Uploaded image for project: 'Percona Server for MySQL'
  1. Percona Server for MySQL
  2. PS-5730

Change SELECT rotate_system_key to ALTER INSTANCE for percona system key rotation.

    XMLWordPrintable

Details

    • Improvement
    • Status: Done
    • High
    • Resolution: Fixed
    • 5.7.x, 8.0.x
    • 8.0.21-12
    • None

    Description

      Currently user can rotate a key using rotate_system_key function. It can be called with SELECT statement. SELECT statement replication varies based on binlog format. This may be problematic. MySQL introduced two flavors of ALTER INSTANCE for key rotation:

      • for MK encryption the statement is always replicated.
      • for Binlog encryption the statement is never replicated.

      We want to mimic this behavior to be more in sync with how upstream behaves.

      Since binlog encryption implementation is now replaced by upstream feature we no longer need to implement rotation for binlog encryption key. Only percona_innodb system key rotation will be replaced with the ALTER INSTANCE statement.

      Attachments

        Activity

          People

            robert.golebiowski Robert Golebiowski (Inactive)
            robert.golebiowski Robert Golebiowski (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - Not Specified
                Not Specified
                Logged:
                Time Spent - 4 days, 4 hours
                4d 4h

                Smart Checklist