Folks, I found useful to share a spec that I started to write this morning: https://review.openstack.org/445592
The goal is to do Keystone Fernet keys rotations in a way that scales and is secure, by using the standard tools and not re-inventing the wheel. In other words: if you're working on Keystone or TripleO or any other deployment tool: please read the spec and give any feedback. We would like to find a solution that would work for all OpenStack deployment tools (Kolla, OSA, Fuel, TripleO, Helm, etc) but I sent the specs to tripleo project to get some feedback. If you already has THE solution that you think is the best one, then we would be very happy to learn from it in a comment directly in the spec. Thanks for your time, -- Emilien Macchi __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
