forked from percona/pg_tde
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
XLog: replicate fork file and encrypt tuples (percona#59)
1. Inserts and Updates now are encrypted in WAL. We encrypt new tuples directly in Buffer after they were insrerted there. To pass it to XLog we could memcpy Buffer data into into the tuple. But later tuple has to be unencrypted for index instertions etc. So we pass directly data from the Buffer into XLog. 2. Log into WAL and replicate *.tde forks creation. 3. Added docker-compose for the streaming replication test setup. (not perfect - needs two `up -d` in a row to start the secondary) 4. Added tests for multi inserts. Need tests for replications though.
- Loading branch information
Showing
11 changed files
with
1,676 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# TODO: needs improvements as currentlly ` docker-compose up -d --build` has to be run twice | ||
# as replication init on secodary doen't work 100% properly | ||
version: "3.4" | ||
services: | ||
pg-primary: | ||
build: | ||
dockerfile: ./docker/Dockerfile | ||
context: .. | ||
environment: | ||
- "POSTGRES_PASSWORD=testpass" | ||
- "PG_PRIMARY=true" | ||
- "POSTGRES_HOST_AUTH_METHOD=trust" | ||
- "PG_REPLICATION=true" | ||
ports: | ||
- "5433:5432" | ||
pg-secondary: | ||
build: | ||
dockerfile: ./docker/Dockerfile | ||
context: .. | ||
depends_on: | ||
- pg-primary | ||
environment: | ||
- "POSTGRES_PASSWORD=testpass" | ||
- "PG_REPLICATION=true" | ||
ports: | ||
- "5434:5432" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,6 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
|
||
psql -c 'CREATE EXTENSION pg_tde;' | ||
psql -d template1 -c 'CREATE EXTENSION pg_tde;' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,19 @@ | ||
#!/bin/bash | ||
|
||
set -e | ||
|
||
PG_PRIMARY=${PG_PRIMARY:-"false"} | ||
PG_REPLICATION=${PG_REPLICATION:-"false"} | ||
REPL_PASS=${REPL_PASS:-"replpass"} | ||
|
||
if [ !PG_REPLICATION = "true "] ; then | ||
exit 0 | ||
fi | ||
|
||
if [ $PG_PRIMARY == "true" ] ; then | ||
psql -c "CREATE ROLE repl WITH REPLICATION PASSWORD '${REPL_PASS}' LOGIN;" | ||
echo "host replication repl 0.0.0.0/0 trust" >> ${PGDATA}/pg_hba.conf | ||
else | ||
rm -rf ${PGDATA}/* | ||
pg_basebackup -h pg-primary -p 5432 -U repl -D ${PGDATA} -Fp -Xs -R | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
-- trigger multi_insert path | ||
-- | ||
CREATE EXTENSION pg_tde; | ||
CREATE TABLE albums ( | ||
album_id INTEGER GENERATED ALWAYS AS IDENTITY PRIMARY KEY, | ||
artist_id INTEGER, | ||
title TEXT NOT NULL, | ||
released DATE NOT NULL | ||
) USING pg_tde; | ||
COPY albums FROM stdin CSV HEADER; | ||
SELECT * FROM albums; | ||
album_id | artist_id | title | released | ||
----------+-----------+--------------------+------------ | ||
1 | 1 | Mirror | 06-24-2009 | ||
2 | 2 | Pretzel Logic | 02-20-1974 | ||
3 | 3 | Under Construction | 11-12-2002 | ||
4 | 4 | Return to Wherever | 07-11-2019 | ||
5 | 5 | The Nightfly | 10-01-1982 | ||
6 | 6 | It's Alive | 10-15-2013 | ||
7 | 7 | Pure Ella | 02-15-1994 | ||
(7 rows) | ||
|
||
SELECT * FROM albums where album_id > 5; | ||
album_id | artist_id | title | released | ||
----------+-----------+------------+------------ | ||
6 | 6 | It's Alive | 10-15-2013 | ||
7 | 7 | Pure Ella | 02-15-1994 | ||
(2 rows) | ||
|
||
-- On replica: | ||
-- SELECT * FROM albums; | ||
-- album_id | artist_id | title | released | ||
-- ----------+-----------+--------------------+------------ | ||
-- 1 | 1 | Mirror | 2009-06-24 | ||
-- 2 | 2 | Pretzel Logic | 1974-02-20 | ||
-- 3 | 3 | Under Construction | 2002-11-12 | ||
-- 4 | 4 | Return to Wherever | 2019-07-11 | ||
-- 5 | 5 | The Nightfly | 1982-10-01 | ||
-- 6 | 6 | It's Alive | 2013-10-15 | ||
-- 7 | 7 | Pure Ella | 1994-02-15 | ||
-- (7 rows) | ||
-- | ||
-- SELECT * FROM albums where album_id > 5; | ||
-- album_id | artist_id | title | released | ||
-- ----------+-----------+------------+------------ | ||
-- 6 | 6 | It's Alive | 2013-10-15 | ||
-- 7 | 7 | Pure Ella | 1994-02-15 | ||
-- (2 rows) | ||
-- | ||
DROP TABLE albums; | ||
-- multi_insert2 | ||
-- more data to take multiple pages | ||
CREATE TABLE Towns ( | ||
id SERIAL UNIQUE NOT NULL, | ||
code VARCHAR(10) NOT NULL, | ||
article TEXT, | ||
name TEXT NOT NULL, | ||
department VARCHAR(4) NOT NULL, | ||
UNIQUE (code, department) | ||
) USING pg_tde; | ||
COPY towns (id, code, article, name, department) FROM stdin; | ||
SELECT count(*) FROM towns; | ||
count | ||
------- | ||
1313 | ||
(1 row) | ||
|
||
SELECT * FROM towns where id in (13, 666); | ||
id | code | article | name | department | ||
-----+------+-----------+----------------+------------ | ||
13 | 014 | some_text | Arbent | 01 | ||
666 | 252 | some_text | Cuissy-et-Geny | 02 | ||
(2 rows) | ||
|
||
-- ON REPLICA | ||
-- | ||
-- select count(*) from towns; | ||
-- count | ||
-- ------- | ||
-- 1313 | ||
-- (1 row) | ||
-- | ||
-- select * from towns where id in (13, 666); | ||
-- id | code | article | name | department | ||
-- -----+------+-----------+----------------+------------ | ||
-- 13 | 014 | some_text | Arbent | 01 | ||
-- 666 | 252 | some_text | Cuissy-et-Geny | 02 | ||
-- (2 rows) | ||
-- | ||
DROP TABLE towns; | ||
DROP EXTENSION pg_tde; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.