Open Stack

> Is the problem perhaps that no one is aware of other projects using
> Barbican? Is the status on the project navigator alarming (it looks
> like some of this information is potentially out of date)? Has
> Barbican been deemed too hard to deploy?
>
> I really want to understand why so many projects feel the need to
> implement their own secrets storage. This seems a bit short-sighted
> and foolish. While these projects are making themselves easier to
> deploy, if not done properly they are potentially endangering their
> users and that seems like a bigger problem than deploying Barbican to
> me.
>

Just food for thought, and I'm pretty sure it's probably the same for 
various others; but one part that I feel is a reason that folks don't 
deploy barbican is because most companies need a solution that works 
beyond OpenStack and whether people like it or not, a OpenStack specific 
solution isn't really something that is attractive (especially with the 
growing adoption of other things that are *not* OpenStack).

Another reason, some companies have or are already building/built 
solutions that offer functionality like what's in 
https://github.com/square/keywhiz and others and such things integrate 
with kubernetes and **their existing** systems ... natively already so 
why would they bother with a service like barbican?

IMHO we've got to get our heads out of the sand with regard to some of 
this stuff, expecting people to consume all things OpenStack and only 
all things OpenStack is a losing battle; companies will consume what is 
right for their need, whether that is in the OpenStack community or not, 
it doesn't really matter (maybe at one point it did).

My 2 cents,

Josh