Percona XtraDB Cluster moved to https://jira.percona.com/projects/PXC

Merge lp:~hrvojem/percona-xtradb-cluster/new_encrypt_doc into lp:percona-xtradb-cluster/percona-xtradb-cluster-5.5

  1. new_encrypt_doc
  2. Merge into 5.5
Proposed by Hrvoje Matijakovic
Status: Merged
Approved by: Raghavendra D Prabhu
Approved revision: no longer in the source branch.
Merged at revision: 574
Proposed branch: lp:~hrvojem/percona-xtradb-cluster/new_encrypt_doc
Merge into: lp:percona-xtradb-cluster/percona-xtradb-cluster-5.5
Diff against target: 87 lines (+34/-5)
2 files modified
doc-pxc/source/manual/xtrabackup_sst.rst (+31/-4)
doc-pxc/source/release-notes/Percona-XtraDB-Cluster-5.5.34-23.7.6.rst (+3/-1)
To merge this branch: bzr merge lp:~hrvojem/percona-xtradb-cluster/new_encrypt_doc
Reviewer Review Type Date Requested Status
Raghavendra D Prabhu Pending
Review via email: mp+193760@code.launchpad.net
To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'doc-pxc/source/manual/xtrabackup_sst.rst'
2--- doc-pxc/source/manual/xtrabackup_sst.rst 2013-10-18 17:32:02 +0000
3+++ doc-pxc/source/manual/xtrabackup_sst.rst 2013-11-04 12:44:31 +0000
4@@ -9,9 +9,11 @@
5 * Stage I on joiner checks if it is |SST| or |IST| based on presence of :file:`xtrabackup_ist` file.
6 * In Stage II it starts the data transfer, if it's |SST|, it empties the data directory sans few files (galera.cache, sst_in_progress, grastate.dat) and then proceed with the SST or if it's IST, proceeds as before.
7
8-This change has introduced **incompatibilities** with older versions, refer to `Incompatibilities <http://www.percona.com/doc/percona-xtradb-cluster/errata.html#incompatibilities>`_ for more details.
9-
10-Latest Xtrabackup 2.1.x is strongly recommended for Xtrabackup SST.
11+.. warning::
12+
13+ :ref:`xtrabackup_sst` implementation added in |Percona XtraDB Cluster| :rn:`5.5.33-23.7.6` has been renamed to ``xtrabackup-v2``, so :variable:`wsrep_sst_method` =xtrabackup will use xtrabackup implementation before :rn:`5.5.33-23.7.6` and will be compatible with older |Percona XtraDB Cluster| versions. In order to use the new version :variable:`wsrep_sst_method` should be set to ``xtrabackup-v2``.
14+
15+Latest |Percona Xtrabackup| 2.1.x is strongly recommended for Xtrabackup SST. Refer to `Incompatibilities <http://www.percona.com/doc/percona-xtradb-cluster/errata.html#incompatibilities>`_ for possible caveats.
16
17 Following SST specific options are allowed in my.cnf under [sst]
18 -----------------------------------------------------------------
19@@ -60,7 +62,7 @@
20
21 .. option:: encrypt
22
23- :Values: 0,1,2
24+ :Values: 0,1,2,3
25 :Default: 0
26 :Match: Yes
27
28@@ -73,6 +75,8 @@
29
30 * OpenSSL based encryption with ``encrypt=2``. Socat must be built with openSSL for encryption: ``socat -V | grep OPENSSL``.
31
32+ * Support for SSL encryption for just the key and crt files as implemented in `Galera <http://www.codership.com/wiki/doku.php?id=ssl_support>`_ can be enabled with ``encrypt=3`` option. Information on this option can be found :ref:`here <galera_sst_encryption>`.
33+
34 Refer to this :ref:`document <xtrabackup_sst_encryption>` when enabling with ``encrypt=1``.
35
36 .. option:: encrypt-algo
37@@ -138,6 +142,15 @@
38
39 If set to 1, SST will use the thread pool's `extra_port <http://www.percona.com/doc/percona-server/5.6/performance/threadpool.html#extra_port>`_. Make sure that thread pool is enabled and extra_port option is set in my.cnf before you turn on this option.
40
41+.. option:: cpat
42+
43+During the SST, the :term:`datadir` is cleaned up so that state of other node can be restored cleanly. This option provides the ability to define the files that need to be deleted before the SST. It can be set like: ::
44+
45+ [sst]
46+ cpat='.*galera\.cache$\|.*sst_in_progress$\|.*grastate\.dat$\|.*\.err$\|.*\.log$\|.*RPM_UPGRADE_MARKER$\|.*RPM_UPGRADE_HISTORY$\|.*\.xyz$'
47+
48+**NOTE:** This option can only be used when :variable:`wsrep_sst_method` is set to xtrabackup-v2.
49+
50 .. _tar_ag_xbstream:
51
52 Tar against xbstream
53@@ -158,6 +171,20 @@
54 * mkfifo. Required for :option:`progress`. Provided by coreutils.
55 * mktemp. Required for :option:`incremental`. Provided by coreutils.
56
57+.. _galera_sst_encryption:
58+
59+Galera compatible encryption
60+----------------------------
61+
62+Support for SSL encryption for just the key and crt files as implemented in `Galera <http://www.codership.com/wiki/doku.php?id=ssl_support>`_ can be enabled with ``encrypt=3`` option. This has been implemented in :rn:`5.5.34-23.7.6` for compatibility with Galera. **NOTE**: This option does not provide certificate validation. In order to work correctly paths to the key and cert files need to be specified as well, like: ::
63+
64+ [sst]
65+ encrypt=3
66+ tkey=/etc/mysql/key.pem
67+ tcert=/etc/mysql/cert.pem
68+
69+**NOTE:** This option can only be used when :variable:`wsrep_sst_method` is set to xtrabackup-v2.
70+
71 .. _xtrabackup_sst_encryption:
72
73 Xtrabackup-based encryption
74
75=== modified file 'doc-pxc/source/release-notes/Percona-XtraDB-Cluster-5.5.34-23.7.6.rst'
76--- doc-pxc/source/release-notes/Percona-XtraDB-Cluster-5.5.34-23.7.6.rst 2013-11-04 10:19:08 +0000
77+++ doc-pxc/source/release-notes/Percona-XtraDB-Cluster-5.5.34-23.7.6.rst 2013-11-04 12:44:31 +0000
78@@ -51,7 +51,9 @@
79
80 :ref:`xtrabackup_sst` implementation added in |Percona XtraDB Cluster| :rn:`5.5.33-23.7.6` has been renamed xtrabackup-v2, so :variable:`wsrep_sst_method` =xtrabackup will use xtrabackup implementation before :rn:`5.5.33-23.7.6` and will be compatible with older |Percona XtraDB Cluster| versions. Bug fixed :bug:`1228618`.
81
82-Other bugs fixed: bug fixed :bug:`1244741`, bug fixed :bug:`1244667`, bug fixed :bug:`1243150`, bug fixed :bug:`1232890`, bug fixed :bug:`1235244`, bug fixed :bug:`999492`, bug fixed :bug:`1245769`, bug fixed :bug:`1244100`.
83+Support for SSL encryption for just the key and crt files as implemented in `Galera <http://www.codership.com/wiki/doku.php?id=ssl_support>`_ can be enabled with ``encrypt=3`` option. This has been implemented in :rn:`5.5.34-23.7.6` for compatibility with Galera. Bug fixed :bug:`1235244`.
84+
85+Other bugs fixed: bug fixed :bug:`1244741`, bug fixed :bug:`1244667`, bug fixed :bug:`1243150`, bug fixed :bug:`1232890`, bug fixed :bug:`999492`, bug fixed :bug:`1245769`, bug fixed :bug:`1244100`.
86
87 Based on `Percona Server 5.5.34-32.0 <http://www.percona.com/doc/percona-server/5.5/release-notes/Percona-Server-5.5.34-32.0.html>`_ including all the bug fixes in it, `Galera Replicator <https://launchpad.net/galera/+milestone/23.2.7>`_ and on `Codership wsrep API 5.5.34-25.9 <https://launchpad.net/codership-mysql/+milestone/5.5.34-25.9>`_, |Percona XtraDB Cluster| `5.5.34-23.7.6 <https://launchpad.net/percona-xtradb-cluster/+milestone/5.5.34-23.7.6>`_ is now the current stable release. All of |Percona|'s software is open-source and free.
88

Subscribers

People subscribed via source and target branches