[openstack-dev] [magnum] High Availability

David Stanek dstanek at dstanek.com
Fri Mar 18 20:11:54 UTC 2016


On Fri, Mar 18, 2016 at 4:03 PM Douglas Mendizábal <
douglas.mendizabal at rackspace.com> wrote:

> [snip]
> >
> > Regarding the Keystone solution, I'd like to hear the Keystone team's
> feadback on that.  It definitely sounds to me like you're trying to put a
> square peg in a round hole.
> >
>
>
I believe that using Keystone for this is a mistake. As mentioned in the
blueprint, Keystone is not encrypting the data so magnum would be on the
hook to do it. So that means that if security is a requirement you'd have
to duplicate more than just code. magnum would start having a larger
security burden. Since we have a system designed to securely store data I
think that's the best place for data that needs to be secure.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160318/a0107742/attachment.html>


More information about the OpenStack-dev mailing list