pgdo-cli 0.5.6

The convenience of SQLite – but with PostgreSQL (Command-line application)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332

use std::{
    path::{Path, PathBuf},
    process::ExitCode,
    sync::{PoisonError, RwLock},
};

use either::{Left, Right};
use miette::IntoDiagnostic;
use shell_quote::{QuoteRefExt, Sh};

use super::ExitResult;
use crate::{args, runner};

use pgdo::{
    cluster::{self, backup, resource, ClusterError},
    coordinate::{cleanup::with_cleanup, finally::with_finally, State},
};

/// Point-in-time backup for an existing cluster.
///
/// This configures continuous WAL (Write-Ahead Log) archiving into a `wal`
/// subdirectory of the given `--into` directory. Logs will be archived whenever
/// the cluster is running, as long as that `wal` directory exists. After
/// configuring WAL archiving, a "base" backup of the whole cluster is performed
/// into a separate subdirectory of the given `--into` directory.
///
/// Subsequent runs of this command will perform additional base backups –
/// without overwriting previous backups. These can make recovery faster.
///
/// **Note** that both the WAL archives and the base backup are required to
/// restore/recover a cluster. The `restore` command knows how to use these.
#[derive(clap::Args)]
#[clap(next_help_heading = Some("Options for backup"))]
pub struct Backup {
    #[clap(flatten)]
    pub cluster: args::ClusterArgs,

    /// The directory into which to write backups.
    #[clap(long = "into", value_name = "BACKUP_DIR", display_order = 100)]
    pub backup_dir: PathBuf,
}

impl Backup {
    pub fn invoke(self) -> ExitResult {
        let Self { cluster, backup_dir } = self;

        let (datadir, lock) = runner::lock_for(cluster.dir)?;
        let strategy = runner::determine_strategy(None)?;
        let cluster = cluster::Cluster::new(datadir, strategy)?;
        let resource = resource::ResourceFree::new(lock, cluster);
        backup(resource, backup_dir)?;

        Ok(ExitCode::SUCCESS)
    }
}

impl From<Backup> for super::Command {
    fn from(backup: Backup) -> Self {
        Self::Backup(backup)
    }
}

// ----------------------------------------------------------------------------

/// Internal tools for assisting with Continuous Archiving and Point-in-Time
/// Recovery (PITR) backups.
///
/// <https://www.postgresql.org/docs/current/continuous-archiving.html>
#[derive(clap::Args)]
#[clap(next_help_heading = Some("Options for backup:tools"))]
pub struct BackupTools {
    #[clap(subcommand)]
    command: BackupTool,
}

impl BackupTools {
    pub fn invoke(self) -> ExitResult {
        match self.command {
            BackupTool::WalArchive { source, target } => Ok(copy_wal_archive(source, target)),
        }
    }
}

impl From<BackupTools> for super::Command {
    fn from(tools: BackupTools) -> Self {
        Self::BackupTools(tools)
    }
}

#[derive(clap::Subcommand)]
pub(crate) enum BackupTool {
    /// Copy a WAL file to an archive; used in `archive_command`.
    #[clap(name = "wal:archive", display_order = 1)]
    WalArchive {
        /// Source WAL file path (corresponds to %p in `archive_command`).
        source: PathBuf,
        /// Destination WAL file path (corresponds to some/where/%f in `archive_command`).
        target: PathBuf,
    },
}

// ----------------------------------------------------------------------------

/// Perform a backup of the given `resource` to `backup_dir`.
///
/// This is a twofold process:
/// - Configure archiving into `backup_dir`.
/// - Perform a base backup into `backup_dir`.
///
/// TODO: Clean up old WAL files?
///
/// TODO: Handle table-spaces?
///
fn backup<D: AsRef<Path>>(resource: resource::ResourceFree, backup_dir: D) -> miette::Result<()> {
    // `Backup::prepare` creates `backup_dir` and the WAL archive directory if
    // these do not exist, and allocates a temporary location for the base
    // backup.
    let backup = {
        let rt = tokio::runtime::Runtime::new().into_diagnostic()?;
        rt.block_on(async { backup::Backup::prepare(&backup_dir).await })
            .into_diagnostic()?
    };

    log::info!("Starting cluster (if not already started)…");
    let (started, resource) = resource::startup_if_exists(resource, &[])?;
    // Wrap `resource` in an `RwLock` so that we can pass it around AND so that
    // `do_cleanup` can reference it in its closure.
    let resource = RwLock::new(resource);

    // Shuts down the cluster if we started it.
    let do_cleanup = || -> Result<State, ClusterError> {
        match (started, resource.read().as_deref()) {
            (State::Modified, Ok(Right(resource))) => {
                // We started the cluster AND we have an exclusive resource, so
                // we try to shut it down.
                log::info!("Shutting down cluster…");
                resource.facet().stop()
            }
            (State::Modified, Ok(Left(_)) | Err(_)) => {
                // Somehow we started the cluster BUT we have only a shared
                // resource – or a poisoned resource lock. Neither of those
                // should happen, but it's possible.
                log::warn!(concat!(
                    "Cluster was started for backup, but it cannot now be shut down; ",
                    "please shut it down manually."
                ));
                Ok(State::Unmodified)
            }
            (State::Unmodified, Ok(_)) => {
                // We didn't start the cluster, so do nothing.
                Ok(State::Unmodified)
            }
            (State::Unmodified, Err(_)) => {
                // Ignore lock poisoning errors.
                Ok(State::Unmodified)
            }
        }
    };

    // The command we use to copy WAL files to `destination_wal`.
    // <https://www.postgresql.org/docs/current/continuous-archiving.html#BACKUP-ARCHIVING-WAL>.
    let archive_command = {
        let pgdo_exe = std::env::current_exe().into_diagnostic()?;
        let pgdo_exe_shell = String::from_utf8(pgdo_exe.quoted(Sh)).into_diagnostic()?;
        let destination_wal_shell =
            String::from_utf8(backup.backup_wal_dir.quoted(Sh)).into_diagnostic()?;
        format!("{pgdo_exe_shell} backup:tools wal:archive %p {destination_wal_shell}/%f")
    };

    // Configure the cluster to continuously archive WAL files. This may require
    // a restart of the cluster on the first time through.
    let needs_restart = with_cleanup(do_cleanup, || {
        let rt = tokio::runtime::Runtime::new()?;
        rt.block_on(async {
            match resource.read().as_deref() {
                Ok(resource) => {
                    backup
                        .do_configure_archiving(resource, &archive_command)
                        .await
                }
                Err(err) => panic!("Could not acquire resource: {err}"),
            }
        })
    })?;

    if needs_restart {
        log::info!("The cluster must be restarted so that configuration changes come into effect.");
        match resource.read().as_deref() {
            Ok(Left(_)) => {
                // Need to restart the cluster BUT we do NOT have an exclusive lock.
                Err(backup::BackupError::GeneralError(
                    concat!(
                        "The cluster is in use, and so cannot be restarted automatically. ",
                        "Please restart the cluster manually then try this backup again.",
                    )
                    .into(),
                ))?;
            }
            Ok(Right(resource)) => {
                // Need to restart the cluster AND we have an exclusive lock.
                let facet = resource.facet();
                with_cleanup(do_cleanup, || {
                    log::info!("Restarting cluster; stopping…");
                    facet.stop().and_then(|_| {
                        log::info!("Restarting cluster; starting up again…");
                        facet.start(&[])
                    })
                })?;
            }
            Err(err) => panic!("Could not acquire resource: {err}"),
        };
    }

    log::info!("Performing base backup…");
    let destination_data = match resource.read().as_deref() {
        Ok(resource) => with_finally(do_cleanup, || {
            let rt = tokio::runtime::Runtime::new()?;
            rt.block_on(async { backup.do_base_backup(resource).await })
        }),
        Err(err) => panic!("Could not acquire resource: {err}"),
    }?;
    log::info!("Base backup complete; find it at {destination_data:?}");

    // Explicitly release resources, but allow the `ResourceFree` that we get
    // back to immediately be dropped. This allows errors to be visible.
    //
    // NOTE: The `unwrap_or_else` is to deal with lock poisoning. `PoisonError`
    // captures the panic that poisoned the lock, which can reference variables
    // in the function – which in turn can upset the compiler if we return the
    // `PoisonError` from this function, i.e. it sees lifetime violations. These
    // are confusing to diagnose. Anyway, while we don't expect poisoning, it is
    // in the types and so we must deal with it.
    resource
        .into_inner()
        .unwrap_or_else(PoisonError::into_inner)
        .either(
            resource::ResourceShared::release,
            resource::ResourceExclusive::release,
        )?;

    Ok(())
}

/// Copy a WAL archive file. Used in `archive_command`.
fn copy_wal_archive(source: PathBuf, target: PathBuf) -> ExitCode {
    use std::{
        fs::File,
        io::{self, BufRead, ErrorKind::AlreadyExists, Write},
    };
    // Avoid loading entire WAL files into memory. Context: I've read that WAL
    // files can grow to be pretty large (`wal_segment_size`, with a default of
    // 16MiB, multiplied by the number of segments – which can vary, and grow
    // large esp. when there is sustained write activity).
    match File::open(&source) {
        Ok(file_source) => {
            // Try to open the target archive file.
            match File::options().write(true).create_new(true).open(&target) {
                // Target archive file is ready to write.
                Ok(file_target) => {
                    log::info!("WAL archiving from {source:?} to {target:?}");
                    let mut reader = io::BufReader::new(&file_source);
                    let mut writer = io::BufWriter::new(&file_target);
                    match io::copy(&mut reader, &mut writer)
                        .and_then(|_| writer.flush())
                        .and_then(|_| file_target.sync_all())
                    {
                        Ok(()) => ExitCode::SUCCESS,
                        Err(err) => {
                            log::error!("WAL archive failure; error while copying: {err}");
                            ExitCode::FAILURE
                        }
                    }
                }
                // Target archive file already exists.
                Err(err) if err.kind() == AlreadyExists => {
                    // Try to open target archive file to compare contents with
                    // source archive file.
                    match File::open(&target) {
                        // Target archive file is ready to read.
                        Ok(file_target) => {
                            let mut reader_source = io::BufReader::new(&file_source);
                            let mut reader_target = io::BufReader::new(&file_target);
                            loop {
                                let (bytes_source, bytes_target) = {
                                    let buf_source = match reader_source.fill_buf() {
                                        Ok(buf) => buf,
                                        Err(err) => {
                                            log::error!("WAL archive failure; error reading {source:?}: {err}");
                                            break ExitCode::FAILURE;
                                        }
                                    };
                                    let buf_target = match reader_target.fill_buf() {
                                        Ok(buf) => buf,
                                        Err(err) => {
                                            log::error!("WAL archive failure; error reading {target:?}: {err}");
                                            break ExitCode::FAILURE;
                                        }
                                    };
                                    if buf_source.is_empty() && buf_target.is_empty() {
                                        log::info!("WAL file {source:?} already archived okay");
                                        break ExitCode::SUCCESS;
                                    } else if buf_source != buf_target {
                                        log::error!("WAL file {source:?} already archived to {target:?} **BUT CONTENTS DIFFER**");
                                        break ExitCode::FAILURE;
                                    };
                                    (buf_source.len(), buf_target.len())
                                };
                                reader_source.consume(bytes_source);
                                reader_target.consume(bytes_target);
                            }
                        }
                        // Target archive file cannot be read.
                        Err(err) => {
                            log::error!("WAL archive failure; error accessing {target:?}: {err}");
                            ExitCode::FAILURE
                        }
                    }
                }
                // Target archive file cannot be opened for writing.
                Err(err) => {
                    log::error!("WAL archive failure; error accessing {target:?}: {err}");
                    ExitCode::FAILURE
                }
            }
        }
        // Source archive file cannot be read.
        Err(err) => {
            log::error!("WAL archive failure; error accessing {source:?}: {err}");
            ExitCode::FAILURE
        }
    }
}