From c979a1fefafcc83553bf218c7f2270cad77ea31d Mon Sep 17 00:00:00 2001
From: Magnus Hagander <magnus@hagander.net>
Date: Wed, 23 Apr 2008 13:44:59 +0000
Subject: [PATCH] Prevent shutdown in normal mode if online backup is running,
and have pg_ctl warn about this.
Cancel running online backups (by renaming the backup_label file,
thus rendering the backup useless) when shutting down in fast mode.
Laurenz Albe
---
doc/src/sgml/ref/pg_ctl-ref.sgml | 9 ++---
doc/src/sgml/runtime.sgml | 7 ++--
src/backend/access/transam/xlog.c | 52 ++++++++++++++++++++++++++++-
src/backend/postmaster/postmaster.c | 37 +++++++++++++++++---
src/bin/pg_ctl/pg_ctl.c | 18 +++++++++-
src/include/miscadmin.h | 6 +++-
6 files changed, 115 insertions(+), 14 deletions(-)
diff --git a/doc/src/sgml/ref/pg_ctl-ref.sgml b/doc/src/sgml/ref/pg_ctl-ref.sgml
index f4200718c7a..2d0b8a33ee2 100644
--- a/doc/src/sgml/ref/pg_ctl-ref.sgml
+++ b/doc/src/sgml/ref/pg_ctl-ref.sgml
@@ -1,5 +1,5 @@
<!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/pg_ctl-ref.sgml,v 1.44 2007/11/10 21:48:51 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/pg_ctl-ref.sgml,v 1.45 2008/04/23 13:44:58 mha Exp $
PostgreSQL documentation
-->
@@ -133,9 +133,10 @@ PostgreSQL documentation
In <option>stop</option> mode, the server that is running in
the specified data directory is shut down. Three different
shutdown methods can be selected with the <option>-m</option>
- option: <quote>Smart</quote> mode waits for all the clients to
- disconnect. This is the default. <quote>Fast</quote> mode does
- not wait for clients to disconnect. All active transactions are
+ option: <quote>Smart</quote> mode waits for online backup mode
+ to finish and all the clients to disconnect. This is the default.
+ <quote>Fast</quote> mode does not wait for clients to disconnect and
+ will terminate an online backup in progress. All active transactions are
rolled back and clients are forcibly disconnected, then the
server is shut down. <quote>Immediate</quote> mode will abort
all server processes without a clean shutdown. This will lead to
diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 63259faff5a..5c36f9fce00 100644
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -1,4 +1,4 @@
-<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.414 2008/04/17 20:56:41 momjian Exp $ -->
+<!-- $PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.415 2008/04/23 13:44:58 mha Exp $ -->
<chapter Id="runtime">
<title>Operating System Environment</title>
@@ -1307,6 +1307,7 @@ sysctl -w vm.overcommit_memory=2
<listitem>
<para>
After receiving <systemitem>SIGTERM</systemitem>, the server
+ waits until online backup mode is no longer active. It then
disallows new connections, but lets existing sessions end their
work normally. It shuts down only after all of the sessions
terminate normally. This is the <firstterm>Smart
@@ -1322,7 +1323,9 @@ sysctl -w vm.overcommit_memory=2
The server disallows new connections and sends all existing
server processes <systemitem>SIGTERM</systemitem>, which will cause them
to abort their current transactions and exit promptly. It then
- waits for the server processes to exit and finally shuts down. This is the
+ waits for the server processes to exit and finally shuts down.
+ If the server is in online backup mode, backup mode will be
+ terminated, rendering the backup useless. This is the
<firstterm>Fast Shutdown</firstterm>.
</para>
</listitem>
diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c
index 33c912ebaa4..d23fc9b5614 100644
--- a/src/backend/access/transam/xlog.c
+++ b/src/backend/access/transam/xlog.c
@@ -7,7 +7,7 @@
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/backend/access/transam/xlog.c,v 1.298 2008/04/21 00:26:44 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/access/transam/xlog.c,v 1.299 2008/04/23 13:44:58 mha Exp $
*
*-------------------------------------------------------------------------
*/
@@ -6577,6 +6577,7 @@ pg_start_backup_callback(int code, Datum arg)
* create a backup history file in pg_xlog (whence it will immediately be
* archived). The backup history file contains the same info found in
* the label file, plus the backup-end time and WAL location.
+ * Note: different from CancelBackup which just cancels online backup mode.
*/
Datum
pg_stop_backup(PG_FUNCTION_ARGS)
@@ -7063,3 +7064,52 @@ rm_redo_error_callback(void *arg)
pfree(buf.data);
}
+
+/*
+ * BackupInProgress: check if online backup mode is active
+ *
+ * This is done by checking for existence of the "backup_label" file.
+ */
+bool
+BackupInProgress(void)
+{
+ struct stat stat_buf;
+
+ return (stat(BACKUP_LABEL_FILE, &stat_buf) == 0);
+}
+
+/*
+ * CancelBackup: rename the "backup_label" file to cancel backup mode
+ *
+ * If the "backup_label" file exists, it will be renamed to "backup_label.old".
+ * Note that this will render an online backup in progress useless.
+ * To correctly finish an online backup, pg_stop_backup must be called.
+ */
+void
+CancelBackup(void)
+{
+ struct stat stat_buf;
+
+ /* if the file is not there, return */
+ if (stat(BACKUP_LABEL_FILE, &stat_buf) < 0)
+ return;
+
+ /* remove leftover file from previously cancelled backup if it exists */
+ unlink(BACKUP_LABEL_OLD);
+
+ if (rename(BACKUP_LABEL_FILE, BACKUP_LABEL_OLD) == 0)
+ {
+ ereport(LOG,
+ (errmsg("online backup mode cancelled"),
+ errdetail("\"%s\" renamed to \"%s\"",
+ BACKUP_LABEL_FILE, BACKUP_LABEL_OLD)));
+ }
+ else
+ {
+ ereport(WARNING,
+ (errcode_for_file_access(),
+ errmsg("could not rename \"%s\" to \"%s\", backup mode not cancelled: %m",
+ BACKUP_LABEL_FILE, BACKUP_LABEL_OLD)));
+ }
+}
+
diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
index 7c6692b2a5d..f3bcdd968c7 100644
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@@ -37,7 +37,7 @@
*
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.554 2008/03/31 02:43:14 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.555 2008/04/23 13:44:59 mha Exp $
*
* NOTES
*
@@ -253,6 +253,7 @@ typedef enum
PM_INIT, /* postmaster starting */
PM_STARTUP, /* waiting for startup subprocess */
PM_RUN, /* normal "database is alive" state */
+ PM_WAIT_BACKUP, /* waiting for online backup mode to end */
PM_WAIT_BACKENDS, /* waiting for live backends to exit */
PM_SHUTDOWN, /* waiting for bgwriter to do shutdown ckpt */
PM_SHUTDOWN_2, /* waiting for archiver to finish */
@@ -1724,8 +1725,12 @@ processCancelRequest(Port *port, void *pkt)
static enum CAC_state
canAcceptConnections(void)
{
- /* Can't start backends when in startup/shutdown/recovery state. */
- if (pmState != PM_RUN)
+ /*
+ * Can't start backends when in startup/shutdown/recovery state.
+ * In state PM_WAIT_BACKUP we must allow connections so that
+ * a superuser can end online backup mode.
+ */
+ if ((pmState != PM_RUN) && (pmState != PM_WAIT_BACKUP))
{
if (Shutdown > NoShutdown)
return CAC_SHUTDOWN; /* shutdown is pending */
@@ -1965,11 +1970,12 @@ pmdie(SIGNAL_ARGS)
/* and the walwriter too */
if (WalWriterPID != 0)
signal_child(WalWriterPID, SIGTERM);
- pmState = PM_WAIT_BACKENDS;
+ pmState = PM_WAIT_BACKUP;
}
/*
- * Now wait for backends to exit. If there are none,
+ * Now wait for online backup mode to end and
+ * backends to exit. If that is already the case,
* PostmasterStateMachine will take the next step.
*/
PostmasterStateMachine();
@@ -2011,6 +2017,13 @@ pmdie(SIGNAL_ARGS)
* PostmasterStateMachine will take the next step.
*/
PostmasterStateMachine();
+
+ /*
+ * Terminate backup mode to avoid recovery after a
+ * clean fast shutdown.
+ */
+ CancelBackup();
+
break;
case SIGQUIT:
@@ -2552,6 +2565,20 @@ LogChildExit(int lev, const char *procname, int pid, int exitstatus)
static void
PostmasterStateMachine(void)
{
+ if (pmState == PM_WAIT_BACKUP)
+ {
+ /*
+ * PM_WAIT_BACKUP state ends when online backup mode is no longer
+ * active. In this state canAcceptConnections() will still allow
+ * client connections, which is necessary because a superuser
+ * has to call pg_stop_backup() to end online backup mode.
+ */
+ if (!BackupInProgress())
+ {
+ pmState = PM_WAIT_BACKENDS;
+ }
+ }
+
/*
* If we are in a state-machine state that implies waiting for backends to
* exit, see if they're all gone, and change state if so.
diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c
index 89fc34d6860..55319c6262b 100644
--- a/src/bin/pg_ctl/pg_ctl.c
+++ b/src/bin/pg_ctl/pg_ctl.c
@@ -4,7 +4,7 @@
*
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
*
- * $PostgreSQL: pgsql/src/bin/pg_ctl/pg_ctl.c,v 1.96 2008/02/29 23:31:20 adunstan Exp $
+ * $PostgreSQL: pgsql/src/bin/pg_ctl/pg_ctl.c,v 1.97 2008/04/23 13:44:59 mha Exp $
*
*-------------------------------------------------------------------------
*/
@@ -144,6 +144,7 @@ static char def_postopts_file[MAXPGPATH];
static char postopts_file[MAXPGPATH];
static char pid_file[MAXPGPATH];
static char conf_file[MAXPGPATH];
+static char backup_file[MAXPGPATH];
#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_CORE)
static void unlimit_core_size(void);
@@ -731,6 +732,7 @@ do_stop(void)
{
int cnt;
pgpid_t pid;
+ struct stat statbuf;
pid = get_pgpid();
@@ -763,6 +765,12 @@ do_stop(void)
}
else
{
+ if ((shutdown_mode == SMART_MODE) && (stat(backup_file, &statbuf) == 0))
+ {
+ print_msg(_("WARNING: online backup mode is active; must be ended\n"
+ " with pg_stop_backup() for shutdown to complete\n\n"));
+ }
+
print_msg(_("waiting for server to shut down..."));
for (cnt = 0; cnt < wait_seconds; cnt++)
@@ -799,6 +807,7 @@ do_restart(void)
{
int cnt;
pgpid_t pid;
+ struct stat statbuf;
pid = get_pgpid();
@@ -833,6 +842,12 @@ do_restart(void)
exit(1);
}
+ if ((shutdown_mode == SMART_MODE) && (stat(backup_file, &statbuf) == 0))
+ {
+ print_msg(_("WARNING: online backup mode is active; must be ended\n"
+ " with pg_stop_backup() for shutdown to complete\n\n"));
+ }
+
print_msg(_("waiting for server to shut down..."));
/* always wait for restart */
@@ -1883,6 +1898,7 @@ main(int argc, char **argv)
snprintf(postopts_file, MAXPGPATH, "%s/postmaster.opts", pg_data);
snprintf(pid_file, MAXPGPATH, "%s/postmaster.pid", pg_data);
snprintf(conf_file, MAXPGPATH, "%s/postgresql.conf", pg_data);
+ snprintf(backup_file, MAXPGPATH, "%s/backup_label", pg_data);
}
switch (ctl_command)
diff --git a/src/include/miscadmin.h b/src/include/miscadmin.h
index d06b34be437..3d1511e58a5 100644
--- a/src/include/miscadmin.h
+++ b/src/include/miscadmin.h
@@ -13,7 +13,7 @@
* Portions Copyright (c) 1996-2008, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
- * $PostgreSQL: pgsql/src/include/miscadmin.h,v 1.201 2008/02/20 22:46:24 tgl Exp $
+ * $PostgreSQL: pgsql/src/include/miscadmin.h,v 1.202 2008/04/23 13:44:59 mha Exp $
*
* NOTES
* some of the information in this file should be moved to other files.
@@ -330,4 +330,8 @@ extern void ValidatePgVersion(const char *path);
extern void process_shared_preload_libraries(void);
extern void process_local_preload_libraries(void);
+/* in access/transam/xlog.c */
+extern bool BackupInProgress(void);
+extern void CancelBackup(void);
+
#endif /* MISCADMIN_H */
--
GitLab