From 4e0c743c18bf5435a4850510c5c74b3521c3e1e5 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Thu, 8 Mar 2018 11:25:26 -0500 Subject: [PATCH] Fix cross-checking of ReservedBackends/max_wal_senders/MaxConnections. We were independently checking ReservedBackends < MaxConnections and max_wal_senders < MaxConnections, but because walsenders aren't allowed to use superuser-reserved connections, that's really the wrong thing. Correct behavior is to insist on ReservedBackends + max_wal_senders being less than MaxConnections. Fix the code and associated documentation. This has been wrong for a long time, but since the situation probably hardly ever arises in the field (especially pre-v10, when the default for max_wal_senders was zero), no back-patch. Discussion: https://postgr.es/m/28271.1520195491@sss.pgh.pa.us --- doc/src/sgml/config.sgml | 23 ++++++++++++++--------- src/backend/postmaster/postmaster.c | 15 ++++++--------- src/backend/utils/init/postinit.c | 2 +- src/backend/utils/misc/guc.c | 5 +++-- 4 files changed, 24 insertions(+), 21 deletions(-) diff --git a/doc/src/sgml/config.sgml b/doc/src/sgml/config.sgml index 259a2d83b4..3a8fc7d803 100644 --- a/doc/src/sgml/config.sgml +++ b/doc/src/sgml/config.sgml @@ -696,8 +696,9 @@ include_dir 'conf.d' The default value is three connections. The value must be less - than the value of max_connections. This - parameter can only be set at server start. + than max_connections minus + . + This parameter can only be set at server start. @@ -2982,13 +2983,16 @@ include_dir 'conf.d' maximum number of simultaneously running WAL sender processes). The default is 10. The value 0 means replication is disabled. WAL sender processes count towards the total number - of connections, so the parameter cannot be set higher than - . Abrupt streaming client - disconnection might cause an orphaned connection slot until + of connections, so this parameter's value must be less than + minus + . + Abrupt streaming client disconnection might leave an orphaned + connection slot behind until a timeout is reached, so this parameter should be set slightly higher than the maximum number of expected clients so disconnected clients can immediately reconnect. This parameter can only - be set at server start. wal_level must be set to + be set at server start. + Also, wal_level must be set to replica or higher to allow connections from standby servers. @@ -3007,10 +3011,11 @@ include_dir 'conf.d' (see ) that the server can support. The default is 10. This parameter can only be set at server start. - wal_level must be set - to replica or higher to allow replication slots to - be used. Setting it to a lower value than the number of currently + Setting it to a lower value than the number of currently existing replication slots will prevent the server from starting. + Also, wal_level must be set + to replica or higher to allow replication slots to + be used. diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c index f3ddf828bb..660f3185e6 100644 --- a/src/backend/postmaster/postmaster.c +++ b/src/backend/postmaster/postmaster.c @@ -202,9 +202,9 @@ char *ListenAddresses; /* * ReservedBackends is the number of backends reserved for superuser use. - * This number is taken out of the pool size given by MaxBackends so + * This number is taken out of the pool size given by MaxConnections so * number of backend slots available to non-superusers is - * (MaxBackends - ReservedBackends). Note what this really means is + * (MaxConnections - ReservedBackends). Note what this really means is * "if there are <= ReservedBackends connections available, only superusers * can make new connections" --- pre-existing superuser connections don't * count against the limit. @@ -882,14 +882,11 @@ PostmasterMain(int argc, char *argv[]) /* * Check for invalid combinations of GUC settings. */ - if (ReservedBackends >= MaxConnections) + if (ReservedBackends + max_wal_senders >= MaxConnections) { - write_stderr("%s: superuser_reserved_connections must be less than max_connections\n", progname); - ExitPostmaster(1); - } - if (max_wal_senders >= MaxConnections) - { - write_stderr("%s: max_wal_senders must be less than max_connections\n", progname); + write_stderr("%s: superuser_reserved_connections (%d) plus max_wal_senders (%d) must be less than max_connections (%d)\n", + progname, + ReservedBackends, max_wal_senders, MaxConnections); ExitPostmaster(1); } if (XLogArchiveMode > ARCHIVE_MODE_OFF && wal_level == WAL_LEVEL_MINIMAL) diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c index 484628987f..d8f45b3c43 100644 --- a/src/backend/utils/init/postinit.c +++ b/src/backend/utils/init/postinit.c @@ -778,7 +778,7 @@ InitPostgres(const char *in_dbname, Oid dboid, const char *username, } /* - * The last few connections slots are reserved for superusers. Although + * The last few connection slots are reserved for superusers. Although * replication connections currently require superuser privileges, we * don't allow them to consume the reserved slots, which are intended for * interactive use. diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index 0c4cc9160d..a4f9b3668e 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -1873,6 +1873,7 @@ static struct config_int ConfigureNamesInt[] = }, { + /* see max_connections and max_wal_senders */ {"superuser_reserved_connections", PGC_POSTMASTER, CONN_AUTH_SETTINGS, gettext_noop("Sets the number of connection slots reserved for superusers."), NULL @@ -2375,7 +2376,7 @@ static struct config_int ConfigureNamesInt[] = }, { - /* see max_connections */ + /* see max_connections and superuser_reserved_connections */ {"max_wal_senders", PGC_POSTMASTER, REPLICATION_SENDING, gettext_noop("Sets the maximum number of simultaneously running WAL sender processes."), NULL @@ -2386,7 +2387,7 @@ static struct config_int ConfigureNamesInt[] = }, { - /* see max_connections */ + /* see max_wal_senders */ {"max_replication_slots", PGC_POSTMASTER, REPLICATION_SENDING, gettext_noop("Sets the maximum number of simultaneously defined replication slots."), NULL -- 2.40.0