Re: backup manifests
David Steele <david@pgmasters.net>
Commits
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Try to avoid compiler warnings in optimized builds.
- 05021a2c0cd2 13.0 landed
-
Fix option related issues in pg_verifybackup.
- 0a89e93bfaa6 13.0 landed
-
Add index term for backup manifest in documentation.
- 4db819ba4039 13.0 landed
-
Code review for backup manifest.
- a2ac73e7be7a 13.0 landed
-
Document the backup manifest file format.
- 149f2ae88ab0 13.0 landed
-
Fix typo in pg_validatebackup documentation.
- c4f82a779d26 13.0 landed
-
Exclude backup_manifest file that existed in database, from BASE_BACKUP.
- 1ec50a81ec0a 13.0 landed
-
Msys2 tweaks for pg_validatebackup corruption test
- c3e4cbaab936 13.0 landed
-
Fix resource management bug with replication=database.
- 3e0d80fd8d3d 13.0 cited
-
Be more careful about time_t vs. pg_time_t in basebackup.c.
- db1531cae009 13.0 cited
-
pg_validatebackup: Fix 'make clean' to remove tmp_check.
- 9f8f881caa0f 13.0 landed
-
pg_validatebackup: Also use perl2host in TAP tests.
- 460314db08e8 13.0 landed
-
Generate backup manifests for base backups, and validate them.
- 0d8c9c1210c4 13.0 landed
-
Add checksum helper functions.
- c12e43a2e0d4 13.0 landed
-
pg_waldump: Add a --quiet option.
- ac44367efbef 13.0 landed
-
Catversion bump for b9b408c48724
- afb5465e0cfc 13.0 cited
-
pg_basebackup: Refactor code for reading COPY and tar data.
- 431ba7bebf13 13.0 landed
-
Use a ResourceOwner to track buffer pins in all cases.
- 3cb646264e8c 12.0 cited
-
Use ARMv8 CRC instructions where available.
- f044d71e331d 11.0 cited
-
Logical replication support for initial data copy
- 7c4f52409a8c 10.0 cited
-
Use Intel SSE 4.2 CRC instructions where available.
- 3dc2d62d0486 9.5.0 cited
-
Switch to CRC-32C in WAL and other places.
- 5028f22f6eb0 9.5.0 cited
-
Remove support for 64-bit CRC.
- 404bc51cde9d 9.5.0 cited
-
Change CRCs in WAL records from 64bit to 32bit for performance reasons.
- 21fda22ec46d 8.1.0 cited
On 11/22/19 1:24 PM, Robert Haas wrote: > On Tue, Nov 19, 2019 at 4:34 PM David Steele <david@pgmasters.net> wrote: >> On 11/19/19 5:00 AM, Rushabh Lathia wrote: >>> My colleague Suraj did testing and noticed the performance impact >>> with the checksums. On further testing, he found that specifically with >>> sha its more of performance impact. >> >> We have found that SHA1 adds about 3% overhead when the backup is also >> compressed (gzip -6), which is what most people want to do. This >> percentage goes down even more if the backup is being transferred over a >> network or to an object store such as S3. > > I don't really understand why your tests and Suraj's tests are showing > such different results, or how compression plays into it. I tried > running shasum -a$N lineitem-big.csv on my laptop, where that file > contains ~70MB of random-looking data whose source I no longer > remember. Here are the results by algorithm: SHA1, ~25 seconds; SHA224 > or SHA256, ~52 seconds; SHA384 and SHA512, ~39 seconds. Aside from the > interesting discovery that the algorithms with more bits actually run > faster on this machine, this seems to show that there's only about a > ~2x difference between the SHA1 that you used and that I (pretty much > arbitrarily) used. But Rushabh and Suraj are reporting 43-54% > overhead, and even if you divide that by two it's a lot more than 3%. > > One possible explanation is that the compression is really slow, and > so it makes the checksum overhead a smaller percentage of the total. > Like, if you've already slowed down the backup by 8x, then 24% > overhead turns into 3% overhead! But I assume that's not the real > explanation here. That's the real explanation here. Hash calculations run at the same speed, they just become a smaller portion of the *total* time once compression (gzip -6) is added. With something like lz4 hashing will obviously be a big percentage of the total. Also consider how much extra latency you get from copying over a network. My 3% did not include that but realistically most backups are running over a network (hopefully). >> That said, making SHA256 optional seems reasonable. We decided not to >> make our SHA1 checksums optional to reduce the test matrix and because >> parallelism largely addressed performance concerns. > > Just to be clear, I really don't have any objection to using SHA1 > instead of SHA256, or anything else for that matter. I picked the one > to use out of a hat for the purpose of having a POC quickly; I didn't > have any intention to insist on that as the final selection. It seems > likely that anything we pick here will eventually be considered > obsolete, so I think we need to allow for configurability, but I don't > have a horse in the game as far as an initial selection goes. We decided that SHA1 was good enough and there was no need to go up to SHA256. What we were interested in was collision rates and what the chance of getting a false positive were based on the combination of path, size, and hash. With SHA1 the chance of a collision was literally astronomically low (as in the universe would probably end before it happened, depending on whether you are an expand forever or contract proponent). > Except - and this gets back to the previous point - I don't want to > slow down backups by 40% by default. I wouldn't mind slowing them down > 3% by default, but 40% is too much overhead. I think we've gotta > either the overhead of using SHA way down or not use SHA by default. Maybe -- my take is that the measurements, an uncompressed backup to the local filesystem, are not a very realistic use case. However, I'm still fine with leaving the user the option of checksums or no. I just wanted to point out that CRCs have their limits so maybe that's not a great option unless it is properly caveated and perhaps not the default. Regards, -- -David david@pgmasters.net