THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Page History
...
Changes in memory page format
PageMetaIO and PagePartitionMetaIO
...
Reencryption status requires an additional 8 bytes on the meta page of each partition.
Index partition uses PageMetaIO to read/write meta information.
Each other partition uses PagePartitionMetaIO to read/write meta information.
...
WAL delta records have also been modified to store re-encryption status.
Encrypted (persisted) page
...
Each encrypted page has reserved free space to store CRC of encrypted data.
The size of this free space depends on the size of the encryption block, but cannot be less than 8 bytes (Ignite default encryption implementation (KeystoreEncryptionSpi) uses AES with 16 bytes block size).
...
Fault tolerance
Distributed key rotation
The node Node join is rejected during the encryption key rotation, but this limitation may be revised in the future.
When a node joins the cluster (before/after key rotation), it receives the current encryption keys for the cache groups used for writing (it "rotates" encryption key automatically). If the encryption key is a new key, then the node sets it for writing and starts the background re-encryption process (it starts re-encryption automaticallyin other words, the node automatically "rotates" the encryption key. when joining a cluster, if necessary).
Therefore, a node may leave the cluster during a key change, or a node may be absent and rejoin later (it does not matter if the baseline changes or not), it will receive a new key and schedule re-encryption, if necessary.
Background re-encryption
...
Overview
Content Tools
Apps