THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
Page History
...
- Initiating message is sent by discovery.
- Initiating message should contain:
- New master key hash.
- New master key id.
- When server node processed message following actions are executed:
- It obtain hash of new master key.
- Compares it with the one in message
- If it differs then error added to the message.
- Initiating message should contain:
- If on step1 there are some errors we log it and cancel process. Otherwise got to step3.
- Action message is sent by discovery.
- Action message sould contain:
- New master key hash.
- New master key id.
- When server node processed message following actions are executed:
- Blocks creation of encrypted cache key.
- Encrypt cache group keys with new master key.
- Unblock creation of encrypted cache key.
- EncryptionSPI executes keys rotation (implementation specific).
- Action message sould contain:
Process completion:
Process completes when all nodes in cluster will process action message.
...
- Obtain old master key by id
- Obtain new master key by id
- Reencrypt cache group keys with new master key and store it to metastore.
- EncryptionSPI executes keys rotation (implementation specific).
New commands:
Master key hashes.
Input: nothing
Output:
List of Tuples3
Node ID
Current key hash
Previous key hash or null.
Cache key hashes.
Input: cache id.
Output:
List of Tuples3
Node ID
Current key hash
Previous key hash or null.
Overview
Content Tools
Apps