-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DatabaseFacade.CanConnect doesn't actually check anything #18330
Comments
Note that opening an unpooled connection could be problematic for a health check, as you may be hitting database connection limits... A simple SELECT query is probably safest... |
@roji Have you verified that opening a connection can pass if the database cannot be contacted? It's the same mechanism we have been using for years on SQL Server and I haven't seen it give false positives. (Plenty of false negatives, but not positives.) Also, on SQLite opening the connection opens the file. |
I will give this a proper test - wanted to log this first (conference time). As a general rule opening a pooled connection is not supposed to actually contact a database because of perf reasons (it would kind of defeat the purpose of the pool), so this is definitely a bug with npgsql, but I'll confirm this on SQL Server in the coming days. |
Tested three scenarios with some very "interesting" results:
From cases 1 and 2 above, I'm guessing that when SQL Server shuts down (or drops the database), it sends a message to SqlClient which makes it clear its pool. But if networking is cut this obviously doesn't happen. Note that all this holds for RelationalDatabaseCreator.Exists as well (which is what CanConnect calls) - this also seems problematic. I'd suggest simply adding a simple |
So happy we’ve had this conversation :D |
@mmisztal1980 me too, without your question I'd have never looked into that code...! |
I’m gonna try repro the other issue again on 2.2 in the coming week, I’ll keep you posted |
I did some basic research on executing It is apparently possible to deny SELECT access on an entire database ( However, I really am not an SQL Server expert by any stretch, would be good to have other opinions. @AndriySvyryd I think you looked into this area in the past? |
I don't have any significant pushback against |
DatabaseFacade.CanConnect is supposed to determine whether the database is alive and can be connected to. The default implementation in RelationalDatabaseCreator calls Exists, whose implementation in SqlServer (and Sqlite and Npgsql) is to simply open and close a connection. As far as I'm aware, assuming connection pooling is enabled this doesn't actually do any sort of communication to the database. We should consider implementing CanConnect by doing a raw
SELECT 1
roundtrip, or possibly opening and closing a non-pooled connection.Note that ASP.NET's EF health probe is built over this API.
The text was updated successfully, but these errors were encountered: