On 10/20/06, Shane Ambler <pgsql@xxxxxxxxxxxxxxxx> wrote:
>> After all, that's what a system crash is, right?
>
> A system crash is safer in that it won't leave orphaned child
> processes or IPC/synchronization resources around, making it more
> comparable to a SIGQUIT than a SIGKILL.
>
The one thing worse than kill -9 the postmaster is pulling the power
cord out of the server. Which is what makes UPS's so good.
Well, I think that pulling the power cord is much safer than killing -9
the postmaster. If you pull the plug, then during bootup postgresql
will just replay every COMMITed transaction, so there won't be any
dataloss or downtime.
If you kill -9 postmaster... well, it's messy. ;-))) I feel safer when
everything goes down at the same time. ;)
If your server is changing the data file on disk and you pull the power
cord, what chance do you expect of reading that data file again?
With PostgreSQL? I expect to read all commited transactions. And
those not commited... well, they weren't commited in the first place,
so I won't see them anyway.
This is all in assumption that you are running your DB with fsync on,
on a reliable filesystem, and your hardware doesn't lie to you about
fsyncing data (and it's best if you have a battery for controller's cache).
Regards,
Dawid
