Search Postgresql Archives

Re: Something else about Redo Logs disappearing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sat, 2020-06-13 at 19:48 +0200, Peter wrote:
> ! >  4. If, by misconfiguration and/or operator error, the backup system
> ! >     happens to start a second backup. in parallel to the first,
> ! >     then do I correctly assume, both backups will be rendered
> ! >     inconsistent while this may not be visible to the operator; and
> ! >     the earlier backup would be flagged as apparently successful while
> ! >     carrying the wrong (later) label?
> ! 
> ! If you are using my scripts and start a second backup while the first
> ! one is still running, the first backup will be interrupted.
> 
> This is not what I am asking. It appears correct to me, that, on
> the database, the first backup will be interrupted. But on the
> tape side, this might go unnoticed, and on completion it will
> successfully receive the termination code from the *SECOND*
> backup - which means that on tape we will have a seemingly
> successful backup, which
>  1. is corrupted, and
>  2. carries a wrong label.

That will only happen if the backup that uses my scripts does the
wrong thing.

An example:

- Backup #1 calls "pgpre.sh"
- Backup #1 starts copying files
- Backup #2 calls "pgpre.sh".
  This will cancel the first backup.
- Backup #1 completes copying files.
- Backup #1 calls "pgpost.sh".
  It will receive an error.
  So it has to invalidate the backup.
- Backup #2 completes copying files.
- Backup #2 calls "pgpost.sh".
  It gets a "backup_label" file and completes the backup.

So the only way that something can go wrong would be if
backup #1 somehow does *not* invalidate the backup.

> ! This is specific to my scripts, PostgreSQL's non-exclusive backup
> ! can perform more than one concurrent backup successfully.
> ! I tried to keep things simple.
> 
> I understand. But the operator may not know that and/or accidentially
> start a second backup while one is still running. And this will then
> result in ...
> 
> ! If you have the wrong "backup_label", you end up with silent data corruption.
> 
>  ... this.

Of course, if you do arbitrary nonsense like restoring a
backup without "backup_label", you will get arbitrary data
corruption.

It is a fundamental principle that, apart from "backup_label", there
is no way to tell a backup from a crashed data directory.
Any backup/recovery software must refuse to use a backup that lacks that file.

Yours,
Laurenz Albe
-- 
Cybertec | https://www.cybertec-postgresql.com
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux