Warning: I’m a noob - I know next to nothing about MySQL, and trying to learn as I deploy an enormously important project for my company.
Can someone help me understand the tablespace encryption setup? I’m confused about exactly what I’ve enabled, and what I should be enabling.
I followed the above and have a cluster running with ‘pxc-encrypt-cluster-traffic=ON’ set. But does this only do cluster traffic encryption like the variable says? Or does this actually do tablespace encryption?
I searched a bit more and found this: https://www.percona.com/doc/percona-server/LATEST/management/data_at_rest_encryption.html#installation
That seems a lot more involved - was all of that abstracted by the cluster configuration? I definitely haven’t setup a vault server or anything. Can anyone tell me if I’ve done what’s required?
How do I restore an XtraBackup backup on an XtraDB cluster? I can’t find any documentation about this. Do I restore on one node at a time and wait for sync or something? If I’ve enabled tablespace encryption on the cluster, does the database restore encrypt the tables in the restored databases?
(I’ll ask this over in the XtraBackup forum too) If I have an XtraBackup backup that contains multiple databases, and I need to have different databases go to different clusters, do I get a choice in where the restores take place? It looks like I just copy the DB files into the MySQL data directory (/var/lib/mysql for me) - is each database its own set of files, and can I just put them on another machine as I wish?
I really appreciate any help - like I said I’m a noob and really trying hard to learn.