By providing --encryption-key-file
to fdbbackup
, I have been able to create encrypted backups in AWS S3. I generated this key using openssl rand 32 > key
.
However, when attempting to restore those backups using fdbrestore
with --encryption-key-file
pointed to the same key, I am unable to begin the restore process. The initial error is:
ERROR: HTTP response code not received or indicated failure
Upon digging further with --knob_http_verbose_level=3
, the error is:
-- RESPONSE CONTENT--
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidRange</Code><Message>The requested range is not satisfiable</Message><RangeRequested>bytes=4096-8191</RangeRequested><ActualObjectSize>14</ActualObjectSize><RequestId>[REDACTED_REQUEST_ID]</RequestId><HostId>[REDACTED_HOST_ID]</HostId></Error>
Where it seems the restore process requested: Request Header: Range: bytes=4096-8191
of log_end_version
, where S3 previously informed the process it only has Reponse Header: Content-Length: 14
. In some instances, the same type of error (requesting more bytes than are available) occurs for mutation_log_type
rather than log_end_version
.
This problem does not occur when the --encryption-key-file
flag is not present.
I have observed this behaviour in 7.1.65, 7.3.37 and 7.3.57.
Has anyone managed to successfully backup and restore data simply using --encryption-key-file
? If so, I would be grateful if you could provide the commands used to start the backup as well as the restore.