Andrew Sullivan wrote: > On Sat, Sep 27, 2003 at 09:13:27AM -0300, Marc G. Fournier wrote: > > > > I think it was Andrew that suggested it ... when the slave timesout, it > > should "trigger" a READ ONLY mode on the slave, so that when/if the master > > tries to start to talk to it, it can't ... > > > > As for the master itself, it should be smart enough that if it times out, > > it knows to actually abandom the slave and not continue to try ... > > Yes, but now we're talking as though this is master-slave > replication. Actually, "master" and "slave" are only useful terms in > a transaction for 2PC. So every machine is both a master and a > slave. > > It seems that one way out is just to fall back to "read only" as soon > as a single failure happens. That's the least graceful but maybe > safest approach to failure, analogous to what fsck does to your root > filesystem at boot time. Of course, since there's no "read only" > mode at the moment, this is all pretty hand-wavy on my part :-/
Yes, but that affects all users, not just the transaction we were working on. I think we have to get beyond the idea that this can be made failure-proof, and just outline the behaviors for failure, and it has to be configurable by the administrator. -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073 ---------------------------(end of broadcast)--------------------------- TIP 4: Don't 'kill -9' the postmaster
