Michaël-san,
In short, you keep the main feature with:
- No tweaks with postmaster.pid.
- Rely just on the control file indicating an instance shutdown
cleanly.
- No tweaks with the system ID.
- No renaming of the control file.
Hmmm… so nothing:-)
I think that this feature is useful, in complement to a possible
online-enabling server-managed version.
About patch v8 part 1: applies cleanly, compiles, global & local make
check ok, doc build ok.
I think that a clear warning not to run any cluster command in parallel,
under pain of possible cluster corruption, and possibly other caveats
about replication, should appear in the documentation.
I also think that some mechanism should be used to prevent such occurence,
whether in this patch or another.
About "If enabling or disabling checksums, the exit status is nonzero if
the operation failed." I must admit that enabling/disabling an already
enabled/disabled cluster is still not really a failure for me, because the
end status is that the cluster is in the state required by the user.
I still think that the control file update should be made *after* the data
directory has been synced, otherwise the control file could be updated
while some data files are not. It just means exchanging two lines.
About patch v8 part 2: applies cleanly, compiles, global & local make
check ok.
The added -N option is not documented.
If the conditional sync is moved before the file update, the file update
should pass do_sync to update_controlfile.
--
Fabien.
