Wed Sep 20 08:25:50 PDT 2006
- Previous message: [Slony1-general] service needs (was: Migrating From gBorg)
- Next message: [Slony1-general] service needs (was: Migrating From gBorg)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrew Sullivan <ajs at crankycanuck.ca> writes: > I'm going to take this list, and expand it some, in point form. > > On Tue, Sep 19, 2006 at 10:27:03AM -0700, Darcy Buskermolen wrote: >> Ok well then at this end, lets all start compiling a list of reqirements for >> the slony project. >> >> 1) Reliable, redundent, distributed infrasctructure (manpower, hardware, >> bandwith) > > I. On service availability > > A. Reliable infrastructure > > 1. Service uptime (!= individual server uptime, maybe) > > 2. Network uptime > > 3. In case of service failure, individuals must be available to > solve the problem > > a. there should always be at least two people in the project > who know how to repair any given service > > b. there should always be at least two such people who have the > access rights to repair any given service > > c. there should always be at least two such people who have > the authority to decide to repair any given service > > d. ideally, the "at least two people" principle above means > "at any one time". So when people take vacation, are offline, &c., > someone else should be able to step in. [additional material omitted...] It seems to me that this (particularly for the later sections) may be overkill as far as Slony-I is concerned, and that this may be better directed as an indication of what is needed for the postgresql.org domain. For instance, > 2. To the extent technically feasible, every project-critical > service should be delivered from at least two geographically and > topologically distributed locations. seems less than likely to be easily accomplished when there seems to be essentially one server on offer for Slony-I, by whichever of the available schemes it might be hosted. That's not to say, at all, that this is useless material; there may be reasonable responses/actions for each of these points. > 2. A communication plan for failures is at least as important as > the ability to fix problems: a well-communicated failure with > information well-distributed to the community will cause less damage > than one poorly acknowledged. If someone had had a copy of the list of all subscribers to the Slony-I mailing lists, that would have offered the opportunity for them to at least send out a note to that list indicating the nature of the problem. I know David Fetter and Jan Wieck have access to that; if both were prepared to take responsibility for periodically pulling subscriber lists, that would be a cheap form of distributed protection against that particular failure. I imagine that I ought to have access to that too; that can get fixed later :-). No doubt the list of things like this goes on. This material would doubtless be useful to the -www list as guidelines as to determining reliability for the postgresql.org domain and related places. -- let name="cbbrowne" and tld="ca.afilias.info" in String.concat "@" [name;tld];; <http://dba2.int.libertyrms.com/> Christopher Browne (416) 673-4124 (land)
- Previous message: [Slony1-general] service needs (was: Migrating From gBorg)
- Next message: [Slony1-general] service needs (was: Migrating From gBorg)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Slony1-general mailing list