[openstack-dev] [Glare][TC][All] Past, Present and Future of Glare project
Mikhail Fedosin
mfedosin at gmail.com
Mon Jun 26 18:29:49 UTC 2017
On Jun 26, 2017 7:14 PM, "Jay Pipes" <jaypipes at gmail.com> wrote:
On 06/26/2017 11:32 AM, Mikhail Fedosin wrote:
>
> On Jun 26, 2017 5:54 PM, "Jay Pipes" <jaypipes at gmail.com <mailto:
> jaypipes at gmail.com>> wrote:
>
> On 06/26/2017 10:35 AM, Mikhail Fedosin wrote:
>
> * Storage of secrets - a new artifact type in Glare, which
> will store private information (keys, passwords, etc.) in an
> encrypted form (like in Barbican).
>
>
> Does the above mean you are implementing a share secret storage
> solution or that you are going to use an existing solution like
> Barbican that does that?
>
> Sectets is a plugin for Glare we developed for Nokia CloudBand platform,
> and they just decided to opensource it. It doesn't use Barbican,
> technically it is oslo.versionedobjects class.
>
Sorry to hear that you opted not to use Barbican.
I think it's only because Keycloak integration is required by Nokia's
system and Barbican doesn't support it.
But, I'm confused what oslo.versionedobjects has to do with secrets
storage. Could you explain?
Oslo.versionedobjects just defines a structure of artifact type. But we
also implemented two new field types for oslo_vo - Blob and Folder, which
can be used similar to Integer or String.
When user tries to write data to a Blob field it is automatically decoded
and uploaded to a cloud store by glance_store library. And vice versa -
when user reads data from the Blob field it is dowloaded from the store and
decoded.
So, consider Glare as a synergy of glance_store and oslo.versionedobjects
with RESTful API above it.
Best,
-jay
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20170626/3eab2634/attachment.html>
More information about the OpenStack-dev
mailing list