<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Courier New";
panose-1:2 7 3 9 2 2 5 2 4 4;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Menlo;
panose-1:2 11 6 9 3 8 4 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:Calibri;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:Calibri;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Calibri;
color:windowtext;}
p.p1, li.p1, div.p1
{mso-style-name:p1;
margin:0in;
margin-bottom:.0001pt;
background:#FEF49C;
font-size:9.0pt;
font-family:Menlo;
color:black;}
p.p2, li.p2, div.p2
{mso-style-name:p2;
margin:0in;
margin-bottom:.0001pt;
background:#FEF49C;
font-size:9.0pt;
font-family:Menlo;
color:black;}
p.p3, li.p3, div.p3
{mso-style-name:p3;
margin:0in;
margin-bottom:.0001pt;
background:#FEF49C;
font-size:9.0pt;
font-family:Menlo;
color:#26B41B;}
span.s1
{mso-style-name:s1;
color:#26B41B;}
span.s3
{mso-style-name:s3;
color:#4D2CDC;}
span.s4
{mso-style-name:s4;
color:black;}
span.s2
{mso-style-name:s2;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
p.p4, li.p4, div.p4
{mso-style-name:p4;
margin:0in;
margin-bottom:.0001pt;
background:#FEF49C;
font-size:9.0pt;
font-family:Menlo;
color:#26B41B;}
span.s5
{mso-style-name:s5;
color:black;}
span.s6
{mso-style-name:s6;
color:#25B2BF;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:Calibri;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1836535327;
mso-list-type:hybrid;
mso-list-template-ids:1547199138 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Symbol;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:"Courier New";}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:;
mso-level-tab-stop:none;
mso-level-number-position:left;
text-indent:-.25in;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt">Hey ... a couple of NEWBY question for the Barbican Team.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I just setup a devstack with Barbican @ stable/queens .<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Ran through the “Verify operation” commands (
<a href="https://docs.openstack.org/barbican/latest/install/verify.html">https://docs.openstack.org/barbican/latest/install/verify.html</a> ) ... Everything worked.<o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s1"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s2"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s2"><span style="font-size:6.5pt">$
openstack secret list</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p2" style="margin-left:.5in"><span style="font-size:6.5pt"><o:p> </o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s1"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s2"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s2"><span style="font-size:6.5pt">$
openstack secret store --name mysecret --payload j4=]d21</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------------+--------------------------------------------------------------------------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Field
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Value</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------------+--------------------------------------------------------------------------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Secret href
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| http://10.10.10.17/key-manager/v1/secrets/87eb0f18-e417-45a8-ae49-187f8d8c98d1 |</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Name</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| mysecret </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Created
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| None </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Status</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| None </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Content types | None
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Algorithm
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| aes</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Bit length</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| 256</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Secret type
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| opaque </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Mode</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| cbc</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Expiration</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| None </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------------+--------------------------------------------------------------------------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p3" style="margin-left:.5in"><span class="s2"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s4"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s4"><span style="font-size:6.5pt">$</span></span><span class="apple-converted-space"><span style="font-size:6.5pt;color:black"> </span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p3" style="margin-left:.5in"><span class="s2"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s4"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s4"><span style="font-size:6.5pt">$</span></span><span class="apple-converted-space"><span style="font-size:6.5pt;color:black"> </span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s1"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s2"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s2"><span style="font-size:6.5pt">$
openstack secret list</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+--------------------------------------------------------------------------------+----------+---------------------------+--------+-----------------------------+-----------+------------+-------------+------+------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Secret href</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Name </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Created </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Status | Content types
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Algorithm | Bit length | Secret type | Mode | Expiration |</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+--------------------------------------------------------------------------------+----------+---------------------------+--------+-----------------------------+-----------+------------+-------------+------+------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| http://10.10.10.17/key-manager/v1/secrets/87eb0f18-e417-45a8-ae49-187f8d8c98d1 | mysecret | 2018-06-18T14:47:45+00:00 | ACTIVE | {u'default': u'text/plain'} | aes
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">256 | opaque</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| cbc</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| None </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+--------------------------------------------------------------------------------+----------+---------------------------+--------+-----------------------------+-----------+------------+-------------+------+------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s1"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s2"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s2"><span style="font-size:6.5pt">$
openstack secret get http://10.10.10.17/key-manager/v1/secrets/87eb0f18-e417-45a8-ae49-187f8d8c98d1</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------------+--------------------------------------------------------------------------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Field
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Value</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------------+--------------------------------------------------------------------------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Secret href
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| http://10.10.10.17/key-manager/v1/secrets/87eb0f18-e417-45a8-ae49-187f8d8c98d1 |</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Name</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| mysecret </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Created
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| 2018-06-18T14:47:45+00:00</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Status</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| ACTIVE </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Content types | {u'default': u'text/plain'}</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Algorithm
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| aes</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Bit length</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| 256</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Secret type
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| opaque </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Mode</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| cbc</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Expiration</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| None </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------------+--------------------------------------------------------------------------------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s1"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s2"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s2"><span style="font-size:6.5pt">$
openstack secret get http://10.10.10.17/key-manager/v1/secrets/87eb0f18-e417-45a8-ae49-187f8d8c98d1 --payload</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------+---------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Field
</span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">| Value </span></span><span class="apple-converted-space"><span style="font-size:6.5pt">
</span></span><span class="s2"><span style="font-size:6.5pt">|</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------+---------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">| Payload | j4=]d21 |</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s2"><span style="font-size:6.5pt">+---------+---------+</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="p1" style="margin-left:.5in"><span class="s1"><b><span style="font-size:6.5pt">stack@barbican</span></b></span><span class="s2"><span style="font-size:6.5pt">:</span></span><span class="s3"><b><span style="font-size:6.5pt">~/devstack</span></b></span><span class="s2"><span style="font-size:6.5pt">$</span></span><span style="font-size:6.5pt"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><i><u><span style="font-size:11.0pt">QUESTIONS:<o:p></o:p></span></u></i></b></p>
<p class="MsoListParagraph" style="text-indent:-.25in;mso-list:l0 level1 lfo1"><![if !supportLists]><span style="font-size:11.0pt;font-family:Symbol"><span style="mso-list:Ignore">·<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt">In this basic devstack setup,
<b><i><u>what is being used as the secret store ?<o:p></o:p></u></i></b></span></p>
<p class="MsoListParagraph" style="margin-left:1.0in;text-indent:-.25in;mso-list:l0 level2 lfo1">
<![if !supportLists]><span style="font-size:11.0pt;font-family:"Courier New""><span style="mso-list:Ignore">o<span style="font:7.0pt "Times New Roman"">
</span></span></span><![endif]><span style="font-size:11.0pt">E.g. /etc/barbican/barbican.conf for devstack is simply<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><b><span style="font-size:9.0pt;font-family:Menlo;color:#26B41B">stack@barbican</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black">:</span><b><span style="font-size:9.0pt;font-family:Menlo;color:#4D2CDC">~/devstack</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black">$
more /etc/barbican/barbican.conf <o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">[DEFAULT]<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">transport_url = rabbit://stackrabbit:admin@10.10.10.17:5672<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">db_auto_create = False<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">sql_connection = mysql+pymysql://root:admin@127.0.0.1/barbican?charset=utf8<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">logging_exception_prefix = %(color)s%(asctime)s.%(msecs)03d TRACE %(name)s
</span><b><span style="font-size:9.0pt;font-family:Menlo;color:#CE32CC">%(instance)s</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">logging_debug_format_suffix =
</span><span style="font-size:9.0pt;font-family:Menlo;color:#A6A519">from (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">logging_default_format_string = %(asctime)s.%(msecs)03d %(color)s%(levelname)s %(name)s [</span><span style="font-size:9.0pt;font-family:Menlo;color:#25B2BF">-%(color)s]
</span><b><span style="font-size:9.0pt;font-family:Menlo;color:#CE32CC">%(instance)s%(color)s%(message)s</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">logging_context_format_string = %(asctime)s.%(msecs)03d %(color)s%(levelname)s %(name)s [</span><b><span style="font-size:9.0pt;font-family:Menlo;color:#25B2BF">%(request_id)s
</span></b><span style="font-size:9.0pt;font-family:Menlo;color:#25B2BF">%(project_name)s %(user_name)s%(color)s]
</span><b><span style="font-size:9.0pt;font-family:Menlo;color:#CE32CC">%(instance)s%(color)s%(message)s</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black"><o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">use_stderr = True<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">log_file = /opt/stack/logs/barbican.log<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">host_href = http://10.10.10.17/key-manager<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">debug = True<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">[keystone_authtoken]<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">memcached_servers = localhost:11211<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">signing_dir = /var/cache/barbican<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">cafile = /opt/stack/data/ca-bundle.pem<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">project_domain_name = Default<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">project_name = service<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">user_domain_name = Default<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">password = admin<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">username = barbican<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">auth_url = http://10.10.10.17/identity<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">auth_type = password<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black"><o:p> </o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">[keystone_notifications]<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><span style="font-size:9.0pt;font-family:Menlo;color:black">enable = True<o:p></o:p></span></p>
<p class="MsoNormal" style="margin-left:1.5in;background:#FEF49C"><b><span style="font-size:9.0pt;font-family:Menlo;color:#26B41B">stack@barbican</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black">:</span><b><span style="font-size:9.0pt;font-family:Menlo;color:#4D2CDC">~/devstack</span></b><span style="font-size:9.0pt;font-family:Menlo;color:black">$ </span><span style="font-size:9.0pt;font-family:Menlo;color:#26B41B"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="mso-list:l0 level1 lfo1"><b><i><u><span style="font-size:11.0pt">What is the basic strategy here wrt Barbican providing secure secret storage ?</span></u></i></b><span style="font-size:11.0pt"><br>
e.g.<b><i><u><o:p></o:p></u></i></b></span>
<ul style="margin-top:0in" type="circle">
<li class="MsoNormal" style="mso-list:l0 level2 lfo1"><span style="font-size:11.0pt">Secrets are stored encrypted in some secret store ?<o:p></o:p></span>
<ul style="margin-top:0in" type="square">
<li class="MsoNormal" style="mso-list:l0 level3 lfo1"><span style="font-size:11.0pt">Again, for default devstack, what is that secret store ? (assuming it is NOT the DB being used for general openstack services’ tables)<o:p></o:p></span>
<ul style="margin-top:0in" type="disc">
<li class="MsoNormal" style="mso-list:l0 level4 lfo1"><span style="font-size:11.0pt">i.e. assuming it is separate DB or file or directory of files
<o:p></o:p></span></li></ul>
</li><li class="MsoNormal" style="mso-list:l0 level3 lfo1"><span style="font-size:11.0pt">What key is used for encryption ? ...
<br>
<br>
<o:p></o:p></span></li></ul>
</li><li class="MsoNormal" style="mso-list:l0 level2 lfo1"><span style="font-size:11.0pt">The UUID of the Barbican ‘secret’ object in the Barbican openstack DB Table is the ‘external reference’ for the secret ?<o:p></o:p></span>
<ul style="margin-top:0in" type="square">
<li class="MsoNormal" style="mso-list:l0 level3 lfo1"><span style="font-size:11.0pt">? and this ‘secret’ object has the internal reference for the secret in the secret store ?<br>
<br>
<o:p></o:p></span></li></ul>
</li><li class="MsoNormal" style="mso-list:l0 level2 lfo1"><span style="font-size:11.0pt">ADMIN privileges are required to access the Barbican ‘secret’ objects ?
<br>
<br>
<br>
<br>
<o:p></o:p></span></li><li class="MsoNormal" style="mso-list:l0 level2 lfo1"><b><i><span style="font-size:11.0pt">Soooo ... the secrets are stored in encrypted format and can only be referenced / retrieved in plain text with ADMIN privileges<o:p></o:p></span></i></b>
<ul style="margin-top:0in" type="square">
<li class="MsoNormal" style="mso-list:l0 level3 lfo1"><b><i><span style="font-size:11.0pt">Is this the basis of the strategy ?<o:p></o:p></span></i></b></li></ul>
</li></ul>
</li></ul>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Thanks in advance,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Greg.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
</div>
</body>
</html>