Please reply all to the list rather than emailing me directly. Key rotation is done with a keystone-manage command or we just end up effectively renumbering the keys with our deploy process.
I'd recommend you watch our presentation from the Austin summit or read my blog posts on this. http://www.mattfischer.com/blog/?p=648 https://www.youtube.com/watch?v=702SRZHdNW8 On Wed, Feb 8, 2017 at 8:14 AM, Matt Fischer <[email protected]> wrote: > I think that you just replied to me directly. But you are asking about > sharing keys. > > Since keys do not need to be in-sync on all nodes at the same time you can > use any number of sharing mechanisms. We used puppet + ansible (our normal > deploy process). Key rotation allows them to be out of sync which > simplifies the problem for you. > > On Tue, Feb 7, 2017 at 9:25 PM, Matt Fischer <[email protected]> wrote: > >> Do you mean sharing tokens or keys? >> >> On Feb 7, 2017 11:34 AM, "Ignazio Cassano" <[email protected]> >> wrote: >> >>> Hi everybody, >>> Can anyone talk me about Sebring fernet tokens in an openstack with more >>> than one controller? >>> Regards >>> Ignazio >>> >>> >>> >>> _______________________________________________ >>> OpenStack-operators mailing list >>> [email protected] >>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators >>> >>> >
_______________________________________________ OpenStack-operators mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
