Thanks, Shake Chen. Seems barbican is a better way. On 2017/3/12 22:59, Shake Chen wrote: > Hi > why not use barbican? > > On Sun, Mar 12, 2017 at 10:33 PM, yanxingan at cmss.chinamobile.com > <mailto:yanxingan at cmss.chinamobile.com> <yanxingan at cmss.chinamobile.com > <mailto:yanxingan at cmss.chinamobile.com>> wrote: > > > Hi, folks: > > > Currently tacker server node stores fernet keys for vim password decryption on local root file system. > If Tacker service serves API requests through a load balancer, then the operation will fail if the request > is not fulfilled by the server node which created and stored the fernet key. > > So we need a possible solution for syncing the keys across multiple server nodes. Currently we > are > thinking about storing the fernet keys via ceph or swift. > Do you have any suggestions > on this approach, or does other project has already > dealt with this problem? > > Thanks. > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: > OpenStack-dev-request at lists.openstack.org?subject:unsubscribe > <http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe> > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > <http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev> > > > > > -- > Shake Chen > > > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >