HI
Sorry should have mentioned that the InnoDB logs are not encrypted
show variables like '%encrypt%';
+------------------------------------------+---------+
| Variable_name | Value |
+------------------------------------------+---------+
| aria_encrypt_tables | OFF |
| encrypt_binlog | OFF |
| encrypt_tmp_disk_tables | OFF |
| encrypt_tmp_files | OFF |
| file_key_management_encryption_algorithm | aes_cbc |
| innodb_default_encryption_key_id | 1 |
| innodb_encrypt_log | OFF |
| innodb_encrypt_tables | ON |
| innodb_encryption_rotate_key_age | 1 |
| innodb_encryption_rotation_iops | 100 |
| innodb_encryption_threads | 0 |
+------------------------------------------+————+
The the table is encrypted:
select *
-> from information_schema.innodb_tablespaces_encryption
-> where encryption_scheme=1
-> ;
+-------+----------------------+-------------------+--------------------+-----------------+---------------------+--------------------------+------------------------------+----------------+
| SPACE | NAME | ENCRYPTION_SCHEME | KEYSERVER_REQUESTS |
MIN_KEY_VERSION | CURRENT_KEY_VERSION | KEY_ROTATION_PAGE_NUMBER |
KEY_ROTATION_MAX_PAGE_NUMBER | CURRENT_KEY_ID |
+-------+----------------------+-------------------+--------------------+-----------------+---------------------+--------------------------+------------------------------+----------------+
| 35 | mytest/customers_big | 1 | 1 |
1 | 1 | NULL |
NULL | 1 |
+-------+----------------------+-------------------+--------------------+-----------------+---------------------+--------------------------+------------------------------+----------------+
1 row in set (0.00 sec)
Mysqldump works fine to backup data but of course it dumps it into plain text
and it’s generally a rubbish backup method.
Kind Regards
Lee
> On 1 Jun 2016, at 16:13, Guillaume Lefranc <guillaume.lefr...@mariadb.com>
> wrote:
>
> Hello,
>
> on the contrary, it is clearly stated:
>
> Percona XtraBackup cannot back up instances that use encrypted InnoDB log
> files.
>
> So, either don't encrypt the log files (potentially unsafe), or use
> filesystem backups.
>
> Regards
> GL
>
>
> On Wed, Jun 1, 2016 at 5:02 PM Lee Bennett <l...@gravity667.com
> <mailto:l...@gravity667.com>> wrote:
> Hi
>
> We are in the process of setting up data at rest encryption encryption with
> MariaDB 10.1.13 so we can encrypt specific table. This works without any
> problem however when I try and backup with Percona Xtrabackup it fails saying
> table appears to be corrupted:
>
> 60601 14:53:46 [01] ...done
> 160601 14:53:46 [01] Streaming ./mytest/customers_big.ibd
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> 160601 14:53:46 >> log scanned up to (3146117051)
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Database page corruption detected at page 1, retrying...
> [01] xtrabackup: Error: failed to read page after 10 retries. File
> ./mytest/customers_big.ibd seems to be corrupted.
> [01] xtrabackup: Error: xtrabackup_copy_datafile() failed.
> [01] xtrabackup: Error: failed to copy datafile.
>
> This says to me that Xtrabackup isn’t compatible with MariaDB encryption
> however the documents kind of give the impression it is:
> https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/
> <https://mariadb.com/kb/en/mariadb/data-at-rest-encryption/>
>
> Regards
> Lee
> _______________________________________________
> Mailing list: https://launchpad.net/~maria-discuss
> <https://launchpad.net/~maria-discuss>
> Post to : maria-discuss@lists.launchpad.net
> <mailto:maria-discuss@lists.launchpad.net>
> Unsubscribe : https://launchpad.net/~maria-discuss
> <https://launchpad.net/~maria-discuss>
> More help : https://help.launchpad.net/ListHelp
> <https://help.launchpad.net/ListHelp>
> --
> Guillaume Lefranc
> Remote DBA Services Manager
> MariaDB Corporation
_______________________________________________
Mailing list: https://launchpad.net/~maria-discuss
Post to : maria-discuss@lists.launchpad.net
Unsubscribe : https://launchpad.net/~maria-discuss
More help : https://help.launchpad.net/ListHelp
