On 2019-Jul-24, Kyotaro Horiguchi wrote: > > Please find the proposed patch for review. I will attach it to > > commitfest as well > > Pacemaker suffers the same thing. We suggest our customers that "start > server alone to perform recovery then start pacemaker if it is > expected to take a long time for recovery so that reaches time out". > > I don't think it is good think to let status SERVICE_RUNNING although > it actually is not (yet). I think the right direction here is that, if > pg_ctl returns by timeout, pgwin32_ServiceMain kills the starting > server then report something like "timedout and server was stopped, > please make sure the server not to take a long time to perform > recovery.".
I'm not sure that's a great reaction; it makes total recovery time even longer. How would the user ensure that recovery takes a shorter time? We'd be forcing them to start the service over and over, until recovery completes. Can't we have pg_ctl just continue to wait indefinitely? So we'd set SERVICE_START_PENDING when wait_for_postmaster is out of patience, then loop again -- until recovery completes. Exiting pg_ctl on timeout seems reasonable for interactive use, but maybe for service use it's not reasonable. -- Álvaro Herrera https://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
