Details
-
New Feature
-
Status: Open (View Workflow)
-
Critical
-
Resolution: Unresolved
-
None
Description
The HashiCorp Vault key management plugin has a hashicorp-key-management-use-cache-on-timeout setting that makes it use cached key value and key version information beyond the actual cache entry lifetime in case that curl http calls to the Vault server can connect, but time out.
A HTTP timeout is a rather unlikely error scenario here though, it is much more likely to get:
- "connection refused" if the Vault server is down, even if just shortly but at the wrong moment
- "no route to host" if the Vault host is not reachable, e.g. due to a VM restart
- "internal server error" due to an error on the Vault server process itself
None of these should bring down the MariaDB server by default when it is just trying to re-fetch a key it already has in the cache, or when trying to check for new key versions.
So actually two requests here:
- treat all http errors the same as http timeouts, either by adding a new option, or by extending the functionality of the already existing one
- switch the default for "continue to use cached value in case of Vault communication problems" from OFF to ON