[pgpool-hackers: 3998] Disabling failover when backend goes down or backend process killed

[Tatsuo Ishii]

Currently if backend node is shutdown by admin, Pgpool-II can trigger
failover in case when a client is being connected to pgpool and one of
following conditions are met:

1) the backend node is primary server

2) the backend node is not primary but load balance node is the backend node

Ok, this is fine because health check will detect the backend node is
down and triggers failover anyway.

Problem is, the same error code from backend node is also raised when
backend process is killed by either a signal or by
pg_terminate_backend() function. This is annoying because despite the
fact that the backend node is actually up and running, failover is
triggered.

Recently pgpool handles pg_terminate_backend() in more sophisticated way
to avoid the issue but this is not perfect. Still in certain cases
(for example the argument to the function is not a constant) failover
is triggered.

To overcome the problem, I would like to introduce a new switch called
"enable_failover_on_backend_shutdown" for upcoming Pgpool-II 4.3.  If
enable_failover_on_backend_shutdown is on, pgpool will behave as it is
now. If it is off, pgpool will not trigger failover when admin
shutdowns the backend node or backend process is killed. Instead the
session corresponding to the backend process will be terminated.

Comments or suggestions are welcome.
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp