Hi All, I have updated the puppet modules for secure vault support. Please review and merger the p/r [1]. I'll send a p/r for kubernetes-artifacts repo with the changes needed to pass the key store password. I have done the changes to pass key store password as environment variable for standalone docker containers. Currently I'm working on passing the password as kubernetes secret and will send a p/r for this soon.
[1]. https://github.com/wso2/puppet-modules/pull/16 Thanks. On Sun, Feb 21, 2016 at 12:24 PM, Imesh Gunaratne <[email protected]> wrote: > > > On Sun, Feb 21, 2016 at 8:05 AM, Thanuja Uruththirakodeeswaran < > [email protected]> wrote: > >> Hi All, >> >> Currently I'm working on $subject by running cipher tool and user will be >> able to build a docker image for a wso2 product which will have secured >> password in config files. >> >> In order to do the subject, we need to add cipher-tool.properties, >> cipher-text.properties and password-tmp file templates to puppet module. I >> thought of encrypting the passwords using the cipher tool after we execute >> puppet apply in Docker files [1]. >> > > Yes IMO this is the best option. Docker image build process use puppet for > configuring the product, once the configuration is done run secure vault > and secure all credentials. > > When the container starts we will need to send the password either using > an environment variable (in Docker) or via a K8S secret (in K8S) and create > the password text file. Then we can start the server. > > Thanks > >> >> Applying secure vault while building the docker image will be easy and >> efficient way compared to manually running the cipher tool and updating >> puppet module templates before building the docker image. >> >> I'll update this thread about the progress. Highly appreciate your >> suggestions on this. >> >> [1]. >> https://github.com/wso2/kubernetes-artifacts/blob/master/wso2esb/docker/Dockerfile#L40 >> >> Thanks. >> >> -- >> Thanuja Uruththirakodeeswaran >> Software Engineer >> WSO2 Inc.;http://wso2.com >> lean.enterprise.middleware >> >> mobile: +94 774363167 >> > > > > -- > *Imesh Gunaratne* > Senior Technical Lead > WSO2 Inc: http://wso2.com > T: +94 11 214 5345 M: +94 77 374 2057 > W: http://imesh.gunaratne.org > Lean . Enterprise . Middleware > > -- Thanuja Uruththirakodeeswaran Software Engineer WSO2 Inc.;http://wso2.com lean.enterprise.middleware mobile: +94 774363167
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
