Replication Manager Permanent Message Handling

Identifying Permanent Message Policies
Setting the Permanent Message Timeout
Adding a Permanent Message Policy to ex_rep_gsg_repmgr

As described in Permanent Message Handling, messages are marked permanent if they contain database modifications that should be committed at the replica. DB's replication code decides if it must flush its transaction logs to disk depending on whether it receives sufficient permanent message acknowledgments from the participating replicas. More importantly, the thread performing the transaction commit blocks until it either receives enough acknowledgments, or the acknowledgment timeout expires.

The Replication Manager is fully capable of managing permanent messages for you if your application requires it (most do). Almost all of the details of this are handled by the Replication Manager for you. However, you do have to set some policies that tell the Replication Manager how to handle permanent messages.

There are two things that you have to do:

Identifying Permanent Message Policies

You identify permanent message policies using the DB_ENV->repmgr_set_ack_policy() method. Note that you can set permanent message policies at any time during the life of the application.

The following permanent message policies are available when you use the Replication Manager:

Note

The following list mentions electable peer several times. This is simply another environment that can be elected to be a master (that is, it has a priority greater than 0). Do not confuse this with the concept of a peer as used for client to client transfers. See Client to Client Transfer for more information on client to client transfers.

  • DB_REPMGR_ACKS_ALL

    All replicas must acknowledge the message within the timeout period. This policy should be selected only if your replication group has a small number of replicas, and those replicas are on extremely reliable networks and servers.

  • DB_REPMGR_ACKS_ALL_AVAILABLE

    All currently connected replication clients must acknowledge the message. This policy will invoke the DB_EVENT_REP_PERM_FAILED event if fewer than a quorum of clients acknowledged during that time.

  • DB_REPMGR_ACKS_ALL_PEERS

    All electable peers must acknowledge the message within the timeout period. This policy should be selected only if your replication group is small, and its various environments are on extremely reliable networks and servers.

  • DB_REPMGR_ACKS_NONE

    No permanent message acknowledgments are required. If this policy is selected, permanent message handling is essentially "turned off." That is, the master will never wait for replica acknowledgments. In this case, transaction log data is either flushed or not strictly depending on the type of commit that is being performed (synchronous or asynchronous).

  • DB_REPMGR_ACKS_ONE

    At least one replica must acknowledge the permanent message within the timeout period.

  • DB_REPMGR_ACKS_ONE_PEER

    At least one electable peer must acknowledge the permanent message within the timeout period.

  • DB_REPMGR_ACKS_QUORUM

    A quorum of electable peers must acknowledge the message within the timeout period. A quorum is reached when acknowledgments are received from the minimum number of environments needed to ensure that the record remains durable if an election is held. That is, the master wants to hear from enough electable replicas that they have committed the record so that if an election is held, the master knows the record will exist even if a new master is selected.

By default, a quorum of electable peers must must acknowledge a permanent message in order for it considered to have been successfully transmitted.

Setting the Permanent Message Timeout

The permanent message timeout represents the maximum amount of time the committing thread will block waiting for message acknowledgments. If sufficient acknowledgments arrive before this timeout has expired, the thread continues operations as normal. However, if this timeout expires, the committing thread flushes its transaction log buffer before continuing with normal operations.

You set the timeout value using the DB_ENV->rep_set_timeout() method. When you do this, you provide the DB_REP_ACK_TIMEOUT value to the which parameter, and the timeout value in microseconds to the timeout parameter.

For example:

    dbenv->rep_set_timeout(dbenv, DB_REP_ACK_TIMEOUT, 100); 

This timeout value can be set at anytime during the life of the application.

Adding a Permanent Message Policy to ex_rep_gsg_repmgr

For illustration purposes, we will now update ex_rep_gsg_repmgr such that it requires only one acknowledgment from a replica on transactional commits. Also, we will give this acknowledgment a 500 microsecond timeout value. This means that our application's main thread will block for up to 500 microseconds waiting for an acknowledgment. If it does not receive at least one acknowledgment in that amount of time, DB will flush the transaction logs to disk before continuing on.

This is a very simple update. We can perform the entire thing immediately before we parse our command line options. This is where we configure our environment handle anyway, so it is a good place to put it.

    if ((ret = create_env(progname, &dbenv)) != 0)
        goto err;

    /* Default priority is 100 */
    dbenv->rep_set_priority(dbenv, 100);
    /* Permanent messages require at least one ack */
    dbenv->repmgr_set_ack_policy(dbenv, DB_REPMGR_ACKS_ONE);
    /* Give 500 microseconds to receive the ack */
    dbenv->rep_set_timeout(dbenv, DB_REP_ACK_TIMEOUT, 500);

    /* Collect the command line options */
    while ((ch = getopt(argc, argv, "h:l:L:p:r:")) != EOF)

    ...