</para>
<para>
<varname>wd_de_escalation_command</varname> is not available prior to
- <productname>Pgpool-II</productname><emphasis>V3.5</emphasis>.
+ <productname>Pgpool-II </productname><emphasis>V3.5</emphasis>.
</para>
<para>
This parameter can only be set at server start.
</variablelist>
</sect2>
+<sect2 id="config-watchdog-failover-behavior">
+ <title>Controlling the Failover behavior</title>
+
+ <para>
+ These settings are used to control the behavior of backend node failover when the watchdog is enabled.
+ The effect of these configurations is limited to the failover/degenerate requests initiated by
+ <productname>Pgpool-II</productname> internally, while the user initiated detach backend requests
+ (using PCP command) by-pass these configuration settings.
+ </para>
+
+ <variablelist>
+
+ <varlistentry id="guc-failover-when-quorum-exists" xreflabel="failover_when_quorum_exists">
+ <term><varname>failover_when_quorum_exists</varname> (<type>boolean</type>)
+ <indexterm>
+ <primary><varname>failover_when_quorum_exists</varname> configuration parameter</primary>
+ </indexterm>
+ </term>
+ <listitem>
+ <para>
+ When enabled, <productname>Pgpool-II</productname> will perform the degenerate/failover on
+ backend node if the quorum exists. In the absence of the quorum, <productname>Pgpool-II</productname>
+ node that detects the backend failure will quarantine the failed backend node until the quorum exists again.
+ </para>
+ <para>
+ The quarantine nodes behaves similar to the detached backend nodes but unlike failed/degenerated backends
+ the quarantine status is not propagated to the other <productname>Pgpool-II</productname> nodes in the
+ watchdog cluster, So even if the backend node is in the quarantine state on one
+ <productname>Pgpool-II</productname> node, other <productname>Pgpool-II</productname> nodes may
+ still continue to use that backend.
+ </para>
+ <para>
+ Although there are many similarities in quarantine and failover operations, but they both differ in a very
+ fundamental way. The quarantine operations does not executes the <xref linkend="guc-failover-command">
+ and silently detaches the problematic node, So in the case when the master backend node is quarantined, the
+ <productname>Pgpool-II</productname> will not promote the standby to take over the master responsibilities
+ and until the master node is quarantined the <productname>Pgpool-II</productname> will not have
+ any useable master backend node.
+ </para>
+ <para>
+ Default is on.
+ </para>
+ <para>
+ <varname>failover_when_quorum_exists</varname> is not available prior to
+ <productname>Pgpool-II </productname><emphasis>V3.7</emphasis>.
+ </para>
+ <para>
+ This parameter can only be set at server start.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="guc-failover-require-consensus" xreflabel="failover_require_consensus">
+ <term><varname>failover_require_consensus</varname> (<type>boolean</type>)
+ <indexterm>
+ <primary><varname>failover_require_consensus</varname> configuration parameter</primary>
+ </indexterm>
+ </term>
+ <listitem>
+ <para>
+ When enabled, <productname>Pgpool-II</productname> will perform the degenerate/failover on a
+ backend node if the watchdog quorum exists and at-least minimum number of nodes necessary
+ for the quorum vote for the failover.
+ </para>
+ <para>
+ For example, in a three node watchdog cluster, the failover will only be performed until at
+ least two nodes ask for performing the failover on the particular backend node.
+ </para>
+ <para>
+ Default is on.
+ </para>
+ <para>
+ <varname>failover_require_consensus</varname> is not available prior to
+ <productname>Pgpool-II </productname><emphasis>V3.7</emphasis>. and it is only
+ effective when <xref linkend="guc-failover-when-quorum-exists"> is enabled
+ </para>
+ <para>
+ This parameter can only be set at server start.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry id="guc-allow-multiple-failover-requests-from-node" xreflabel="allow_multiple_failover_requests_from_node">
+ <term><varname>allow_multiple_failover_requests_from_node</varname> (<type>boolean</type>)
+ <indexterm>
+ <primary><varname>allow_multiple_failover_requests_from_node</varname> configuration parameter</primary>
+ </indexterm>
+ </term>
+ <listitem>
+ <para>
+ This parameter works in connection with the
+ <xref linkend="guc-failover-require-consensus">. When enabled, a single <productname>Pgpool-II</productname>
+ node can cast multiple votes for the failover.
+ </para>
+ <para>
+ For example, in a three node watchdog cluster, if one <productname>Pgpool-II</productname> node sends two
+ failover requests for a particular backend node failover, Both requests will be counted as a separate
+ vote in the favor of the failover and <productname>Pgpool-II</productname> will execute the failover,
+ even if it does not get the vote from any other <productname>Pgpool-II</productname> node.
+ </para>
+ <para>
+ Default is off.
+ </para>
+ <para>
+ <varname>allow_multiple_failover_requests_from_node</varname> is not available prior to
+ <productname>Pgpool-II </productname><emphasis>V3.7</emphasis>. and it is only
+ effective when both <xref linkend="guc-failover-when-quorum-exists"> and
+ <xref linkend="guc-failover-require-consensus"> are enabled
+ </para>
+ <para>
+ This parameter can only be set at server start.
+ </para>
+ </listitem>
+ </varlistentry>
+
+ </variablelist>
+ </sect2>
+
<sect2 id="config-watchdog-lifecheck">
<title>Life checking <productname>Pgpool-II</productname> </title>
ereport(LOG,(
errmsg("failover requires the majority vote, waiting for consensus"),
errdetail("failover request noted")));
- if (duplicate && !pool_config->enable_multiple_failover_requests_from_node)
+ if (duplicate && !pool_config->allow_multiple_failover_requests_from_node)
return FAILOVER_RES_CONSENSUS_MAY_FAIL;
else
return FAILOVER_RES_BUILDING_CONSENSUS;
{
*duplicate = true;
/* The failover request is duplicate */
- if (pool_config->enable_multiple_failover_requests_from_node)
+ if (pool_config->allow_multiple_failover_requests_from_node)
{
failoverObj->request_count++;
ereport(LOG,(
errmsg("duplicate failover request from \"%s\" node",wdNode->nodeName),
errdetail("Pgpool-II can send multiple failover requests for same node"),
- errhint("enable_multiple_failover_requests_from_node is enabled")));
+ errhint("allow_multiple_failover_requests_from_node is enabled")));
}
else
{
projects / pgpool2.git / commitdiff