Skip to content
This repository has been archived by the owner on May 9, 2023. It is now read-only.

Add keyring_vault support to PXB framework --test_mode #275

Closed
ShahriyarR opened this issue Apr 11, 2018 · 2 comments
Closed

Add keyring_vault support to PXB framework --test_mode #275

ShahriyarR opened this issue Apr 11, 2018 · 2 comments

Comments

@ShahriyarR
Copy link
Owner 

1. xtrabackup will be able to talk to Vault server directly,
  keyring_vault plugin will be ported to xtrabackup, all the same
  options will be supported.
2. new option will be added called `--transition-key'. This key will be
  used to reencrypt keys stored in the InnoDB tablespace headers.
3. xtrabackup will perform following additional steps as it goes through
  encrypted tablespaces:
  - fetch the master key used to encrypt this specific tablespace and
    store it encrypted with transition key into a special file (to be
    named).
  - reencrypt the tablespace key with transition key.
4. xtrabackup will require user to specify `--transition-key' for
  apply-log/prepare/copy-back operation.
5. for `--copy-back' xtrabackup will reencrypt tablespaces so that they
  use the same keys as before and can be used with the same vault
  server.
6. optionally, if user wants to switch to the new key server or
  different keyring plugin, there will be option
  `--generate-new-master-key'. When this option is specified together
  with `--copy-back', xtrabackup will generate new master key, store it
  into keyring and reencrypt tablespaces with this new key.
@ShahriyarR
Copy link
Owner Author

The first thing to be added can be starting PS with keyring_vault plugin.

ShahriyarR added a commit that referenced this issue Apr 11, 2018
@ShahriyarR
Parsing config properly.
08d13dc 
Added keyring_vault cmd option to pass.
For issue #275
@ShahriyarR ShahriyarR mentioned this issue Apr 18, 2018
Merged
ShahriyarR pushed a commit that referenced this issue Apr 24, 2018
Bugfix issue275 (#276)
a1f0752 
* Parsing config properly.
Added keyring_vault cmd option to pass.
For issue #275

* Fixing the .sql extension files to be in package_data

* changed a bit flow

* Enabling back the general tablespace encryption

* UnboundLocalError: local variable 'pid' referenced before assignment

* Redirecting the output
@ShahriyarR
Copy link
Owner Author

Implemented and merged.
Will be closed with release_v1.5.2

ShahriyarR pushed a commit that referenced this issue Apr 24, 2018
Release v1.5.2 (#274)
8ae7927 
* Bugfix issue240 (#241)

* Preliminary fix for issue #240

* Disable header check for TestConf as it must not affect overall usage the tool

* Added check for [TestConf] header as well

* Finalizing the issue fix

* Adding --lock-ddl-per-table and --lock-ddl support (#244)

* Preliminary fix for issue #243

* Calling for first test

* Added some logging message

* Redirecting the output to /dev/null

* Adding x permission

* Running the new sql commands

* Trying to run this ddl_test.sh bash script

* Using full string

* making some changes

* fixing redirect issue

* unpexteced toke done

* Changed workflow

* Added u+x

* calling it without bash command

* fixing bash caller

* fixing the path name

* calling with /usr/bin/bash

* Removed sleep statement

* getting output from sqls

* trying to fix issue again

* trying to make cleanup actions

* changing the try/except block position

* chenged workflow again

* Disabling sysbench run

* Disabled this feature

* Bugfix issue246 (#247)

* Preliminary fix for issue #246

* Added options to config generator for --test_mode

* Fixing directory naming

* implicit conversion

* Calling shutil.copytree here

* Adding '_archive' string

* copying backup_dir

* Finalizing the feature implementation

* Bugfix issue245 (#249)

* Preliminary fix for issue #245

* Executing loop in concurrent.futures

* Changing static method to use Popen

* Reducing worker count

* Increasing worker max count to 5000

* Changed back the value to 1000

* Reducing max worker count to 100

* Calling from ordinary loop

* Implemented, finalizing the feature

* Bugfix issue250 (#251)

* Preliminary fix for issue #250

* Added rename basedirs bats file

* Preliminary fix for issue #252 (#253)

* Preliminary fix for issue #254 (#255)

* Bugfix issue260 (#261)

* Checking if archive is directory or not

* Giving the full path

* Bugfix issue264 (#265)

* Preliminary fix for issue #264

* Decrypting some tables to be altered to unencrypted general tablespace file

* Disabled converting tables to myisam

* Bugfix issue262 (#266)

* Preliminary fix for issue #262

* Unexpected argument error

* Preliminary fix for issue #263 (#267)

* Bugfix issue268 (#270)

* Added 2 temporary table creation for issue #268

* Fixing typo

* Added some bash files and removed previous calls

* Calling the staticmethod

* Fixing the table name

* Fixing the sql

* Added file permissions

* Added create index run for creating temporary tables

* Fixing the database name

* again fix for database name

* Disabled sleep query runs also added some kill process calls

* Bugfix issue271 (#273)

* Preliminary fix for issue #271:
Added several optional bash files to be executed.
Called it from take_backup.py

* Removing drop statement

* Added kill statements

* VERSION BUMP

* Bugfix issue275 (#276)

* Parsing config properly.
Added keyring_vault cmd option to pass.
For issue #275

* Fixing the .sql extension files to be in package_data

* changed a bit flow

* Enabling back the general tablespace encryption

* UnboundLocalError: local variable 'pid' referenced before assignment

* Redirecting the output
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ShahriyarR