Re: pg_upgrade instructions involving "rsync --size-only" might lead to standby corruption?
Nikolay Samokhvalov <nik@postgres.ai>
From: Nikolay Samokhvalov <nik@postgres.ai>
To: Stephen Frost <sfrost@snowman.net>
Cc: Bruce Momjian <bruce@momjian.us>, Robert Haas <robertmhaas@gmail.com>, pgsql-hackers@postgresql.org, Andrey Borodin <x4mmm@yandex-team.ru>
Date: 2023-07-10T20:36:39Z
Lists: pgsql-hackers
Attachments
- pg-upgrade-docs-clarify-rsync-size-only.patch (application/octet-stream)
On Fri, Jul 7, 2023 at 6:31 AM Stephen Frost <sfrost@snowman.net> wrote: > * Nikolay Samokhvalov (nik@postgres.ai) wrote: > > But this can happen with anyone who follows the procedure from the docs > as > > is and doesn't do any additional steps, because in step 9 "Prepare for > > standby server upgrades": > > > > 1) there is no requirement to follow specific order to shut down the > nodes > > - "Streaming replication and log-shipping standby servers can remain > > running until a later step" should probably be changed to a > > requirement-like "keep them running" > > Agreed that it would be good to clarify that the primary should be shut > down first, to make sure everything written by the primary has been > replicated to all of the replicas. > Thanks! Here is a patch to fix the existing procedure description. I agree with Andrey – without it, we don't have any good way to upgrade large clusters in short time. Default rsync mode (without "--size-only") takes a lot of time too, if the load is heavy. With these adjustments, can "rsync --size-only" remain in the docs as the *fast* and safe method to upgrade standbys, or there are still some concerns related to corruption risks?