[postgis-devel] Interrupt on SIGTERM

Greg Troxel gdt at lexort.com
Mon Feb 22 10:57:32 PST 2021 

> On Mon, Feb 22, 2021 at 9:18 PM Paul Ramsey <pramsey at cleverelephant.ca>
> wrote:

> > So, thanks to Sandro's good works over past years we have reasonable
> > handling of interrupts embedded in PostGIS and back into busy areas of GEOS
> > too. But, the interrupt signal we respect is SIGINT, which is what you can
> > generate with a ctrl-C in psql or hitting the stop button in pgadmin. This
> > is good and works. However, for system SHUTDOWN, the signal the system
> > sends is SIGTERM and we do... nothing with that signal. So a shutdown can
> > be paused until a statement completes, which can be quite a while.

Reading the ticket, it seems this is about not breaking out of a loop on
SIGINT.  So the ticket is not asking for SIGINT behavior on SIGTERM, but
SIGINT behavior on SIGINT.  Is that right?

> > I'm not sure if we should interupt on SIGTERM. I am going back and forth
> > just sitting here typing. I'm pretty sure PgSQL in general expects to allow
> > all running statements to complete before shutting down, which implies not
> > interrupting on SIGTERM. On the other hand, PgSQL has this OLTP assumption
> > pretty deeply built in that most statements just aren't expected to last
> > very long.

"Darafei \"Komяpa\" Praliaskouski" <me at komzpa.net> writes:

I'm coming at this with packager hat on.

> We should follow the signals in the Postgres doc:
> https://www.postgresql.org/docs/13/server-shutdown.html
>
> If someone wants fast shutdown they should issue a fast shutdown command
> which will trigger SIGINT which we handle. Recommended course of action is
> to change the shutdown method to fast rather than hacking postgis to
> support fast shutdown in smart mode.

This makes a lot of sense to me.

What I don't understand is that (ignoring emergency mode as something
that basically shouldn't be used), I see:

  fast shutdown: This does what I'd expect.  Orderly and fairly fast.

  smart shutdown: This is sort of what I'd expect, but not really.  I
  don't see that it prevents new transactions on existing connections.
  It would seem normal to me to open a db connection and stay open.   So
  I'd want this (deviating from pgsql doctrine I know) to additionally

    1) disallow new transactions

    2) have the server close connections if not in a transaction or when
    one finishes

    3) have some time bound, perhaps 30s, after which an in-progress
    transaction is subject to what  would happen in fast shutdown

Probably the theory is that if it's OS shutdown, the rest of the
programs are being shut down too and thus the client connections will be
closed.

In pkgsrc, control files express dependencies, so e.g. matrix-synapse
depends on pgsql, and they get tsorted so the synapse shutdown happens
first.  So by the time "/etc/rc.d/pgsql stop" is called, there will be
no clients and it will be fast, usually.   There are problems from time
to time with various packages not exiting in a timely manner after their
stop method is run.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.osgeo.org/pipermail/postgis-devel/attachments/20210222/1b450893/attachment.sig>

More information about the postgis-devel mailing list