Re: Upgrading rant.

Greg Copeland <greg@copelandconsulting.net>

From: Greg Copeland <greg@CopelandConsulting.Net>
To: Tom Lane <tgl@sss.pgh.pa.us>
Cc: Oliver Elphick <olly@lfix.co.uk>, Bruce Momjian <pgman@candle.pha.pa.us>, Hannu Krosing <hannu@tm.ee>, mlw <pgsql@mohawksoft.com>, Lamar Owen <lamar.owen@wgcr.org>, PostgresSQL Hackers Mailing List <pgsql-hackers@postgresql.org>
Date: 2003-01-04T18:23:46Z
Lists: pgsql-hackers
On Sat, 2003-01-04 at 09:53, Tom Lane wrote:
> Oliver Elphick <olly@lfix.co.uk> writes:
> > On Sat, 2003-01-04 at 02:17, Tom Lane wrote:
> >> There isn't any simple way to lock *everyone* out of the DB and still
> >> allow pg_upgrade to connect via the postmaster, and even if there were,
> >> the DBA could too easily forget to do it.
> 
> > I tackled this issue in the Debian upgrade scripts.
> 
> > I close the running postmaster and open a new postmaster using a
> > different port, so that normal connection attempts will fail because
> > there is no postmaster running on the normal port.
> 
> That's a good kluge, but still a kluge: it doesn't completely guarantee
> that no one else connects while pg_upgrade is trying to do its thing.
> 
> I am also concerned about the consequences of automatic background
> activities.  Even the periodic auto-CHECKPOINT done by current code
> is not obviously safe to run behind pg_upgrade's back (it does make
> WAL entries).  And the auto-VACUUM that we are currently thinking of
> is even less obviously safe.  I think that someday, running pg_upgrade
> standalone will become *necessary*, not just a good safety feature.
> 
> 			regards, tom lane


I thought there was talk of adding a "single user"/admin only mode. 
That is, where only the administrator can connect to the database.


-- 
Greg Copeland <greg@copelandconsulting.net>
Copeland Computer Consulting