[pgpool-hackers: 3540] Re: [pgpool-general: 6925] Re: Inconsistency between DB nodes with native replication

Tatsuo Ishii ishii at sraoss.co.jp
Tue Mar 10 10:05:11 JST 2020 

There is a long standing bug with native replication mode. As reported
in pgpool-general, it is possible to lost sync of database if slave
DB's postgres process is killed. This is due to an oversight in
read_packets_and_process().

In replication mode if slave server's postgres is killed, then local
backend status is set to down.

*(my_backend_status[i]) = CON_DOWN;

So next DDL/DML in the same session is only issued to master node (and
other slave if there are multiple slave nodes). Of course this leads
to serious data inconsistency problem because in native replication
mode all DB nodes must receive DDL/DML at the same time.

Attached patch should fix the problem by triggering failover in this
case.

Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp

> I have found a case which could explain your problem. See following Pgpool-II log.
> 
> 1. Connect to Pgpool-II using psql. Make sure that load balance node is node 0.
> 
> test=# show pool_nodes;
>  node_id | hostname | port  | status | lb_weight |  role  | select_cnt | load_balance_node | replication_delay | replication_state | replication_sync_state | last_status_change  
> ---------+----------+-------+--------+-----------+--------+------------+-------------------+-------------------+-------------------+------------------------+---------------------
>  0       | /tmp     | 11002 | up     | 1.000000  | master | 1          | true              | 0                 |                   |                        | 2020-03-10 09:02:16
>  1       | /tmp     | 11003 | up     | 0.000000  | slave  | 0          | false             | 0                 |                   |                        | 2020-03-10 09:02:16
> (2 rows)
> 
> 2. CREATE a table "t2".
> 2020-03-10 09:07:07: pid 12361: LOG:  DB node id: 0 backend pid: 12459 statement: BEGIN
> 2020-03-10 09:07:07: pid 12361: LOG:  DB node id: 1 backend pid: 12460 statement: BEGIN
> 2020-03-10 09:07:07: pid 12361: LOG:  DB node id: 0 backend pid: 12459 statement: create table t2(i int);
> 2020-03-10 09:07:07: pid 12361: LOG:  DB node id: 1 backend pid: 12460 statement: create table t2(i int);
> 2020-03-10 09:07:07: pid 12361: LOG:  DB node id: 1 backend pid: 12460 statement: COMMIT
> 2020-03-10 09:07:07: pid 12361: LOG:  DB node id: 0 backend pid: 12459 statement: COMMIT
> 
> 3. Issue pg_terminate_backend(12460) to kill the PostgreSQL process on
> node 1 from different terminal.
> 
> 4. Pgpool-II detects it and set the local node 1 status down.
> 
> 2020-03-10 09:08:20: pid 12361: LOG:  reading and processing packets
> 2020-03-10 09:08:20: pid 12361: DETAIL:  postmaster on DB node 1 was shutdown by administrative command
> 
> 5. Issue INSERT to see it is forwarded to only node 0 on the same session as 1 and 2.
> 
> 2020-03-10 09:08:36: pid 12361: LOG:  DB node id: 0 backend pid: 12459 statement: SELECT attname, pg_get_expr(d.adbin, d.adrelid), coalesce((pg_get_expr(d.adbin, d.adrelid) LIKE '%now()%' OR pg_get_expr(d.adbin, d.adrelid) LIKE '%''now''::text%' OR pg_get_expr(d.adbin, d.adrelid) LIKE '%CURRENT_TIMESTAMP%' OR pg_get_expr(d.adbin, d.adrelid) LIKE '%CURRENT_TIME%' OR pg_get_expr(d.adbin, d.adrelid) LIKE '%CURRENT_DATE%' OR pg_get_expr(d.adbin, d.adrelid) LIKE '%LOCALTIME%' OR pg_get_expr(d.adbin, d.adrelid) LIKE '%LOCALTIMESTAMP%') AND (a.atttypid = 'timestamp'::regtype::oid OR a.atttypid = 'timestamp with time zone'::regtype::oid OR a.atttypid = 'date'::regtype::oid OR a.atttypid = 'time'::regtype::oid OR a.atttypid = 'time with time zone'::regtype::oid) , false) FROM pg_catalog.pg_class c, pg_catalog.pg_attribute a  LEFT JOIN pg_catalog.pg_attrdef d ON (a.attrelid = d.adrelid AND a.attnum = d.adnum) WHERE c.oid = a.attrelid AND a.attnum >= 1 AND a.attisdropped = 'f' AND c.oid = to_regclass('"t2"') ORDER BY a.attnum
> 2020-03-10 09:08:36: pid 12361: LOG:  DB node id: 0 backend pid: 12459 statement: insert into t2 values(1);
> 
> So my question is, did you use pg_terminate_backend() or kill the
> postgres backend process on node 1 by using kill command?
> 
>>> Have you seen any failover event of node 1 and then it failback while the test? If process 29684 copied the down status of node 1 when failover happened but failed to change the local status to "up" when node 1 failed back, then this could be an expiation.
>> 
>> Not as far as I remember. If node 1 went down, it would always stay down until I manually used some kind of recovery (as in - I never was anything in the log about failback).
>> 
>>> If your test environment's network is more unstable than the data center, it is likely to have more chance of failover. Of course this is just a guess.
>> 
>> I asked our sysadmin to move the second DB server (node 1) to the same physical machine in virtualization where is the first DB server (node 0), so I'll see if there is any difference.
>> 
>> Vladimír Láznička
>> 
>> -----Original Message-----
>> From: Tatsuo Ishii <ishii at sraoss.co.jp> 
>> Sent: Thursday, March 5, 2020 1:18 PM
>> To: Láznička Vladimír <Vladimir.Laznicka at cca.cz>
>> Cc: pengbo at sraoss.co.jp; pgpool-general at pgpool.net
>> Subject: Re: [pgpool-general: 6896] Re: Inconsistency between DB nodes with native replication
>> 
>>> Do you think there is a possibility that only one specific child 
>>> process of pgpool thinks that one of the DB nodes is dead?
>> 
>> Yes. Pgpool-II maintains backend status (up, down ,quarantine etc.) in shared memory and also each pgpool process has local copy of it (usually each pgpool looks into the local copy status). So if for some reason the local status becomes out of sync with the shared memory status, we might see the phenomena.
>> 
>> Have you seen any failover event of node 1 and then it failback while the test? If process 29684 copied the down status of node 1 when failover happened but failed to change the local status to "up" when node 1 failed back, then this could be an expiation.
>> 
>>> Is there a way to find about it? I guess I could set the logging to 
>>> some debug level, but I don't even want to imagine the log volume in 
>>> that case, since it is already hundreds of megabytes in size.
>> 
>> As far as I know there's no way to find out the phenomena without turning on debug log. But, yes, it would create huge amount of log.
>> 
>>> On the side note I also have the test running on other environment (in 
>>> customer's data center) and it did not fail so far (since 25th of 
>>> February) so it may come from some specific setting on those servers 
>>> (pgpool.conf is set the same apart from IP addresses and number of 
>>> child processes generated at startup).
>> 
>> If your test environment's network is more unstable than the data center, it is likely to have more chance of failover. Of course this is just a guess.
>> 
>> Best regards,
>> --
>> Tatsuo Ishii
>> SRA OSS, Inc. Japan
>> English: http://www.sraoss.co.jp/index_en.php
>> Japanese:http://www.sraoss.co.jp
> _______________________________________________
> pgpool-general mailing list
> pgpool-general at pgpool.net
> http://www.pgpool.net/mailman/listinfo/pgpool-general
-------------- next part --------------
A non-text attachment was scrubbed...
Name: native_replication_inconsistency.diff
Type: text/x-patch
Size: 622 bytes
Desc: not available
URL: <http://www.sraoss.jp/pipermail/pgpool-hackers/attachments/20200310/ef335f78/attachment.bin>

More information about the pgpool-hackers mailing list