Clustered at-rest encryption

Hello,

From this blog post (https://www.percona.com/blog/2016/04/08/mysql-data-at-rest-encryption/), I see that a few changes are needed to the my.cnf file, and then you just run “alter table table_name encryption=‘Y’”.

Is that replicated across all cluster nodes?

Thanks

Hi,

The "alter table table_name encryption=‘Y’ " will replicate. However, for this to work the keyring-file-data must be configured on each node.

https://dev.mysql.com/doc/refman/5.7/en/innodb-tablespace-encryption.html

On nodes where the keyring is not configured, the tables will not be encrypted.