On 7/25/18 10:37 AM, Andres Freund wrote:
On July 25, 2018 7:18:30 AM PDT, David Steele <da...@pgmasters.net> wrote:
It seems like an easy win if we can find a safe way to do it, though I
admit that this is only a benefit in corner cases.
What would we win here? Which scenario that's not contrived would be less bad
due to the proposed change. This seems complexity for it's own sake.
I think it's worth preserving pg_control even in the case where there is
other damage to the cluster. The alternative in this case (if no backup
exists) is to run pg_resetwal which means data since the last checkpoint
will not be written out causing even more data loss. I have run
clusters with checkpoint_timeout = 60m so data loss in this case is a
real concern.
I favor the contrived scenario that helps preserve the current cluster
instead of a hypothetical newly init'd one. I also don't think that
users deleting files out of a cluster is all that contrived.
Adding O_CREATE to open() doesn't seem too complex to me. I'm not
really in favor of the renaming idea, but I'm not against it either if
it gets me a copy of the pg_control file.
Regards,
--
-David
da...@pgmasters.net
