[openstack-dev] [magnum] High Availability
dstanek at dstanek.com
Fri Mar 18 20:11:54 UTC 2016
On Fri, Mar 18, 2016 at 4:03 PM Douglas Mendizábal <
douglas.mendizabal at rackspace.com> wrote:
> > Regarding the Keystone solution, I'd like to hear the Keystone team's
> feadback on that. It definitely sounds to me like you're trying to put a
> square peg in a round hole.
I believe that using Keystone for this is a mistake. As mentioned in the
blueprint, Keystone is not encrypting the data so magnum would be on the
hook to do it. So that means that if security is a requirement you'd have
to duplicate more than just code. magnum would start having a larger
security burden. Since we have a system designed to securely store data I
think that's the best place for data that needs to be secure.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OpenStack-dev