1<!--$Id: recovery.so,v 10.35 2005/06/16 17:52:20 bostic Exp $--> 2<!--Copyright (c) 1997,2008 Oracle. All rights reserved.--> 3<!--See the file LICENSE for redistribution information.--> 4<html> 5<head> 6<title>Berkeley DB Reference Guide: Recovery procedures</title> 7<meta name="description" content="Berkeley DB: An embedded database programmatic toolkit."> 8<meta name="keywords" content="embedded,database,programmatic,toolkit,btree,hash,hashing,transaction,transactions,locking,logging,access method,access methods,Java,C,C++"> 9</head> 10<body bgcolor=white> 11<a name="2"><!--meow--></a> 12<table width="100%"><tr valign=top> 13<td><b><dl><dt>Berkeley DB Reference Guide:<dd>Berkeley DB Transactional Data Store Applications</dl></b></td> 14<td align=right><a href="/transapp/logfile.html"><img src="/images/prev.gif" alt="Prev"></a><a href="/toc.html"><img src="/images/ref.gif" alt="Ref"></a><a href="/transapp/hotfail.html"><img src="/images/next.gif" alt="Next"></a> 15</td></tr></table> 16<p align=center><b>Recovery procedures</b></p> 17<p>The fifth component of the infrastructure, recovery procedures, concerns 18the recoverability of the database. After any application or system 19failure, there are two possible approaches to database recovery:</p> 20<ol> 21<p><li>There is no need for recoverability, and all databases can be re-created 22from scratch. Although these applications may still need transaction 23protection for other reasons, recovery usually consists of removing the 24Berkeley DB environment home directory and all files it contains, and then 25restarting the application. 26Such an application may use the <a href="/api_c/db_set_flags.html#DB_TXN_NOT_DURABLE">DB_TXN_NOT_DURABLE</a> flag to avoid 27writing log records. 28<p><li>It is necessary to recover information after system or application 29failure. In this case, recovery processing must be performed on any 30database environments that were active at the time of the failure. 31Recovery processing involves running the <a href="/utility/db_recover.html">db_recover</a> utility or 32calling the <a href="/api_c/env_open.html">DB_ENV->open</a> method with the <a href="/api_c/env_open.html#DB_RECOVER">DB_RECOVER</a> or 33<a href="/api_c/env_open.html#DB_RECOVER_FATAL">DB_RECOVER_FATAL</a> flags. 34<p>During recovery processing, all database changes made by aborted or 35unfinished transactions are undone, and all database changes made by 36committed transactions are redone, as necessary. Database applications 37must not be restarted until recovery completes. After recovery 38finishes, the environment is properly initialized so that applications 39may be restarted.</p> 40</ol> 41<p>If performing recovery, there are two types of recovery processing: 42<i>normal</i> and <i>catastrophic</i>. Which you choose depends 43on the source for the database and log files you are using to recover.</p> 44<p>If up-to-the-minute database and log files are accessible on a stable 45filesystem, normal recovery is sufficient. Run the <a href="/utility/db_recover.html">db_recover</a> 46utility or call the <a href="/api_c/env_open.html">DB_ENV->open</a> method specifying the 47<a href="/api_c/env_open.html#DB_RECOVER">DB_RECOVER</a> flag. However, the normal recovery case 48<b>never</b> includes recovery using hot backups of the database 49environment. For example, you cannot perform a hot backup of databases 50and log files, restore the backup and then run normal recovery -- you 51must always run catastrophic recovery when using hot backups.</p> 52<p>If the database or log files have been destroyed or corrupted, or normal 53recovery fails, catastrophic recovery is required. For example, 54catastrophic failure includes the case where the disk drive on which 55the database or log files are stored has been physically destroyed, or 56when the underlying filesystem is corrupted and the operating system's 57normal filesystem checking procedures cannot bring that filesystem to 58a consistent state. This is often difficult to detect, and a common 59sign of the need for catastrophic recovery is when normal Berkeley DB recovery 60procedures fail, or when checksum errors are displayed during normal 61database procedures. When catastrophic recovery is necessary, take the 62following steps:</p> 63<ol> 64<p><li>Restore the most recent snapshots of the database and log files from 65the backup media into the directory where recovery will be performed. 66<p><li>If any log files were archived since the last snapshot was made, they 67should be restored into the directory where recovery will be performed. 68<p>If any log files are available from the database environment that failed 69(for example, the disk holding the database files crashed, but the disk 70holding the log files is fine), those log files should be copied into 71the directory where recovery will be performed.</p> 72<p>Be sure to restore all log files in the order they were written. The 73order is important because it's possible the same log file appears on 74multiple backups, and you want to run recovery using the most recent 75version of each log file.</p> 76<p><li>Run the <a href="/utility/db_recover.html">db_recover</a> utility, specifying its <b>-c</b> option; 77or call the <a href="/api_c/env_open.html">DB_ENV->open</a> method, specifying the <a href="/api_c/env_open.html#DB_RECOVER_FATAL">DB_RECOVER_FATAL</a> 78flag. The catastrophic recovery process will review the logs and 79database files to bring the environment databases to a consistent state 80as of the time of the last uncorrupted log file that is found. It is 81important to realize that only transactions committed before that date 82will appear in the databases. 83<p>It is possible to re-create the database in a location different from 84the original by specifying appropriate pathnames to the <b>-h</b> 85option of the <a href="/utility/db_recover.html">db_recover</a> utility. In order for this to work 86properly, it is important that your application refer to files by names 87relative to the database home directory or the pathname(s) specified in 88calls to <a href="/api_c/env_set_data_dir.html">DB_ENV->set_data_dir</a>, instead of using full 89pathnames.</p> 90</ol> 91<table width="100%"><tr><td><br></td><td align=right><a href="/transapp/logfile.html"><img src="/images/prev.gif" alt="Prev"></a><a href="/toc.html"><img src="/images/ref.gif" alt="Ref"></a><a href="/transapp/hotfail.html"><img src="/images/next.gif" alt="Next"></a> 92</td></tr></table> 93<p><font size=1>Copyright (c) 1996,2008 Oracle. All rights reserved.</font> 94</body> 95</html> 96
