[openstack-dev] [tripleo] Encrypted swift volumes by default in the undercloud

Dmitry Tantsur dtantsur at redhat.com
Wed May 16 11:16:09 UTC 2018


Hi,

On 05/15/2018 09:19 PM, Juan Antonio Osorio wrote:
> Hello!
> 
> As part of the work from the Security Squad, we added the ability for the 
> containerized undercloud to encrypt the overcloud plans. This is done by 
> enabling Swift's encrypted volumes, which require barbican. Right now it's 
> turned off, but I would like to enable it by default [1]. What do you folks think?

I like the idea, but I'm a bit skeptical about adding a new service to already 
quite bloated undercloud. Why is barbican a hard requirement here?

> 
> [1] https://review.openstack.org/#/c/567200/
> 
> BR
> 
> -- 
> Juan Antonio Osorio R.
> e-mail: jaosorior at gmail.com <mailto:jaosorior at gmail.com>
> 
> 
> 
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
> 




More information about the OpenStack-dev mailing list