Integer determining how many replicas shardmanctl should configure for each DBMS. This setting can only be changed for a Postgres Pro Shardman cluster with a manual-topology mode.

Allows you to specify a directory other than the default one (/var/lib/pgpro/sdm-17/data) for storing data. This parameter cannot be changed after the cluster has been initialized.

Ports starting with this integer are assigned to PostgeSQL instances. This parameter cannot be changed after the cluster has been initialized.

Ports starting with this integer are assigned to Silk (Postgres Pro Shardman InterLinK) instances. This parameter cannot be changed after the cluster has been initialized.

Authentication method used by the administrative user to connect to the DBMS. Can be any authentication method supported by PostgreSQL. scram-sha-256 is currently recommended. md5 is currently allowed but not recommended. This parameter cannot be changed after the cluster has been initialized. Located under a separate Users block for each array element.

Default: trust.

An array that can have two possible values, su for superuser or repl for replication.

Defines settings for the secure HTTP/HTTPS connection, with Port being an API port, and PortMetrics being a port for the metrics. If these ports are the same, then API and metrics listen to the same port.

Default: 15432.

Name of the user. Created on cluster initialization. Defaults to the name of the effective user running shardmanctl init. This parameter cannot be changed after the cluster has been initialized. Located under a separate Users block for each array element.

Password for the user. Can be changed using shardmanctl config update credentials. Located under a separate Users block for each array element.

Client certificate for the administrative DBMS user.

Location of the root certificate file for the DBMS user connection.

Client private key for the administrative DBMS user.

SSL mode for the DBMS user. Allowed values: verify-ca and verify-full.

Client certificate for the replication DBMS user.

Client private key for the replication DBMS user.

Shard cluster specification. For more details, see ShardSpec Parameters. Can be changed using shardmanctl config update.

This object contains FDW settings.

These settings can be changed using shardmanctl config update (with the exception of settings related to authorization, server connection, SSL and Kerberos, as well as the service, target_session_attrs options).

Foreign servers corresponding to Postgres Pro Shardman replication groups will also get extended_features setting automatically enabled. Never set this parameter for postgres_fdw foreign servers which you define for your own purposes (for example, to load data into Postgres Pro Shardman cluster).

JSON array of pg_hba.conf strings. The default value allows user from the su group access from anywhere with AuthMethod authentication method. If the value of defaultSUReplAccessMode is strict, pg_hba.conf strings must explicitly allow users from the groups su or repl access from all Postgres Pro Shardman cluster nodes.

Cluster software does not fail even if writing to pg_hba.conf is forbidden.

When enabled, it sets a peer authentication via unix socket for the postgres user, if strictUserHBA is not set to true.

Default: false.

Maximum number of required synchronous standbys when synchronous replication is enabled. Should be >= Repfactor in a Postgres Pro Shardman cluster. Default: Repfactor.

Prohibits adding automatically generated lines to pg_hba.conf file. Default: false.

Determines whether a DBMS instance should be automatically restarted after a change of the pgParameters hash table that requires a restart. Should be enabled in a Postgres Pro Shardman cluster.

Default: true.

Enable master demotion in case the replica group master has lost connectivity with etcd. The master attempts to connect to each of its standby nodes to determine if any of them has become the master. If it discovers another master, it shuts down its own DBMS instance until the connectivity with etcd is restored. If the master fails to connect to one of its standby nodes for a long time, a DBMS instance shutdown occurs.

Default: false.

The timeout during which the master attempts to connect to its standbys in cases where connectivity with etcd is lost. Works only if the masterDemotionEnabled parameter is set to true.

Default: 30s.

Enable the monitor for the MinSynchronousStandbys value for every replica group. If a node loses connection with the cluster (all keepers are unhealthy: a keeper does not update its state longer than minSyncMonitorUnhealthyTimeout), the monitor decreases the MinSynchronousStandbys value for every replica group related to the disconnected node to the maximum available value. This allows preventing the read-only condition caused by the fake replica. The maximum available value is always less than or equal to the value specified in the cluster configuration. If all keepers related to the disconnected node become healthy, the monitor changes MinSynchronousStandbys value for the replica group to the value specified in the cluster configuration.

Default: false.

Time interval after which the node (and all keepers related to this node) will be considered in an unhealthy condition. Works only if the minSyncMonitorEnabled parameter is set to true.

Default: 30s.

Enable the monitor that creates a syncpoint every minute, ensuring the Postgres Pro Shardman can restore to a consistent LSN. At each syncpoint, the cluster's state is consistent, meaning that all transactions are complete. If this parameter is set to true, PITR will be guaranteed to work. syncPointMonitorEnabled saves the syncpoint history in etcd with the shardman/{cluster_name}/data/cluster/syncpoints key.

Default: false.

Specifies the limit for the size of the syncpoint history saved by syncPointMonitorEnabled.

Default: 60.

Specifies how often a syncpoint is created (seconds).

Default: 60 seconds.

Enables monitor that periodically creates syncpoints.

Default: true.

Amount of the most recent syncpoints stored.

Default: 60.

Disables the shardmanSchemaDumpMonitorDisabled monitor that periodically creates a dump of the shardman schema.

Default: true.

Sets how often the shardmanSchemaDumpMonitor monitor creates a dump.

Default: every 20 minutes.

Hash table that determines PostgreSQL settings, including settings for a distributed system.

If enabled, new BiHA followers and referee-with-wal will use probackup as synchronization method.

If enabled, custom plans can be created to execute statements inside SQL functions. These plans depend on the parameter values.

Query plans can be cached within one query. First, the plan is built five times with different parameter values, then a generic plan is created regardless of the values. If custom and generic plan price is slightly different, then the generic plan is cached and is set to be used in the future. However, custom plans allow a more effective way of excluding queries to the sharded table partitions if the choice of these partitions depends on the query option.

Default: off.

Enables the use of MergeAppend plans by the query planner.

Default: on.

Enables or disables the query planner's use of async-aware merge append plan types. The default is on.

Specifies the minimal age of records that are allowed to be vacuumed, in seconds.

For distributed system specifics, see csn_snapshot_defer_time.

All global transactions must start on all participant nodes within csn_snapshot_defer_time seconds after start, otherwise, they are aborted with a “csn snapshot too old” error.

Default: 15.

Specifies the maximum possible clock skew (in nanoseconds) in the cluster. Adds a delay before every commit in the system to ensure external consistency. If set to 0, external consistency is not guaranteed. Value suffixes ns, us, ms and s are allowed.

Default: 0.

Size of CSNLSNMap.

The commit record of each completed transaction in Postgres Pro Shardman contains the assigned CSN for this transaction. This value, together with the LSNof this record, forms a pair of values (CSN, LSN). Each of the cluster nodes stores a certain number of such pairs in RAM in a special structure - the CSNLSNMap. This map is used to get the syncpoint. See the “Syncpoints and Consistent Backup” section of the Internals chapter for more information.

Default: 1024.

When checked against the csn_max_shift value, raises an error if the csn_max_shift value is exceeded.

Default: off.

Maximum CSN shift in seconds for distributed queries and imported snapshots. If the shift exceeds the csn_max_shift value, an error or warning will occur. If the value is set to 0, no check is run.

Default: 15 seconds.

Specifies how often foreign statistics should be gathered during autovacuum, in seconds. If the value of foreign_analyze_interval is less than autovacuum_naptime, foreign statistics will be gathered each autovacuum_naptime seconds.

Default: 60.

Turns on a fast path for foreign join planning. When it is on, foreign join paths for SELECT queries are searched before all other possible paths and the search stops for a join as soon as a foreign join path is found.

Default: off.

A TCP port the server listens on. For a Postgres Pro Shardman cluster, the port is assigned automatically by the system and is based on the PGsInitialPort parameter. If changed manually, the value will be overwritten by the configuration parameter that is automatically assigned.

Enables the extended partition pruning for the prepared queries with a known partitioning key. If turned on, the partition-wise join plans can be pruned.

Default: off.

Turns on alternative estimations for foreign join costs, which highly increases chances for join of several foreign tables referring to the same server to be pushed down. The cost of original join is estimated as (1 - 1/(cost + 1)), where cost is an originally estimated cost for this remote join.

Default: off.

Defines how to include the EXPLAIN command output from the remote servers if the query plan contains ForeignScan nodes. The possible values are: none to exclude the EXPLAIN output from the remote servers, full to include the EXPLAIN output from the remote servers, collapsed to include the EXPLAIN output only for the first ForeignScan node under its Append/MergeAppend.

Default: collapsed.

Sets postgres_fdw to use the two-phase commit (2PC) protocol for distributed transactions.

This postgres_fdw parameter forces it to use a two-phase commit if the transaction touches several nodes. When set to auto, a two-phase commit is only used in transactions with enable_csn_snapshot=true and isolation level equal to or higher than REPEATABLE READ.

Temporary tables cannot be used in 2PC transactions.

Default: auto.

When enabled, sorting on the remote server is considered if it allows performing MergeJoin or MergeAppend operations. This parameter is enabled by default in new installations but must be explicitly enabled in upgraded clusters.

Sets Postgres Pro Shardman extension to broadcast DDL statements to all replication groups.

When this parameter is on, Postgres Pro Shardman extension broadcasts supported DDL statements to all replication groups if it does make sense for those statements. You can enable/disable this behavior anytime. This parameter is not honored when set in configuration file. Note that it does not affect sequences, as they are only created per shard.

Default: off.

Enable pushing down limit clauses through the underlying appends. When on, Postgres Pro Shardman optimizer will try to push down a limit clause to the subpaths of the underlying Append/MergeAppend plan node if they reference postgres_fdw foreign tables. This optimization works only for SELECT plans when limit option is represented as a constant or a parameter. It is also restricted for Append paths, corresponding to a partitioned table.

Default: on.

Specifies the default number of sharded table partitions.

A sharded table has this default number of partitions unless num_parts is specified in CREATE TABLE.

To allow scaling, shardman.num_parts should be larger than the expected maximum number of nodes in a Postgres Pro Shardman cluster.

Possible values are from 1 to 1000.

Default: 20.

Specifies the replication group ID of a Postgres Pro Shardman node.

This parameter is set by Postgres Pro Shardman utilities when the node is added to the cluster and should never be changed manually.

Default: -1.

Sets Postgres Pro Shardman to propagate all DDL statements that touch sharded and global relations to all replication groups.

When this parameter is on, Postgres Pro Shardman broadcasts all supported utility statements touching sharded and global relations to all replication groups. It is not recommended to turn this off. This parameter is not honored when set in configuration file. It can only be modified by admins.

Default: on.

Enables cluster-wide synchronization of configuration parameters set by user. The configuration parameters are propagated with each remote query.

Default: on.

Excludes the options not to be propagated to a remote cluster.

Default: local system configuration parameters that are never synchronized.

Switches between modes of query planning/execution. Possible values are none and text.

none means that query planning/execution will not use the Silk transport.

text means that the text query representation is transferred via Silk transport for remote execution.

Default: none.

Silk transport uses IP address specified by this parameter for node identification. If the host name is specified, it is resolved and the first IP address corresponding to this name, is used.

Default: node hostname.

The Silk routing daemon listens for incoming connections on this IP address. If the host name is specified, it is resolved and the first IP address corresponding to this name, is used.

Default: node hostname.

The Silk routing daemon listens for incoming connections on this port. This setting should be the same for all nodes in the Postgres Pro Shardman cluster.

Default: 8888.

Enables tracing of queries passing through the Silk pipeline. The tracing results can be accessed by running the EXPLAIN command with ANALYZE set to ON.

Default: off.

Number of background workers allocated for distributed execution. This setting must be less than max_worker_processes (including auxilary postgres worker processes).

Default: 2.

Sets the base maximum amount of memory to be used by a Silk stream (as a buffer size) before writing to the temporary disk files. If this value is specified without units, the default is kilobytes.

Note that most queries can perform multiple fetch operations at the same time, usually one for each remote partition of a sharded table, if any. Each fetch operation is generaly allowed to use as much memory as this value specifies before it starts to write data into temporary files. Also, several running sessions can execute such operations concurrently. Therefore, the total memory used by Silk for buffers could be many times the value of shardman.silk_stream_work_mem and is correlated with shardman.num_parts. Thus, mind this fact when choosing the value.

Default: 16MB.

Number of rows in a chunk that the silkworm worker extracts and sends to the multiplexer as a result, per one reading iteration.

Default: 100.

Size of queue for jobs that have not yet been assigned to the silkworm multiplexer workers, in case all the workers are busy.

Default: 1024.

Maximum message size that can be transfered with Silk, in bytes. Note that this parameter does not limit the maximum size of the result returned by the query. It only affects messages sent to workers. Increasing this parameter value will result in a proportional memory increase consumed by Postgres Pro Shardman. It is strongly recommended to use the default value unless there is an urgent need.

Default: 524288.

Handshake timeout between multiplexers of different nodes, in seconds.

Default: 3.

Enables additional CPU scheduling settings for multiplexer processes (silkroad and silkworm).

When this parameter is fifo, Postgres Pro Shardman assigns scheduling policy SCHED_FIFO for processes silkroad and each of silkworm. It assigns the static schediling priority (sched_priority) to values shardman.silkroad_sched_priority and shardman.silkworm_sched_priority respectively.

This setting improves silk transport performance while it operates under heavy CPU load.

Note that postgres binary need to have CAP_SYS_NICE capability to use this option. If no appropriate capability was assigned to the process, enabling this setting will have no effect. The capability must be assigned to postgres binary before starting postgres. postgres (i.e. processes silkroad and silkworm) will apply scheduling options once during service start. You need restart postgres service if you want to change scheduling options.

Default: none.

Value of static scheduling priority (sched_priority) for silkroad process. It only makes sense if shardman.silk_scheduler_mode equals to 'fifo'.

Default: 2.

Value of static scheduling priority (sched_priority) for silkworm processes (the same value for each of them). It only makes sense if shardman.silk_scheduler_mode equals to 'fifo'.

Default: 1.

Enables pinning of multiplexer processes (silkroad and silkworm) to CPU cores to eliminate negative effects of thread's cross-cpu migration.

When this parameter is true, silkroad process will be pinned to the first available CPU core and silkworm processes (all of them) will pinned to all available CPU cores except the first one.

This setting improves silk transport performance while it operates under heavy CPU load.

Note that postgres binary need to have CAP_SYS_NICE capability to use this option. If no appropriate capability was assigned to the process, enabling this setting will have no effect. The capability must be assigned to postgres binary before starting postgres. postgres (i.e. processes silkroad and silkworm) will apply affinity options once during service start. You need restart postgres service if you want to change affinity options.

Default: false.

Controls the mode of handling read events. It has three possible values: none, round_robin, and shortest_job_first.

The none mode means no control nor additional overhead. Yet in this case, the channel may become occupied by just one distributed query.

The round_robin mode means the events created earlier are the first ones to be processed, for each event loop. If enabled, all the backends are grouped, and the client backends are prioritized over the other.

The shortest_job_first mode means full control over the traffic. If enabled, all the backends are grouped, and the client backends are prioritized over the others, along with the workers with the least session traffic.

Default: round_robin.

Enables or disables the metrics with prefix transferred_ and time-based metrics (with prefixes read_efd_, write_efd_, and sort_time_). If disabled, these metrics have 0 values.

Default: off.

Enables or disables Silk logging.

Default: off.

Defines the Silk message categories to be traced.

Default:streams, routing, events.

Name of the database that all Silk workers connect to.

Default: postgres.

shardman.monitor_interval is deprecated and acts as noop.

Use shardman.monitor_dxact_interval instead.

Interval between checks for outdated prepared transactions.

The Postgres Pro Shardman monitor background process wakes up every shardman.monitor_dxact_interval seconds and attempts to check and resolve any prepared transactions that did not complete and became outdated for some reason. To resolve these transactions, the Postgres Pro Shardman monitor process determines the coordinator of the transaction and requests the transaction status from the coordinator. Based on the status of the transaction, Postgres Pro Shardman monitor will either roll back or commit the transaction.

To disable the prepared transaction resolution logic, set shardman.monitor_dxact_interval to 0.

Default: 5 (seconds).

Each cluster node freezes its own xmin value for csn_snapshot_defer_time seconds to support global transactions. Large csn_snapshot_defer_time values can negatively impact the performance. Postgres Pro Shardman monitor has a routine that every shardman.monitor_trim_csnxid_map_interval seconds updates xmin on all nodes to the minimum possible value (taking into account active transactions).

The background routine will run on only one node in the Postgres Pro Shardman cluster. Note that this will give an additional load on this node.

To disable such updates, set shardman.monitor_trim_csnxid_map_interval to 0.

Default: 5 (seconds).

Is automatically set during the shardmanctl init for users from the admin group, and then takes effect with shardmand on each instance by creating this user and granting it with the following privileges:

  -- Prepared xacts resolver
GRANT EXECUTE ON FUNCTION shardman.xact_status TO $uname;
GRANT pg_manage_transactions TO $uname;
-- Deadlock detector
GRANT SELECT ON TABLE shardman.lock_graph TO $uname;
GRANT EXECUTE ON FUNCTION shardman.vxid_current TO $uname;
GRANT pg_read_all_stats TO $uname;
-- CSN trimmer
GRANT EXECUTE ON FUNCTION shardman.oldest_csn_snapshot TO $uname;
GRANT EXECUTE ON FUNCTION pg_trim_csnxid_map TO $uname;

After this, deadlock detector, monitor of hanging transactions, and trimming by CSN is executed under this user.

Note that this is done automatically for the certified version and should not be tempered with unless in case of a reasonable necessity.

Maximum allowed age of prepared transactions before a resolution attempt.

During the resolution of a prepared transaction, Postgres Pro Shardman monitor determines whether the transaction is outdated or not. A transaction becomes outdated if it was prepared more than shardman.monitor_dxact_timeout seconds ago.

Default: 5 (seconds).

Specifies the minimum delay between xmin updates on all nodes. See shardman.monitor_trim_csnxid_map_interval for more information.

Possible values are from 1 to 600.

Default: 5.

Interval between checks for distributed deadlock conditions.

The Postgres Pro Shardman monitor background process wakes up every shardman.monitor_deadlock_interval seconds and searches for distributed deadlocks in the cluster. It gathers information about mutual locks from all nodes and looks for circular dependencies between transactions. If it detects a deadlock, it resolves it by canceling one of the backend processes involved in the lock.

To disable the distributed deadlock resolution logic, set shardman.monitor_deadlock_interval to 0.

Default: 2 (seconds).

Enables remote plan caching for FDW queries produced by locally cached plans.

Default: off.

Specifies how much memory per worker can be used for remote plan caches.

Default: 0 (caches are disabled).

Specifies the buffer size for INSERT and DELETE commands executed on a global table.

Default: 64K.

The statistics for the network latency (wait time) for inter-cluster operations, in milliseconds. It can be accessed by running the EXPLAIN command with the network parameter enabled.

Default: on.

Enables or disables statistics collection for time spent on a transaction.

Default: off.

Enables the optimizer to generate additional non-equivalence conditions using equivalence classes.

Default: off.

Enables the optimizer to generate additional conditions from the IN () expression.

Default: off.

Specifies the list of system users for which no exchange of information on authorization events between Postgres Pro Shardman cluster nodes takes place and which cannot be locked. They, however, can be authorized on a Postgres Pro Shardman standby.

If the list of such users has not changed since Postgres Pro Shardman installation, you do not need to specify this setting.

This list includes the hardcoded users postgres and biha_replication_user. So to avoid server connection errors, add these users to the value of this configuration parameter, for example:

shardmanctl config update '{"pgParameters": {"shardman.extended_password_policies_skip_users": "postgres,biha_replication_user,some_user"}}' -p --force -y

Note that if any of the hardcoded users was replaced by some other user during the installation, the replaced user does not need to be listed.

Default: postgres, biha_replication_user.

If enabled, all extended password policies are applied cluster-wide. E.g. profile-related counters synchronize cluster-wide, which can be useful for FAILED_LOGIN_ATTEMPTS. If disabled, each node has its own counters.

Default: off.