We’re currently investigating the Xtrabackup tool for backing up our MySQL database. During our testing of Xtrabackup, we came across an error related to checksums. Interestingly this error only occurred in the application running on an encrypted AWS EBS volume, while we did not encounter the same checksum error in the application running on an unencrypted AWS EBS volume. Is there a specific reason Xtrabackup behaves differently on encrypted and unencrypted volumes.
[01] Copying ./ibdata1 to /var/tmp/backupxtra/ibdata1
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
230704 09:24:57 >> log scanned up to (24491496343)
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Database page corruption detected at page 192, retrying...
[01] xtrabackup: Error: failed to read page after 10 retries. File ./ibdata1 seems to be corrupted.
[01] xtrabackup: Error: xtrabackup_copy_datafile() failed.
[01] xtrabackup: Error: failed to copy datafile.
230704 09:24:58 >> log scanned up to (24491496343)
mysql --version
mysql Ver 8.0.31-23 for Linux on x86_64 (Percona Server (GPL), Release '23', Revision '71449379')
xtrabackup --version
xtrabackup version 8.0.31-24 based on MySQL server 8.0.31 Linux (x86_64) (revision id: f0754edb)
EBS encryption is storage encryption, so it should be transparent. ie at process level, it doesn’t know that the data to be stored will be encrypted. It is encrypted at volume level.
That said, the encryption key access and privileges depend on the OS users (according to EBS documentation).
Mysql server is typically run as ‘mysql’ user process, so the access key might have been granted only to ‘mysql’ user.
Can you please verify the following things?
Check if MySQL server is run as ‘mysql’ OS user?
what is the OS user used for xtrabackup?
can you switch to ‘mysql’ user and run xtrabackup?
Adding to what @jegana already mentioned.
For the same databases (just scaffolded with few tables) on the unencrypted volume, it works fine. @satya.bodapati I agree it i should be transparent to user but it is not. Just FYI, mysqldump works fine but percona xtrabackup doesn’t. Have anyone from your internal team has tried this before and verified that it works?