Hashicorp's Vault seems to be the most promising solution for this.
Mantl has integrated it with Mesos and Marathon already, so I would look at
their stack to see how it all fits together:
https://mantl.io
On Mon, Jan 11, 2016 at 10:21 AM, Luke Amdor wrote:
> We've been using Hashicorp's Vault
We've been using Hashicorp's Vault (https://vaultproject.io) to secure
secrets for our applications deployed via Marathon. Currently we've just
locked down Marathon and use vault's token auth per application to access
secrets. However, we've done a lot of work in the last few months to
authenticate
Hi,
We give each app a private/public key pair, and let the developers
encrypt any environment variable with their app's public key (we also
base64 encode the ciphertext).
Then instead of calling the usual "/bin/sh", we call a small bash
wrapper script which decrypts the desired environment variab
Hi everyone,
I'd like to explore mechanisms to provide secrets to applications deployed on
Mesos (e.g. via Marathon or Apache Aurora).
The classical workflow of having the passwords encrypted in the local git
repository and only decrypted during deployment (for example via ansible vault)
tends
4 matches
Mail list logo