[Encrypted InnoDB tablespace backups] keyring_file dependency should be documented
Bug #1656282 reported by
Laurynas Biveinis
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | ||
|---|---|---|---|---|---|---|
| Percona XtraBackup moved to https://jira.percona.com/projects/PXB | Status tracked in 2.4 | |||||
| 2.4 |
Triaged
|
Medium
|
Unassigned | |||
Bug Description
[In:/doc/
Currenly, the doc page discusses taking backups of encrypted tablespaces without mentioning anything about server keyrings in use. That XB introduces keyring_file_data option, implies that it works only with keyring_file and not with any other keyring plugin. This should be documented.
Revision history for this message
| Sergei Glushchenko (sergei.glushchenko) wrote | #1 |
Revision history for this message
| Laurynas Biveinis (laurynas-biveinis) wrote | #2 |
Revision history for this message
| Sergei Glushchenko (sergei.glushchenko) wrote | #3 |
Revision history for this message
| Laurynas Biveinis (laurynas-biveinis) wrote | #4 |
Revision history for this message
| Sergei Glushchenko (sergei.glushchenko) wrote | #5 |
Revision history for this message
| Shahriyar Rzayev (rzayev-sehriyar) wrote | #6 |
To post a comment you must log in.
Eventually, xtrabackup should support keyring plugins.
Another option is to fetch master keys from server itself using 'keyring_key_fetch' from recently introduced keyring_udf and re-encrypt tablespace keys with the backup master key provided at the time of backup.
As for current implementation, we should state that it only works with default keyring file plugin.