1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter26.Reliability and the Write-Ahead Log</title>
<link rel="stylesheet" href="stylesheet.css" type="text/css">
<link rev="made" href="pgsql-docs@postgresql.org">
<meta name="generator" content="DocBook XSL Stylesheets V1.70.0">
<link rel="start" href="index.html" title="PostgreSQL 8.1.4 Documentation">
<link rel="up" href="admin.html" title="PartIII.Server Administration">
<link rel="prev" href="disk-full.html" title="25.2.Disk Full Failure">
<link rel="next" href="wal-intro.html" title="26.2.Write-Ahead Logging (WAL)">
<link rel="copyright" href="ln-legalnotice.html" title="Legal Notice">
</head>
<body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="chapter" lang="en" id="wal">
<div class="titlepage"><div><div><h2 class="title">
<a name="wal"></a>Chapter26.Reliability and the Write-Ahead Log</h2></div></div></div>
<div class="toc">
<p><b>Table of Contents</b></p>
<dl>
<dt><span class="sect1"><a href="wal.html#wal-reliability">26.1. Reliability</a></span></dt>
<dt><span class="sect1"><a href="wal-intro.html">26.2. Write-Ahead Logging (<acronym class="acronym">WAL</acronym>)</a></span></dt>
<dt><span class="sect1"><a href="wal-configuration.html">26.3. <acronym class="acronym">WAL</acronym> Configuration</a></span></dt>
<dt><span class="sect1"><a href="wal-internals.html">26.4. WAL Internals</a></span></dt>
</dl>
</div>
<p> This chapter explain how the Write-Ahead Log is used to obtain
efficient, reliable operation.
</p>
<div class="sect1" lang="en">
<div class="titlepage"><div><div><h2 class="title" style="clear: both">
<a name="wal-reliability"></a>26.1.Reliability</h2></div></div></div>
<p> Reliability is an important property of any serious database
system, and <span class="productname">PostgreSQL</span> does everything possible to
guarantee reliable operation. One aspect of reliable operation is
that all data recorded by a committed transaction should be stored
in a nonvolatile area that is safe from power loss, operating
system failure, and hardware failure (except failure of the
nonvolatile area itself, of course). Successfully writing the data
to the computer's permanent storage (disk drive or equivalent)
ordinarily meets this requirement. In fact, even if a computer is
fatally damaged, if the disk drives survive they can be moved to
another computer with similar hardware and all committed
transactions will remain intact.
</p>
<p> While forcing data periodically to the disk platters might seem like
a simple operation, it is not. Because disk drives are dramatically
slower than main memory and CPUs, several layers of caching exist
between the computer's main memory and the disk platters.
First, there is the operating system's buffer cache, which caches
frequently requested disk blocks and combines disk writes. Fortunately,
all operating systems give applications a way to force writes from
the buffer cache to disk, and <span class="productname">PostgreSQL</span> uses those
features. (See the <a href="runtime-config-wal.html#guc-wal-sync-method">wal_sync_method</a> parameter
to adjust how this is done.)
</p>
<p> Next, there may be a cache in the disk drive controller; this is
particularly common on <acronym class="acronym">RAID</acronym> controller cards. Some of
these caches are <em class="firstterm">write-through</em>, meaning writes are passed
along to the drive as soon as they arrive. Others are
<em class="firstterm">write-back</em>, meaning data is passed on to the drive at
some later time. Such caches can be a reliability hazard because the
memory in the disk controller cache is volatile, and will lose its
contents in a power failure. Better controller cards have
<em class="firstterm">battery-backed</em> caches, meaning the card has a battery that
maintains power to the cache in case of system power loss. After power
is restored the data will be written to the disk drives.
</p>
<p> And finally, most disk drives have caches. Some are write-through
while some are write-back, and the
same concerns about data loss exist for write-back drive caches as
exist for disk controller caches. Consumer-grade IDE drives are
particularly likely to contain write-back caches that will not
survive a power failure.
</p>
<p> When the operating system sends a write request to the disk hardware,
there is little it can do to make sure the data has arrived at a truly
non-volatile storage area. Rather, it is the
administrator's responsibility to be sure that all storage components
ensure data integrity. Avoid disk controllers that have non-battery-backed
write caches. At the drive level, disable write-back caching if the
drive cannot guarantee the data will be written before shutdown.
</p>
<p> Another risk of data loss is posed by the disk platter write
operations themselves. Disk platters are divided into sectors,
commonly 512 bytes each. Every physical read or write operation
processes a whole sector.
When a write request arrives at the drive, it might be for 512 bytes,
1024 bytes, or 8192 bytes, and the process of writing could fail due
to power loss at any time, meaning some of the 512-byte sectors were
written, and others were not. To guard against such failures,
<span class="productname">PostgreSQL</span> periodically writes full page images to
permanent storage <span class="emphasis"><em>before</em></span> modifying the actual page on
disk. By doing this, during crash recovery <span class="productname">PostgreSQL</span> can
restore partially-written pages. If you have a battery-backed disk
controller or file-system software (e.g., Reiser4) that prevents partial
page writes, you can turn off this page imaging by using the
<a href="runtime-config-wal.html#guc-full-page-writes">full_page_writes</a> parameter.
</p>
</div>
</div></body>
</html>
|
