On Jun 26, 2017 7:14 PM, "Jay Pipes" <jaypi...@gmail.com> wrote:
On 06/26/2017 11:32 AM, Mikhail Fedosin wrote: > > On Jun 26, 2017 5:54 PM, "Jay Pipes" <jaypi...@gmail.com <mailto: > jaypi...@gmail.com>> wrote: > > On 06/26/2017 10:35 AM, Mikhail Fedosin wrote: > > * Storage of secrets - a new artifact type in Glare, which > will store private information (keys, passwords, etc.) in an > encrypted form (like in Barbican). > > > Does the above mean you are implementing a share secret storage > solution or that you are going to use an existing solution like > Barbican that does that? > > Sectets is a plugin for Glare we developed for Nokia CloudBand platform, > and they just decided to opensource it. It doesn't use Barbican, > technically it is oslo.versionedobjects class. > Sorry to hear that you opted not to use Barbican. I think it's only because Keycloak integration is required by Nokia's system and Barbican doesn't support it. But, I'm confused what oslo.versionedobjects has to do with secrets storage. Could you explain? Oslo.versionedobjects just defines a structure of artifact type. But we also implemented two new field types for oslo_vo - Blob and Folder, which can be used similar to Integer or String. When user tries to write data to a Blob field it is automatically decoded and uploaded to a cloud store by glance_store library. And vice versa - when user reads data from the Blob field it is dowloaded from the store and decoded. So, consider Glare as a synergy of glance_store and oslo.versionedobjects with RESTful API above it. Best, -jay __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
