Thanks a lot for a very fast responce. The reason for asking is this video of march 2016Josh Berkin talks about the possibility of datafile corruption on the Postgres server connected bya lot of Docker/Pod(Redhats Kubernetes with etcd to manage the failover) images. In my understanding a Postgres cluster will act exactly the same way nomatter which way the Postgres is connected.So how come that Josh Berkin is worried about databasefile corruption?
TIA !Poul--2016-10-05 14:22 GMT+02:00 Scott Mead <scottm@xxxxxxxxxxx>:On Wed, Oct 5, 2016 at 7:56 AM, Poul Kristensen <bcc5226@xxxxxxxxx> wrote:Hi !According to the documentation a shared disk failover is possible as shown below.According to discussions on the Internet it is a problem missing 1-2 secondsin a failover situation.Does anyone know of the latest news in this case?I would be very surprised if it were capable of causing that little downtime. It's possible, but you'd have to fail at exactly the right moment. Depending on your network, hardware and other factors, I would say this would more likely take 15 seconds to 1 minute. This would *almost* always be the case when using shared disk failover.There are other strategies for low-downtime failover, but, most of them will be in the same 15 - 60 seconds. The only real scenario would be to use a multi-master solution (no promotion required), but, these have their own issues and may have a performance impact.--ScottComparison of Different Solutions
- Shared Disk Failover
Shared disk failover avoids synchronization overhead by having only one copy of the database. It uses a single disk array that is shared by multiple servers. If the main database server fails, the standby server is able to mount and start the database as though it were recovering from a database crash. This allows rapid failover with no data loss.
Shared hardware functionality is common in network storage devices. Using a network file system is also possible, though care must be taken that the file system has fullPOSIX behavior (see Section 17.2.2). One significant limitation of this method is that if the shared disk array fails or becomes corrupt, the primary and standby servers are both nonfunctional. Another issue is that the standby server should never access the shared storage while the primary server is running.
TIA !Poul
--Med venlig hilsen / Best regards
Poul Kristensen
Linux-OS/Virtualizationexpert and Oracle DBA