Excerpts from Raildo Mascena de Sousa Filho's message of 2017-08-04 19:34:25 +0000: > Hi all, > > We had a couple of discussions with the Oslo team related to implement > Pluggable drivers for oslo.config[0] and use those feature to implement > support to protect plaintext secret on configuration files[1]. > > In another hand, due the containerized support on OpenStack services, we > have a community effort to implement a k8s ConfigMap support[2][3], which > might make us step back and consider how secret management will work, since > the config data will need to go into the configmap *before* the container > is launched. > > So, I would like to see what the community think. Should we continue > working on that pluggable drivers and protect plain text secrets support > for oslo.config? Makes sense having a PTG session[4] on Oslo to discuss > that feature? > > Thanks for the feedback in advance. > > Cheers, > > [0] https://review.openstack.org/#/c/454897/ > [1] https://review.openstack.org/#/c/474304/ > [2] > https://github.com/flaper87/keystone-k8s-ansible/blob/6524b768d75a28adf44c74aca77ccf13dd66b1a9/provision-keystone-apb/tasks/main.yaml#L71-L108 > [3] https://kubernetes.io/docs/ > <https://kubernetes.io/docs/tasks/configure-pod-container/configmap/> > tasks/configure-pod-container/configmap/ > <https://kubernetes.io/docs/tasks/configure-pod-container/configmap/> > [4] https://etherpad.openstack.org/p/oslo-ptg-queens
I've added some of the deployment project tags to the subject line to expand the audience for this discussion. We're trying to decide what to do about space at the PTG for this conversation. My Monday-Wednesday are completely booked, so I was hoping we could do it Thursday. The Oslo team won't have a room then, so we need to either find space in another room or reserve one of the extra rooms mentioned on the schedule [1]. Kendall & Thierry, what do we need to do to reserve that room if we can't find space in another team room? Before we meet in Denver, it would be very useful to have some documents describing the end-to-end processes teams foresee using for managing secrets. Doug [1] https://docs.google.com/spreadsheets/u/1/d/1xmOdT6uZ5XqViActr5sBOaz_mEgjKSCY7NEWcAEcT-A/pubhtml?gid=397241312&single=true __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev