| Subject | Database Shutdown |
|---|---|
| Author | Jim Starkey |
| Post date | 2004-05-05T22:56:31Z |
There currently doesn't seem to be an architecturally controlled
mechanism to shutdown all active providers. The servers currently use a
crock called JRD_shutdown_all() which breaks the architecture in so many
ways I don't even want to talk about it.
In the old days, shutdown wasn't much of an issue as the last attachment
to a database caused it to go away. This is clearly insufficient for a
modern server.
Among the option that we need to consider are:
1. Staged shutdown -- don't accept any more connections, continue to
service existing connections, and shutdown when the last goes away.
2. Panic shutdown -- shut down now!
3. Shutdown local providers
4. [Remote shutdown???]
If shutdown is limited to local providers (I guess each provider decides
whether it is local or not), then there are no security issues --
anybody who started something can certainly stop it. If the facility is
extended to remote connections, then something more robust is required.
Do we need a mechanism to shutdown specific databases in a process? If
so, is it the same mechanism or a different one?
The simpliest alternative is
void fb_shutdown_local (bool panic);
Comments?
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376
mechanism to shutdown all active providers. The servers currently use a
crock called JRD_shutdown_all() which breaks the architecture in so many
ways I don't even want to talk about it.
In the old days, shutdown wasn't much of an issue as the last attachment
to a database caused it to go away. This is clearly insufficient for a
modern server.
Among the option that we need to consider are:
1. Staged shutdown -- don't accept any more connections, continue to
service existing connections, and shutdown when the last goes away.
2. Panic shutdown -- shut down now!
3. Shutdown local providers
4. [Remote shutdown???]
If shutdown is limited to local providers (I guess each provider decides
whether it is local or not), then there are no security issues --
anybody who started something can certainly stop it. If the facility is
extended to remote connections, then something more robust is required.
Do we need a mechanism to shutdown specific databases in a process? If
so, is it the same mechanism or a different one?
The simpliest alternative is
void fb_shutdown_local (bool panic);
Comments?
--
Jim Starkey
Netfrastructure, Inc.
978 526-1376