Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6
Description
There have been several bug reports about how the background encryption threads can use a lot of CPU. Prior analysis suggested those this is primarily caused by the operations that check for key rotation. As part of MDEV-11738, the innodb_encryption_rotate_key_age system variable's special 0 value was added to disable these checks, and this does seem to help most users.
The default value of innodb_encryption_rotate_key_age is 1, so key rotation checks will be enabled by default. The problem is that many encryption users will be using {file_key_management}} plugin, which doesn't even support key rotations. Many of these users are not aware that they should set innodb_encryption_rotate_key_age to 0, so their background threads will be using more CPU than is necessary.
Would it be possible to automatically disable key rotation checks for file_key_management plugin (and maybe other plugins that don't support key rotation)?
Attachments
Issue Links
- causes
-
MDEV-35558 fil_crypt_must_default_encrypt() is being called even if ENCRYPTION=NO
- Open
- relates to
-
MDEV-14398 When innodb_encryption_rotate_key_age=0 is set, server won't encrypt tablespaces
- Closed
-
MDEV-29652 data-at-rest enabled high CPU use for long times
- Closed
-
MDEV-20713 Implement key rotation for file_key_management plugin
- Open
-
MDEV-24426 fil_crypt_thread keep spinning even if innodb_encryption_rotate_key_age=0
- Closed