[openstack-dev] [Keystone][Fernet] HA SQL backend for Fernet keys
Alexander Makarov
amakarov at mirantis.com
Mon Jul 27 17:01:34 UTC 2015
Greetings!
I'd like to discuss pro's and contra's of having Fernet encryption keys
stored in a database backend.
The idea itself emerged during discussion about synchronizing rotated keys
in HA environment.
Now Fernet keys are stored in the filesystem that has some availability
issues in unstable cluster.
OTOH, making SQL highly available is considered easier than that for a
filesystem.
--
Kind Regards,
Alexander Makarov,
Senior Software Developer,
Mirantis, Inc.
35b/3, Vorontsovskaya St., 109147, Moscow, Russia
Tel.: +7 (495) 640-49-04
Tel.: +7 (926) 204-50-60
Skype: MAKAPOB.AJIEKCAHDP
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150727/35dcce3c/attachment.html>
More information about the OpenStack-dev
mailing list