Streaming replication, loose ends

From: Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>
To: Fujii Masao <masao(dot)fujii(at)gmail(dot)com>
Cc: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Streaming replication, loose ends
Date: 2010-01-15 09:19:18
Message-ID: 4B503316.8010102@enterprisedb.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

I've now committed streaming replication. I moved the files around a
bit, and put the walreceiver/walsender stuff in a new
src/backend/replication subdirectory. There's enough stuff there already
to deserve a new subdirectory, and if we add the capability for
streaming base backups etc. that has been discussed, we will have more
code in there.

But it's not time to party yet. There's still a few loose ends we need
to address:

Documentation. The patch originally moved around some sections, but I
didn't include that in the committed version, to make it clear in the
diff what exactly was added/changed. But I do agree with the original
thought of adding a new "Replication" chapter, and moving all the
replication and standby related stuff there from the "Backup and
Restore" chapter, so let's start working on that.

And of course the documentation needs to be improved and expanded in
general.

We talked about changing the retry-logic yesterday, so that the standby
could fall back to restoring WAL files from archive even after it has
already connected to the primary, if it e.g falls behind too much. It
looks like that involves some heavy refactoring around
ReadRecord/FetchRecord, which makes me a bit nervous given how critical
ReadRecord() is and how old and well-tested the current code is. So
let's tackle that as a follow-on patch.

Then there's the issue of what privileges to require for a replication
connection. I kept the superuser() check for now, so you currently need
to be superuser, but as I opined earlier I don't think that's good for
overall security. Perhaps we should add a new "replication" privilege
besides the login privilege. To connect for replication, replication
privilege would be checked instead of login privilege. That would make
it quite simple to create a user or users for replication purposes, with
no other access to the system.

--
Heikki Linnakangas
EnterpriseDB http://www.enterprisedb.com

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Bruce Momjian 2010-01-15 10:36:57 Re: Streaming replication, loose ends
Previous Message Pavel Stehule 2010-01-15 09:00:57 Re: [PL/PgSQL] EXECUTE...USING enhancement proposal