sql, backupccl: make type, schema, database descriptors offline during RESTORE #53375
Assignees
Labels
A-disaster-recovery
A-schema-descriptors
Relating to SQL table/db descriptor handling.
C-cleanup
Tech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior.
release-blocker
Indicates a release-blocker. Use with branch-release-2x.x label to denote which branch is blocked.
Comments
thoszhang
added
C-cleanup
4 tasks
thoszhang
added
the
release-blocker
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently only tables have an offline state where they can't be resolved. During RESTORE, after descriptors are created, databases, schemas, and types are public for most of the duration of the restore job while the table data is being written. This means that nothing prevents them from undergoing user-initiated schema changes, for databases and schemas to get new child objects, etc.
If the job is canceled and needs to be cleaned up, we don't currently delete database descriptors if the database became non-empty, but we do delete schema descriptors without checking for this (and don't even drop the children), which is a bug and could lead to orphaned child objects.
Also during job cleanup, we delete non-table descriptors instead of going through the usual drop process, which could cause problems for leased descriptors (since there's no lease purging triggered by descriptors simply being deleted). This may not be very problematic in practice, but it's something to consider.
The proposed solution is to give all the descriptors an offline state and use it during RESTORE. Descriptors would only become public after the table data has been restored (which is the current behavior for tables).
The text was updated successfully, but these errors were encountered: