<div dir="ltr">Hi,<div><br></div>So I have cooked up a WIP patch that implements the above discussed behavior. <br><br><div>The attached patch adds three new configuration parameters<div><br></div><div><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><font face="monospace">#wd_remove_shutdown_nodes = off<br> # when enabled properly shutdown watchdog nodes get<br> # removed from the cluster and does not count towards<br> # the quorum and consensus computations<br><br>#wd_lost_node_removal_timeout = 0s<br> # Time after which the LOST watchdog nodes get<br> # removed from the cluster and does not count towards<br> # the quorum and consensus computations<br> # setting it to 0 will never remove the LOST nodes<br><br>#wd_initial_node_showup_time = 0s<br><br> # Time to wait for Watchdog nodes to connect to the cluster.<br> # After that time the nodes are considered to be not part of<br> # the cluster and will not count towards<br> # the quorum and consensus computations<br> # setting it to 0 will wait forever</font></p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><span style="color:rgb(34,34,34);font-family:Arial,Helvetica,sans-serif;background-color:transparent"><br></span></p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal">Keeping the default values for these parameters retains the existing behavior.</p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><br></p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal">Moreover, the patch also enhances the <font face="monospace">wd_watchdog_info</font> utility to output the current "Quorum State"</p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal">for each watchdog node and "number of nodes require for quorum" and "valid remote nodes count" as per</p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal">the current status of watchdog cluster. This change might also require the bump of pcp lib version.</p><p class="gmail-p1" style="margin:0px;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:normal"><br></p><font face="monospace"><br>bin/pcp_watchdog_info -U postgres -v<br>Watchdog Cluster Information<br>Total Nodes : 3<br>Remote Nodes : 2<br><b>Valid Remote Nodes : 1<br></b>Alive Remote Nodes : 0<br><b>Nodes required for quorum: 2<br></b>Quorum state : QUORUM ABSENT<br>VIP up on local node : NO<br>Leader Node Name : localhost:9990 Darwin Usama-Macbook-Pro.local<br>Leader Host Name : localhost<br><br>Watchdog Node Information<br>Node Name : localhost:9990 Darwin Usama-Macbook-Pro.local<br>...</font></div><div><font face="monospace">Status Name : LEADER<br><b>Quorum State : ACTIVE<br></b><br>Node Name : localhost:9991 Darwin Usama-Macbook-Pro.local<br>...</font></div><div><font face="monospace">Status : 10<br>Status Name : SHUTDOWN<br><b>Quorum State : ACTIVE</b><br><br>Node Name : Not_Set<br></font></div><div><font face="monospace">...</font></div><div><font face="monospace">Status Name : DEAD<br><b>Quorum State : REMOVED-NO-SHOW<br></b></font><br></div></div><div><br></div><div>The patch is still in WIP state mainly because it lacks the documentation updates, and I am</div><div>sharing it to get an opinion and suggestions on the behavior and configuration parameter names.</div><div><br></div><div>Thanks</div><div>Best regards</div><div>Muhammad Usama</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 23, 2021 at 6:05 AM Tatsuo Ishii <<a href="mailto:ishii@sraoss.co.jp">ishii@sraoss.co.jp</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Usama,<br>
<br>
Sorry for late reply.<br>
<br>
From: Muhammad Usama <<a href="mailto:m.usama@gmail.com" target="_blank">m.usama@gmail.com</a>><br>
Subject: Re: [pgpool-hackers: 3898] Re: [pgpool-general: 7543] VIP with one node<br>
Date: Thu, 22 Jul 2021 14:12:59 +0500<br>
Message-ID: <<a href="mailto:CAEJvTzXsKE2B0QMd0AjGBmXK6zocWZZcGU7yzzkSnmff0iAfqA@mail.gmail.com" target="_blank">CAEJvTzXsKE2B0QMd0AjGBmXK6zocWZZcGU7yzzkSnmff0iAfqA@mail.gmail.com</a>><br>
<br>
> On Tue, Jul 20, 2021 at 4:40 AM Tatsuo Ishii <<a href="mailto:ishii@sraoss.co.jp" target="_blank">ishii@sraoss.co.jp</a>> wrote:<br>
> <br>
>> >> Is it possible to configure watchdog to enable the lost node removal<br>
>> >> function only when a node is properly shutdown?<br>
>> >><br>
>><br>
>> > Yes if we disable the wd_lost_node_to_remove_timeout (by setting it to 0)<br>
>> > the lost node removal will only happen for properly shutdown nodes.<br>
>><br>
>> Oh, I thought setting wd_lost_node_to_remove_timeout to 0 will keep<br>
>> the existing behavior.<br>
>><br>
> <br>
> As there are two parts of the proposal, First one deals with removing the<br>
> lost node<br>
> from the cluster after wd_lost_node_to_remove_timeout amount of time. While<br>
> the<br>
> second part is about removing the properly shutdown nodes from the cluster.<br>
> <br>
> Now disabling the wd_lost_node_to_remove_timeout (setting it to 0) will<br>
> keep the<br>
> existing behaviour as far as removing the lost node portion of proposal is<br>
> concerned.<br>
> <br>
> While not counting the properly shutdown node as part of watchdog cluster<br>
> is not configurable (as per original proposal), So if we want to make this<br>
> part configurable<br>
> as well so that we can switch to 100% current behaviour then we can add<br>
> another<br>
> config parameter for that. like consider_shutdown_nodes_part_of_wd_cluster<br>
> = [on|off]<br>
<br>
+1 to add the new parameter.<br>
<br>
The reason is, some users may want to avoid split brain problem even<br>
if quorum/VIP is lost. Suppose there are two admins A for the system<br>
(OS), B for the database. B never wants to have the split brain<br>
possibility. If A shutdowns the system, B may not notice there are not<br>
enough nodes to form consensus anymore because if<br>
consider_shutdown_nodes_part_of_wd_cluster is on because the<br>
quorum/VIP will be kept until no node remains.<br>
<br>
In summary I think there are two use-cases for both<br>
consider_shutdown_nodes_part_of_wd_cluster is on and off.<br>
--<br>
Tatsuo Ishii<br>
SRA OSS, Inc. Japan<br>
English: <a href="http://www.sraoss.co.jp/index_en.php" rel="noreferrer" target="_blank">http://www.sraoss.co.jp/index_en.php</a><br>
Japanese:<a href="http://www.sraoss.co.jp" rel="noreferrer" target="_blank">http://www.sraoss.co.jp</a><br>
<br>
</blockquote></div>