 06:22:32 +02:00
|
|
|
* false.
|
2012-10-02 12:37:19 +02:00
|
|
|
*
|
|
|
|
|
* For fixed-size files, the caller may pass the expected size as an
|
|
|
|
|
* additional crosscheck on successful recovery. If the file size is not
|
|
|
|
|
* known, set expectedSize = 0.
|
2012-11-19 09:02:25 +01:00
|
|
|
*
|
|
|
|
|
* When 'cleanupEnabled' is false, refrain from deleting any old WAL segments
|
|
|
|
|
* in the archive. This is used when fetching the initial checkpoint record,
|
|
|
|
|
* when we are not yet sure how far back we need the WAL.
|
2012-10-02 12:37:19 +02:00
|
|
|
*/
|
|
|
|
|
bool
|
|
|
|
|
RestoreArchivedFile(char *path, const char *xlogfname,
|
2012-11-19 09:02:25 +01:00
|
|
|
const char *recovername, off_t expectedSize,
|
|
|
|
|
bool cleanupEnabled)
|
2012-10-02 12:37:19 +02:00
|
|
|
{
|
|
|
|
|
char xlogpath[MAXPGPATH];
|
2023-02-06 00:28:42 +01:00
|
|
|
char *xlogRestoreCmd;
|
2012-10-02 12:37:19 +02:00
|
|
|
char lastRestartPointFname[MAXPGPATH];
|
2023-02-06 00:28:42 +01:00
|
|
|
int rc;
|
2012-10-02 12:37:19 +02:00
|
|
|
struct stat stat_buf;
|
|
|
|
|
XLogSegNo restartSegNo;
|
|
|
|
|
XLogRecPtr restartRedoPtr;
|
|
|
|
|
TimeLineID restartTli;
|
|
|
|
|
|
2019-10-11 08:47:59 +02:00
|
|
|
/*
|
|
|
|
|
* Ignore restore_command when not in archive recovery (meaning we are in
|
|
|
|
|
* crash recovery).
|
|
|
|
|
*/
|
|
|
|
|
if (!ArchiveRecoveryRequested)
|
|
|
|
|
goto not_available;
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
/* In standby mode, restore_command might not be supplied */
|
2018-11-25 16:31:16 +01:00
|
|
|
if (recoveryRestoreCommand == NULL || strcmp(recoveryRestoreCommand, "") == 0)
|
2012-10-02 12:37:19 +02:00
|
|
|
goto not_available;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* When doing archive recovery, we always prefer an archived log file even
|
|
|
|
|
* if a file of the same name exists in XLOGDIR. The reason is that the
|
|
|
|
|
* file in XLOGDIR could be an old, un-filled or partly-filled version
|
|
|
|
|
* that was copied and restored as part of backing up $PGDATA.
|
|
|
|
|
*
|
|
|
|
|
* We could try to optimize this slightly by checking the local copy
|
|
|
|
|
* lastchange timestamp against the archived copy, but we have no API to
|
|
|
|
|
* do this, nor can we guarantee that the lastchange timestamp was
|
|
|
|
|
* preserved correctly when we copied to archive. Our aim is robustness,
|
|
|
|
|
* so we elect not to do this.
|
|
|
|
|
*
|
|
|
|
|
* If we cannot obtain the log file from the archive, however, we will try
|
|
|
|
|
* to use the XLOGDIR file if it exists. This is so that we can make use
|
|
|
|
|
* of log segments that weren't yet transferred to the archive.
|
|
|
|
|
*
|
|
|
|
|
* Notice that we don't actually overwrite any files when we copy back
|
|
|
|
|
* from archive because the restore_command may inadvertently restore
|
|
|
|
|
* inappropriate xlogs, or they may be corrupt, so we may wish to fallback
|
|
|
|
|
* to the segments remaining in current XLOGDIR later. The
|
|
|
|
|
* copy-from-archive filename is always the same, ensuring that we don't
|
|
|
|
|
* run out of disk space on long recoveries.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(xlogpath, MAXPGPATH, XLOGDIR "/%s", recovername);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Make sure there is no existing file named recovername.
|
|
|
|
|
*/
|
|
|
|
|
if (stat(xlogpath, &stat_buf) != 0)
|
|
|
|
|
{
|
|
|
|
|
if (errno != ENOENT)
|
|
|
|
|
ereport(FATAL,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not stat file \"%s\": %m",
|
|
|
|
|
xlogpath)));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (unlink(xlogpath) != 0)
|
|
|
|
|
ereport(FATAL,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not remove file \"%s\": %m",
|
|
|
|
|
xlogpath)));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Calculate the archive file cutoff point for use during log shipping
|
|
|
|
|
* replication. All files earlier than this point can be deleted from the
|
|
|
|
|
* archive, though there is no requirement to do so.
|
|
|
|
|
*
|
2012-11-19 09:02:25 +01:00
|
|
|
* If cleanup is not enabled, initialise this with the filename of
|
|
|
|
|
* InvalidXLogRecPtr, which will prevent the deletion of any WAL files
|
|
|
|
|
* from the archive because of the alphabetic sorting property of WAL
|
|
|
|
|
* filenames.
|
2012-10-02 12:37:19 +02:00
|
|
|
*
|
|
|
|
|
* Once we have successfully located the redo pointer of the checkpoint
|
|
|
|
|
* from which we start recovery we never request a file prior to the redo
|
|
|
|
|
* pointer of the last restartpoint. When redo begins we know that we have
|
|
|
|
|
* successfully located it, so there is no need for additional status
|
|
|
|
|
* flags to signify the point when we can begin deleting WAL files from
|
|
|
|
|
* the archive.
|
|
|
|
|
*/
|
2012-11-19 09:02:25 +01:00
|
|
|
if (cleanupEnabled)
|
2012-10-02 12:37:19 +02:00
|
|
|
{
|
2012-11-19 09:02:25 +01:00
|
|
|
GetOldestRestartPoint(&restartRedoPtr, &restartTli);
|
Make WAL segment size configurable at initdb time.
For performance reasons a larger segment size than the default 16MB
can be useful. A larger segment size has two main benefits: Firstly,
in setups using archiving, it makes it easier to write scripts that
can keep up with higher amounts of WAL, secondly, the WAL has to be
written and synced to disk less frequently.
But at the same time large segment size are disadvantageous for
smaller databases. So far the segment size had to be configured at
compile time, often making it unrealistic to choose one fitting to a
particularly load. Therefore change it to a initdb time setting.
This includes a breaking changes to the xlogreader.h API, which now
requires the current segment size to be configured. For that and
similar reasons a number of binaries had to be taught how to recognize
the current segment size.
Author: Beena Emerson, editorialized by Andres Freund
Reviewed-By: Andres Freund, David Steele, Kuntal Ghosh, Michael
Paquier, Peter Eisentraut, Robert Hass, Tushar Ahuja
Discussion: https://postgr.es/m/CAOG9ApEAcQ--1ieKbhFzXSQPw_YLmepaa4hNdnY5+ZULpt81Mw@mail.gmail.com
2017-09-20 07:03:48 +02:00
|
|
|
XLByteToSeg(restartRedoPtr, restartSegNo, wal_segment_size);
|
|
|
|
|
XLogFileName(lastRestartPointFname, restartTli, restartSegNo,
|
|
|
|
|
wal_segment_size);
|
2012-10-02 12:37:19 +02:00
|
|
|
/* we shouldn't need anything earlier than last restart point */
|
|
|
|
|
Assert(strcmp(lastRestartPointFname, xlogfname) <= 0);
|
|
|
|
|
}
|
|
|
|
|
else
|
2023-03-29 08:25:12 +02:00
|
|
|
XLogFileName(lastRestartPointFname, 0, 0, wal_segment_size);
|
2012-10-02 12:37:19 +02:00
|
|
|
|
2023-02-06 00:28:42 +01:00
|
|
|
/* Build the restore command to execute */
|
|
|
|
|
xlogRestoreCmd = BuildRestoreCommand(recoveryRestoreCommand,
|
|
|
|
|
xlogpath, xlogfname,
|
|
|
|
|
lastRestartPointFname);
|
|
|
|
|
|
|
|
|
|
ereport(DEBUG3,
|
|
|
|
|
(errmsg_internal("executing restore command \"%s\"",
|
|
|
|
|
xlogRestoreCmd)));
|
|
|
|
|
|
2023-10-16 19:41:55 +02:00
|
|
|
fflush(NULL);
|
|
|
|
|
pgstat_report_wait_start(WAIT_EVENT_RESTORE_COMMAND);
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
/*
|
2023-10-16 19:41:55 +02:00
|
|
|
* PreRestoreCommand() informs the SIGTERM handler for the startup process
|
|
|
|
|
* that it should proc_exit() right away. This is done for the duration
|
|
|
|
|
* of the system() call because there isn't a good way to break out while
|
|
|
|
|
* it is executing. Since we might call proc_exit() in a signal handler,
|
|
|
|
|
* it is best to put any additional logic before or after the
|
|
|
|
|
* PreRestoreCommand()/PostRestoreCommand() section.
|
2012-10-02 12:37:19 +02:00
|
|
|
*/
|
|
|
|
|
PreRestoreCommand();
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Copy xlog from archival storage to XLOGDIR
|
|
|
|
|
*/
|
2023-02-06 00:28:42 +01:00
|
|
|
rc = system(xlogRestoreCmd);
|
2012-10-02 12:37:19 +02:00
|
|
|
|
|
|
|
|
PostRestoreCommand();
|
2023-10-16 19:41:55 +02:00
|
|
|
|
|
|
|
|
pgstat_report_wait_end();
|
2023-02-06 00:28:42 +01:00
|
|
|
pfree(xlogRestoreCmd);
|
2012-10-02 12:37:19 +02:00
|
|
|
|
2023-02-06 00:28:42 +01:00
|
|
|
if (rc == 0)
|
2012-10-02 12:37:19 +02:00
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* command apparently succeeded, but let's make sure the file is
|
|
|
|
|
* really there now and has the correct size.
|
|
|
|
|
*/
|
|
|
|
|
if (stat(xlogpath, &stat_buf) == 0)
|
|
|
|
|
{
|
|
|
|
|
if (expectedSize > 0 && stat_buf.st_size != expectedSize)
|
|
|
|
|
{
|
|
|
|
|
int elevel;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If we find a partial file in standby mode, we assume it's
|
|
|
|
|
* because it's just being copied to the archive, and keep
|
|
|
|
|
* trying.
|
|
|
|
|
*
|
|
|
|
|
* Otherwise treat a wrong-sized file as FATAL to ensure the
|
|
|
|
|
* DBA would notice it, but is that too strong? We could try
|
|
|
|
|
* to plow ahead with a local copy of the file ... but the
|
|
|
|
|
* problem is that there probably isn't one, and we'd
|
|
|
|
|
* incorrectly conclude we've reached the end of WAL and we're
|
|
|
|
|
* done recovering ...
|
|
|
|
|
*/
|
|
|
|
|
if (StandbyMode && stat_buf.st_size < expectedSize)
|
|
|
|
|
elevel = DEBUG1;
|
|
|
|
|
else
|
|
|
|
|
elevel = FATAL;
|
|
|
|
|
ereport(elevel,
|
2020-09-24 20:45:57 +02:00
|
|
|
(errmsg("archive file \"%s\" has wrong size: %lld instead of %lld",
|
2012-10-02 12:37:19 +02:00
|
|
|
xlogfname,
|
2020-09-24 20:45:57 +02:00
|
|
|
(long long int) stat_buf.st_size,
|
|
|
|
|
(long long int) expectedSize)));
|
2012-10-02 12:37:19 +02:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
ereport(LOG,
|
|
|
|
|
(errmsg("restored log file \"%s\" from archive",
|
|
|
|
|
xlogfname)));
|
|
|
|
|
strcpy(path, xlogpath);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* stat failed */
|
2020-11-20 07:42:47 +01:00
|
|
|
int elevel = (errno == ENOENT) ? LOG : FATAL;
|
|
|
|
|
|
|
|
|
|
ereport(elevel,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not stat file \"%s\": %m", xlogpath),
|
|
|
|
|
errdetail("restore_command returned a zero exit status, but stat() failed.")));
|
2012-10-02 12:37:19 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-06 00:28:42 +01:00
|
|
|
/*
|
|
|
|
|
* Remember, we rollforward UNTIL the restore fails so failure here is
|
|
|
|
|
* just part of the process... that makes it difficult to determine
|
|
|
|
|
* whether the restore failed because there isn't an archive to restore,
|
|
|
|
|
* or because the administrator has specified the restore program
|
|
|
|
|
* incorrectly. We have to assume the former.
|
|
|
|
|
*
|
|
|
|
|
* However, if the failure was due to any sort of signal, it's best to
|
|
|
|
|
* punt and abort recovery. (If we "return false" here, upper levels will
|
|
|
|
|
* assume that recovery is complete and start up the database!) It's
|
|
|
|
|
* essential to abort on child SIGINT and SIGQUIT, because per spec
|
|
|
|
|
* system() ignores SIGINT and SIGQUIT while waiting; if we see one of
|
|
|
|
|
* those it's a good bet we should have gotten it too.
|
|
|
|
|
*
|
|
|
|
|
* On SIGTERM, assume we have received a fast shutdown request, and exit
|
|
|
|
|
* cleanly. It's pure chance whether we receive the SIGTERM first, or the
|
|
|
|
|
* child process. If we receive it first, the signal handler will call
|
|
|
|
|
* proc_exit, otherwise we do it here. If we or the child process received
|
|
|
|
|
* SIGTERM for any other reason than a fast shutdown request, postmaster
|
|
|
|
|
* will perform an immediate shutdown when it sees us exiting
|
|
|
|
|
* unexpectedly.
|
|
|
|
|
*
|
|
|
|
|
* We treat hard shell errors such as "command not found" as fatal, too.
|
|
|
|
|
*/
|
|
|
|
|
if (wait_result_is_signal(rc, SIGTERM))
|
|
|
|
|
proc_exit(1);
|
|
|
|
|
|
|
|
|
|
ereport(wait_result_is_any_signal(rc, true) ? FATAL : DEBUG2,
|
|
|
|
|
(errmsg("could not restore file \"%s\" from archive: %s",
|
|
|
|
|
xlogfname, wait_result_to_str(rc))));
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
not_available:
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* if an archived file is not available, there might still be a version of
|
|
|
|
|
* this file in XLOGDIR, so return that as the filename to open.
|
|
|
|
|
*
|
|
|
|
|
* In many recovery scenarios we expect this to fail also, but if so that
|
|
|
|
|
* just means we've reached the end of WAL.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(path, MAXPGPATH, XLOGDIR "/%s", xlogfname);
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-06 00:28:42 +01:00
|
|
|
/*
|
|
|
|
|
* Attempt to execute an external shell command during recovery.
|
|
|
|
|
*
|
|
|
|
|
* 'command' is the shell command to be executed, 'commandName' is a
|
|
|
|
|
* human-readable name describing the command emitted in the logs. If
|
|
|
|
|
* 'failOnSignal' is true and the command is killed by a signal, a FATAL
|
|
|
|
|
* error is thrown. Otherwise a WARNING is emitted.
|
|
|
|
|
*
|
|
|
|
|
* This is currently used for recovery_end_command and archive_cleanup_command.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
ExecuteRecoveryCommand(const char *command, const char *commandName,
|
|
|
|
|
bool failOnSignal, uint32 wait_event_info)
|
|
|
|
|
{
|
|
|
|
|
char *xlogRecoveryCmd;
|
|
|
|
|
char lastRestartPointFname[MAXPGPATH];
|
|
|
|
|
int rc;
|
|
|
|
|
XLogSegNo restartSegNo;
|
|
|
|
|
XLogRecPtr restartRedoPtr;
|
|
|
|
|
TimeLineID restartTli;
|
|
|
|
|
|
|
|
|
|
Assert(command && commandName);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Calculate the archive file cutoff point for use during log shipping
|
|
|
|
|
* replication. All files earlier than this point can be deleted from the
|
|
|
|
|
* archive, though there is no requirement to do so.
|
|
|
|
|
*/
|
|
|
|
|
GetOldestRestartPoint(&restartRedoPtr, &restartTli);
|
|
|
|
|
XLByteToSeg(restartRedoPtr, restartSegNo, wal_segment_size);
|
|
|
|
|
XLogFileName(lastRestartPointFname, restartTli, restartSegNo,
|
|
|
|
|
wal_segment_size);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* construct the command to be executed
|
|
|
|
|
*/
|
|
|
|
|
xlogRecoveryCmd = replace_percent_placeholders(command, commandName, "r", lastRestartPointFname);
|
|
|
|
|
|
|
|
|
|
ereport(DEBUG3,
|
|
|
|
|
(errmsg_internal("executing %s \"%s\"", commandName, command)));
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* execute the constructed command
|
|
|
|
|
*/
|
|
|
|
|
fflush(NULL);
|
|
|
|
|
pgstat_report_wait_start(wait_event_info);
|
|
|
|
|
rc = system(xlogRecoveryCmd);
|
|
|
|
|
pgstat_report_wait_end();
|
|
|
|
|
|
|
|
|
|
pfree(xlogRecoveryCmd);
|
|
|
|
|
|
|
|
|
|
if (rc != 0)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* If the failure was due to any sort of signal, it's best to punt and
|
|
|
|
|
* abort recovery. See comments in RestoreArchivedFile().
|
|
|
|
|
*/
|
|
|
|
|
ereport((failOnSignal && wait_result_is_any_signal(rc, true)) ? FATAL : WARNING,
|
|
|
|
|
/*------
|
|
|
|
|
translator: First %s represents a postgresql.conf parameter name like
|
|
|
|
|
"recovery_end_command", the 2nd is the value of that parameter, the
|
|
|
|
|
third an already translated error message. */
|
|
|
|
|
(errmsg("%s \"%s\": %s", commandName,
|
|
|
|
|
command, wait_result_to_str(rc))));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
/*
|
|
|
|
|
* A file was restored from the archive under a temporary filename (path),
|
|
|
|
|
* and now we want to keep it. Rename it under the permanent filename in
|
2018-09-08 21:24:19 +02:00
|
|
|
* pg_wal (xlogfname), replacing any existing file with the same name.
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
*/
|
|
|
|
|
void
|
2017-10-31 15:34:31 +01:00
|
|
|
KeepFileRestoredFromArchive(const char *path, const char *xlogfname)
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
{
|
|
|
|
|
char xlogfpath[MAXPGPATH];
|
|
|
|
|
bool reload = false;
|
|
|
|
|
struct stat statbuf;
|
|
|
|
|
|
|
|
|
|
snprintf(xlogfpath, MAXPGPATH, XLOGDIR "/%s", xlogfname);
|
|
|
|
|
|
|
|
|
|
if (stat(xlogfpath, &statbuf) == 0)
|
|
|
|
|
{
|
|
|
|
|
char oldpath[MAXPGPATH];
|
2013-05-29 22:58:43 +02:00
|
|
|
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
#ifdef WIN32
|
|
|
|
|
static unsigned int deletedcounter = 1;
|
2013-05-29 22:58:43 +02:00
|
|
|
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
/*
|
|
|
|
|
* On Windows, if another process (e.g a walsender process) holds the
|
|
|
|
|
* file open in FILE_SHARE_DELETE mode, unlink will succeed, but the
|
|
|
|
|
* file will still show up in directory listing until the last handle
|
|
|
|
|
* is closed, and we cannot rename the new file in its place until
|
|
|
|
|
* that. To avoid that problem, rename the old file to a temporary
|
|
|
|
|
* name first. Use a counter to create a unique filename, because the
|
|
|
|
|
* same file might be restored from the archive multiple times, and a
|
|
|
|
|
* walsender could still be holding onto an old deleted version of it.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(oldpath, MAXPGPATH, "%s.deleted%u",
|
|
|
|
|
xlogfpath, deletedcounter++);
|
|
|
|
|
if (rename(xlogfpath, oldpath) != 0)
|
|
|
|
|
{
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not rename file \"%s\" to \"%s\": %m",
|
|
|
|
|
xlogfpath, oldpath)));
|
|
|
|
|
}
|
|
|
|
|
#else
|
2014-08-19 04:59:31 +02:00
|
|
|
/* same-size buffers, so this never truncates */
|
|
|
|
|
strlcpy(oldpath, xlogfpath, MAXPGPATH);
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
#endif
|
|
|
|
|
if (unlink(oldpath) != 0)
|
|
|
|
|
ereport(FATAL,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not remove file \"%s\": %m",
|
|
|
|
|
xlogfpath)));
|
|
|
|
|
reload = true;
|
|
|
|
|
}
|
|
|
|
|
|
2016-03-10 03:53:53 +01:00
|
|
|
durable_rename(path, xlogfpath, ERROR);
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
|
2012-08-09 00:58:49 +02:00
|
|
|
/*
|
|
|
|
|
* Create .done file forcibly to prevent the restored segment from being
|
|
|
|
|
* archived again later.
|
|
|
|
|
*/
|
2015-05-15 17:55:24 +02:00
|
|
|
if (XLogArchiveMode != ARCHIVE_MODE_ALWAYS)
|
|
|
|
|
XLogArchiveForceDone(xlogfname);
|
|
|
|
|
else
|
2021-09-04 18:14:30 +02:00
|
|
|
XLogArchiveNotify(xlogfname);
|
2012-08-09 00:58:49 +02:00
|
|
|
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
/*
|
|
|
|
|
* If the existing file was replaced, since walsenders might have it open,
|
|
|
|
|
* request them to reload a currently-open segment. This is only required
|
|
|
|
|
* for WAL segments, walsenders don't hold other files open, but there's
|
|
|
|
|
* no harm in doing this too often, and we don't know what kind of a file
|
|
|
|
|
* we're dealing with here.
|
|
|
|
|
*/
|
|
|
|
|
if (reload)
|
|
|
|
|
WalSndRqstFileReload();
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Signal walsender that new WAL has arrived. Again, this isn't necessary
|
|
|
|
|
* if we restored something other than a WAL segment, but it does no harm
|
|
|
|
|
* either.
|
|
|
|
|
*/
|
2023-04-08 09:24:24 +02:00
|
|
|
WalSndWakeup(true, false);
|
Keep timeline history files restored from archive in pg_xlog.
The cascading standby patch in 9.2 changed the way WAL files are treated
when restored from the archive. Before, they were restored under a temporary
filename, and not kept in pg_xlog, but after the patch, they were copied
under pg_xlog. This is necessary for a cascading standby to find them, but
it also means that if the archive goes offline and a standby is restarted,
it can recover back to where it was using the files in pg_xlog. It also
means that if you take an offline backup from a standby server, it includes
all the required WAL files in pg_xlog.
However, the same change was not made to timeline history files, so if the
WAL segment containing the checkpoint record contains a timeline switch, you
will still get an error if you try to restart recovery without the archive,
or recover from an offline backup taken from the standby.
With this patch, timeline history files restored from archive are copied
into pg_xlog like WAL files are, so that pg_xlog contains all the files
required to recover. This is a corner-case pre-existing issue in 9.2, but
even more important in master where it's possible for a standby to follow a
timeline switch through streaming replication. To make that possible, the
timeline history files must be present in pg_xlog.
2012-12-30 13:26:47 +01:00
|
|
|
}
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
/*
|
|
|
|
|
* XLogArchiveNotify
|
|
|
|
|
*
|
|
|
|
|
* Create an archive notification file
|
|
|
|
|
*
|
|
|
|
|
* The name of the notification file is the message that will be picked up
|
|
|
|
|
* by the archiver, e.g. we write 0000000100000001000000C6.ready
|
|
|
|
|
* and the archiver then knows to archive XLOGDIR/0000000100000001000000C6,
|
|
|
|
|
* then when complete, rename it to 0000000100000001000000C6.done
|
|
|
|
|
*/
|
|
|
|
|
void
|
2021-09-04 18:14:30 +02:00
|
|
|
XLogArchiveNotify(const char *xlog)
|
2012-10-02 12:37:19 +02:00
|
|
|
{
|
|
|
|
|
char archiveStatusPath[MAXPGPATH];
|
|
|
|
|
FILE *fd;
|
|
|
|
|
|
|
|
|
|
/* insert an otherwise empty file called <XLOG>.ready */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".ready");
|
|
|
|
|
fd = AllocateFile(archiveStatusPath, "w");
|
|
|
|
|
if (fd == NULL)
|
|
|
|
|
{
|
|
|
|
|
ereport(LOG,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not create archive status file \"%s\": %m",
|
|
|
|
|
archiveStatusPath)));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (FreeFile(fd))
|
|
|
|
|
{
|
|
|
|
|
ereport(LOG,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not write archive status file \"%s\": %m",
|
|
|
|
|
archiveStatusPath)));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2021-11-11 21:02:53 +01:00
|
|
|
/*
|
|
|
|
|
* Timeline history files are given the highest archival priority to lower
|
|
|
|
|
* the chance that a promoted standby will choose a timeline that is
|
|
|
|
|
* already in use. However, the archiver ordinarily tries to gather
|
|
|
|
|
* multiple files to archive from each scan of the archive_status
|
|
|
|
|
* directory, which means that newly created timeline history files could
|
|
|
|
|
* be left unarchived for a while. To ensure that the archiver picks up
|
|
|
|
|
* timeline history files as soon as possible, we force the archiver to
|
|
|
|
|
* scan the archive_status directory the next time it looks for a file to
|
|
|
|
|
* archive.
|
|
|
|
|
*/
|
|
|
|
|
if (IsTLHistoryFileName(xlog))
|
|
|
|
|
PgArchForceDirScan();
|
|
|
|
|
|
2021-09-04 18:14:30 +02:00
|
|
|
/* Notify archiver that it's got something to do */
|
|
|
|
|
if (IsUnderPostmaster)
|
Make archiver process an auxiliary process.
This commit changes WAL archiver process so that it's treated as
an auxiliary process and can use shared memory. This is an infrastructure
patch required for upcoming shared-memory based stats collector patch
series. These patch series basically need any processes including archiver
that can report the statistics to access to shared memory. Since this patch
itself is useful to simplify the code and when users monitor the status of
archiver, it's committed separately in advance.
This commit simplifies the code for WAL archiving. For example, previously
backends need to signal to archiver via postmaster when they notify
archiver that there are some WAL files to archive. On the other hand,
this commit removes that signal to postmaster and enables backends to
notify archier directly using shared latch.
Also, as the side of this change, the information about archiver process
becomes viewable at pg_stat_activity view.
Author: Kyotaro Horiguchi
Reviewed-by: Andres Freund, Álvaro Herrera, Julien Rouhaud, Tomas Vondra, Arthur Zakirov, Fujii Masao
Discussion: https://postgr.es/m/20180629.173418.190173462.horiguchi.kyotaro@lab.ntt.co.jp
2021-03-15 05:13:14 +01:00
|
|
|
PgArchWakeup();
|
2012-10-02 12:37:19 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Convenience routine to notify using segment number representation of filename
|
|
|
|
|
*/
|
|
|
|
|
void
|
Remove all use of ThisTimeLineID global variable outside of xlog.c
All such code deals with this global variable in one of three ways.
Sometimes the same functions use it in more than one of these ways
at the same time.
First, sometimes it's an implicit argument to one or more functions
being called in xlog.c or elsewhere, and must be set to the
appropriate value before calling those functions lest they
misbehave. In those cases, it is now passed as an explicit argument
instead.
Second, sometimes it's used to obtain the current timeline after
the end of recovery, i.e. the timeline to which WAL is being
written and flushed. Such code now calls GetWALInsertionTimeLine()
or relies on the new out parameter added to GetFlushRecPtr().
Third, sometimes it's used during recovery to store the current
replay timeline. That can change, so such code must generally
update the value before each use. It can still do that, but must
now use a local variable instead.
The net effect of these changes is to reduce by a fair amount the
amount of code that is directly accessing this global variable.
That's good, because history has shown that we don't always think
clearly about which timeline ID it's supposed to contain at any
given point in time, or indeed, whether it has been or needs to
be initialized at any given point in the code.
Patch by me, reviewed and tested by Michael Paquier, Amul Sul, and
Álvaro Herrera.
Discussion: https://postgr.es/m/CA+TgmobfAAqhfWa1kaFBBFvX+5CjM=7TE=n4r4Q1o2bjbGYBpA@mail.gmail.com
2021-11-05 17:50:01 +01:00
|
|
|
XLogArchiveNotifySeg(XLogSegNo segno, TimeLineID tli)
|
2012-10-02 12:37:19 +02:00
|
|
|
{
|
|
|
|
|
char xlog[MAXFNAMELEN];
|
|
|
|
|
|
Remove all use of ThisTimeLineID global variable outside of xlog.c
All such code deals with this global variable in one of three ways.
Sometimes the same functions use it in more than one of these ways
at the same time.
First, sometimes it's an implicit argument to one or more functions
being called in xlog.c or elsewhere, and must be set to the
appropriate value before calling those functions lest they
misbehave. In those cases, it is now passed as an explicit argument
instead.
Second, sometimes it's used to obtain the current timeline after
the end of recovery, i.e. the timeline to which WAL is being
written and flushed. Such code now calls GetWALInsertionTimeLine()
or relies on the new out parameter added to GetFlushRecPtr().
Third, sometimes it's used during recovery to store the current
replay timeline. That can change, so such code must generally
update the value before each use. It can still do that, but must
now use a local variable instead.
The net effect of these changes is to reduce by a fair amount the
amount of code that is directly accessing this global variable.
That's good, because history has shown that we don't always think
clearly about which timeline ID it's supposed to contain at any
given point in time, or indeed, whether it has been or needs to
be initialized at any given point in the code.
Patch by me, reviewed and tested by Michael Paquier, Amul Sul, and
Álvaro Herrera.
Discussion: https://postgr.es/m/CA+TgmobfAAqhfWa1kaFBBFvX+5CjM=7TE=n4r4Q1o2bjbGYBpA@mail.gmail.com
2021-11-05 17:50:01 +01:00
|
|
|
Assert(tli != 0);
|
|
|
|
|
|
|
|
|
|
XLogFileName(xlog, tli, segno, wal_segment_size);
|
2021-09-04 18:14:30 +02:00
|
|
|
XLogArchiveNotify(xlog);
|
2012-10-02 12:37:19 +02:00
|
|
|
}
|
|
|
|
|
|
2012-08-09 00:58:49 +02:00
|
|
|
/*
|
|
|
|
|
* XLogArchiveForceDone
|
|
|
|
|
*
|
|
|
|
|
* Emit notification forcibly that an XLOG segment file has been successfully
|
|
|
|
|
* archived, by creating <XLOG>.done regardless of whether <XLOG>.ready
|
|
|
|
|
* exists or not.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
XLogArchiveForceDone(const char *xlog)
|
|
|
|
|
{
|
|
|
|
|
char archiveReady[MAXPGPATH];
|
|
|
|
|
char archiveDone[MAXPGPATH];
|
|
|
|
|
struct stat stat_buf;
|
|
|
|
|
FILE *fd;
|
|
|
|
|
|
|
|
|
|
/* Exit if already known done */
|
|
|
|
|
StatusFilePath(archiveDone, xlog, ".done");
|
|
|
|
|
if (stat(archiveDone, &stat_buf) == 0)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
/* If .ready exists, rename it to .done */
|
|
|
|
|
StatusFilePath(archiveReady, xlog, ".ready");
|
|
|
|
|
if (stat(archiveReady, &stat_buf) == 0)
|
|
|
|
|
{
|
2016-03-10 03:53:53 +01:00
|
|
|
(void) durable_rename(archiveReady, archiveDone, WARNING);
|
2012-08-09 00:58:49 +02:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* insert an otherwise empty file called <XLOG>.done */
|
|
|
|
|
fd = AllocateFile(archiveDone, "w");
|
|
|
|
|
if (fd == NULL)
|
|
|
|
|
{
|
|
|
|
|
ereport(LOG,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not create archive status file \"%s\": %m",
|
|
|
|
|
archiveDone)));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
if (FreeFile(fd))
|
|
|
|
|
{
|
|
|
|
|
ereport(LOG,
|
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
|
errmsg("could not write archive status file \"%s\": %m",
|
|
|
|
|
archiveDone)));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
/*
|
|
|
|
|
* XLogArchiveCheckDone
|
|
|
|
|
*
|
|
|
|
|
* This is called when we are ready to delete or recycle an old XLOG segment
|
|
|
|
|
* file or backup history file. If it is okay to delete it then return true.
|
|
|
|
|
* If it is not time to delete it, make sure a .ready file exists, and return
|
|
|
|
|
* false.
|
|
|
|
|
*
|
|
|
|
|
* If <XLOG>.done exists, then return true; else if <XLOG>.ready exists,
|
|
|
|
|
* then return false; else create <XLOG>.ready and return false.
|
|
|
|
|
*
|
|
|
|
|
* The reason we do things this way is so that if the original attempt to
|
|
|
|
|
* create <XLOG>.ready fails, we'll retry during subsequent checkpoints.
|
|
|
|
|
*/
|
|
|
|
|
bool
|
|
|
|
|
XLogArchiveCheckDone(const char *xlog)
|
|
|
|
|
{
|
|
|
|
|
char archiveStatusPath[MAXPGPATH];
|
|
|
|
|
struct stat stat_buf;
|
2020-04-24 01:48:28 +02:00
|
|
|
|
|
|
|
|
/* The file is always deletable if archive_mode is "off". */
|
|
|
|
|
if (!XLogArchivingActive())
|
|
|
|
|
return true;
|
2012-10-02 12:37:19 +02:00
|
|
|
|
2018-09-28 04:54:38 +02:00
|
|
|
/*
|
2020-04-24 01:48:28 +02:00
|
|
|
* During archive recovery, the file is deletable if archive_mode is not
|
|
|
|
|
* "always".
|
2018-09-28 04:54:38 +02:00
|
|
|
*/
|
2020-04-24 01:48:28 +02:00
|
|
|
if (!XLogArchivingAlways() &&
|
|
|
|
|
GetRecoveryState() == RECOVERY_STATE_ARCHIVE)
|
2012-10-02 12:37:19 +02:00
|
|
|
return true;
|
|
|
|
|
|
2020-04-24 01:48:28 +02:00
|
|
|
/*
|
|
|
|
|
* At this point of the logic, note that we are either a primary with
|
|
|
|
|
* archive_mode set to "on" or "always", or a standby with archive_mode
|
|
|
|
|
* set to "always".
|
|
|
|
|
*/
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
/* First check for .done --- this means archiver is done with it */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* check for .ready --- this means archiver is still busy with it */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".ready");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
/* Race condition --- maybe archiver just finished, so recheck */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* Retry creation of the .ready file */
|
2021-09-04 18:14:30 +02:00
|
|
|
XLogArchiveNotify(xlog);
|
2012-10-02 12:37:19 +02:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* XLogArchiveIsBusy
|
|
|
|
|
*
|
|
|
|
|
* Check to see if an XLOG segment file is still unarchived.
|
|
|
|
|
* This is almost but not quite the inverse of XLogArchiveCheckDone: in
|
|
|
|
|
* the first place we aren't chartered to recreate the .ready file, and
|
|
|
|
|
* in the second place we should consider that if the file is already gone
|
|
|
|
|
* then it's not busy. (This check is needed to handle the race condition
|
|
|
|
|
* that a checkpoint already deleted the no-longer-needed file.)
|
|
|
|
|
*/
|
|
|
|
|
bool
|
|
|
|
|
XLogArchiveIsBusy(const char *xlog)
|
|
|
|
|
{
|
|
|
|
|
char archiveStatusPath[MAXPGPATH];
|
|
|
|
|
struct stat stat_buf;
|
|
|
|
|
|
|
|
|
|
/* First check for .done --- this means archiver is done with it */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
/* check for .ready --- this means archiver is still busy with it */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".ready");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* Race condition --- maybe archiver just finished, so recheck */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Check to see if the WAL file has been removed by checkpoint, which
|
|
|
|
|
* implies it has already been archived, and explains why we can't see a
|
|
|
|
|
* status file for it.
|
|
|
|
|
*/
|
|
|
|
|
snprintf(archiveStatusPath, MAXPGPATH, XLOGDIR "/%s", xlog);
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) != 0 &&
|
|
|
|
|
errno == ENOENT)
|
|
|
|
|
return false;
|
|
|
|
|
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
At promotion, don't leave behind a partial segment on the old timeline.
With commit de768844, a copy of the partial segment was archived with the
.partial suffix, but the original file was still left in pg_xlog, so it
didn't actually solve the problems with archiving the partial segment that
it was supposed to solve. With this patch, the partial segment is renamed
rather than copied, so we only archive it with the .partial suffix.
Also be more robust in detecting if the last segment is already being
archived. Previously I used XLogArchiveIsBusy() for that, but that's not
quite right. With archive_mode='always', there might be a .ready file for
it, and we don't want to rename it to .partial in that case.
The old segment is needed until we're fully committed to the new timeline,
i.e. until we've written the end-of-recovery WAL record and updated the
min recovery point and timeline in the control file. So move the renaming
later in the startup sequence, after all that's been done.
2015-05-21 14:28:22 +02:00
|
|
|
/*
|
|
|
|
|
* XLogArchiveIsReadyOrDone
|
|
|
|
|
*
|
|
|
|
|
* Check to see if an XLOG segment file has a .ready or .done file.
|
|
|
|
|
* This is similar to XLogArchiveIsBusy(), but returns true if the file
|
|
|
|
|
* is already archived or is about to be archived.
|
|
|
|
|
*
|
|
|
|
|
* This is currently only used at recovery. During normal operation this
|
|
|
|
|
* would be racy: the file might get removed or marked with .ready as we're
|
|
|
|
|
* checking it, or immediately after we return.
|
|
|
|
|
*/
|
|
|
|
|
bool
|
|
|
|
|
XLogArchiveIsReadyOrDone(const char *xlog)
|
|
|
|
|
{
|
|
|
|
|
char archiveStatusPath[MAXPGPATH];
|
|
|
|
|
struct stat stat_buf;
|
|
|
|
|
|
|
|
|
|
/* First check for .done --- this means archiver is done with it */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* check for .ready --- this means archiver is still busy with it */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".ready");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
/* Race condition --- maybe archiver just finished, so recheck */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
Don't archive bogus recycled or preallocated files after timeline switch.
After a timeline switch, we would leave behind recycled WAL segments that
are in the future, but on the old timeline. After promotion, and after they
become old enough to be recycled again, we would notice that they don't have
a .ready or .done file, create a .ready file for them, and archive them.
That's bogus, because the files contain garbage, recycled from an older
timeline (or prealloced as zeros). We shouldn't archive such files.
This could happen when we're following a timeline switch during replay, or
when we switch to new timeline at end-of-recovery.
To fix, whenever we switch to a new timeline, scan the data directory for
WAL segments on the old timeline, but with a higher segment number, and
remove them. Those don't belong to our timeline history, and are most
likely bogus recycled or preallocated files. They could also be valid files
that we streamed from the primary ahead of time, but in any case, they're
not needed to recover to the new timeline.
2015-04-13 15:53:49 +02:00
|
|
|
/*
|
|
|
|
|
* XLogArchiveIsReady
|
|
|
|
|
*
|
|
|
|
|
* Check to see if an XLOG segment file has an archive notification (.ready)
|
|
|
|
|
* file.
|
|
|
|
|
*/
|
|
|
|
|
bool
|
|
|
|
|
XLogArchiveIsReady(const char *xlog)
|
|
|
|
|
{
|
|
|
|
|
char archiveStatusPath[MAXPGPATH];
|
|
|
|
|
struct stat stat_buf;
|
|
|
|
|
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".ready");
|
|
|
|
|
if (stat(archiveStatusPath, &stat_buf) == 0)
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-02 12:37:19 +02:00
|
|
|
/*
|
|
|
|
|
* XLogArchiveCleanup
|
|
|
|
|
*
|
|
|
|
|
* Cleanup archive notification file(s) for a particular xlog segment
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
XLogArchiveCleanup(const char *xlog)
|
|
|
|
|
{
|
|
|
|
|
char archiveStatusPath[MAXPGPATH];
|
|
|
|
|
|
|
|
|
|
/* Remove the .done file */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".done");
|
|
|
|
|
unlink(archiveStatusPath);
|
|
|
|
|
/* should we complain about failure? */
|
|
|
|
|
|
|
|
|
|
/* Remove the .ready file if present --- normally it shouldn't be */
|
|
|
|
|
StatusFilePath(archiveStatusPath, xlog, ".ready");
|
|
|
|
|
unlink(archiveStatusPath);
|
|
|
|
|
/* should we complain about failure? */
|
|
|
|
|
}
|
