| *** catintheroof has joined #openstack-barbican | 00:33 | |
| *** catintheroof has quit IRC | 02:22 | |
| *** mtreinish has quit IRC | 03:14 | |
| *** mtreinish has joined #openstack-barbican | 03:20 | |
| *** andreas_s has joined #openstack-barbican | 06:27 | |
| *** jaosorior has joined #openstack-barbican | 09:02 | |
| *** salmankhan has joined #openstack-barbican | 09:31 | |
| *** raildo has joined #openstack-barbican | 11:08 | |
| *** rmascena has joined #openstack-barbican | 11:35 | |
| *** raildo has quit IRC | 11:37 | |
| *** junousi has joined #openstack-barbican | 12:01 | |
| junousi | greetings. trying to setup barbican with newton, initially with snakeoil to get some momentum into other development stuff that is depending on it. https://docs.openstack.org/barbican/ocata/setup/certificate.html states that "certificates plugin will be deprecated". what is the intended replacement? am I even asking from the right place? thanks in advance! | 12:06 |
|---|---|---|
| jaosorior | junousi: what do you need the cert plugin for? There is no intended replacement. Barbican will focus more on actual secret storage, leaving out X509 lifecycle management to other projects to do. you might want to look into using an actual CA and using certmonger to request and manage the lifecycle of those certs (in TripleO we use FreeIPA as a CA) | 12:15 |
| junousi | This is just to get the ball rolling for other colleagues (who are going to setup Magnum), and momentarily it looked like it would've been a lightweight thing to implement in a dev system before getting FreeIPA(+Dogtag?) or similar solution ready. So indeed no specific need for the cert plugin, just trying to figure out secret store configuration options and estimate development time for each option. | 12:26 |
| junousi | But given that we are planning to upgrade production systems to Ocata later this year, the plugin definitely sounds like a no-go then | 12:33 |
| *** catintheroof has joined #openstack-barbican | 12:42 | |
| junousi | ah, and s/secret/cert/ above :) | 12:47 |
| *** chlong has joined #openstack-barbican | 12:53 | |
| junousi | Alright, if I'm reading the fine manual ( http://specs.openstack.org/openstack/magnum-specs/specs/implemented/tls-support-magnum.html#using-barbican ) right, FreeIPA+Dogtag is the way to go. | 12:59 |
| *** pbourke has quit IRC | 13:06 | |
| *** pbourke has joined #openstack-barbican | 13:08 | |
| *** randomhack has joined #openstack-barbican | 13:51 | |
| *** randomha1k has joined #openstack-barbican | 13:56 | |
| *** randomhack has quit IRC | 13:57 | |
| *** cpuga has joined #openstack-barbican | 14:05 | |
| *** cpuga has quit IRC | 14:13 | |
| *** abishop has joined #openstack-barbican | 15:13 | |
| *** chlong_ has joined #openstack-barbican | 15:22 | |
| *** chlong has quit IRC | 15:24 | |
| *** rmascena is now known as raildo | 15:56 | |
| *** randomha1k has quit IRC | 15:56 | |
| *** randomhack has joined #openstack-barbican | 16:01 | |
| *** andreas_s has quit IRC | 16:08 | |
| *** cpuga has joined #openstack-barbican | 16:11 | |
| *** chlong_ has quit IRC | 16:13 | |
| *** chlong__ has joined #openstack-barbican | 16:13 | |
| *** cpuga has quit IRC | 16:15 | |
| *** randomhack has quit IRC | 16:20 | |
| *** chlong_ has joined #openstack-barbican | 16:40 | |
| *** chlong__ has quit IRC | 16:41 | |
| *** randomhack has joined #openstack-barbican | 17:05 | |
| *** chlong_ has quit IRC | 17:08 | |
| *** salmankhan has quit IRC | 17:10 | |
| *** chlong_ has joined #openstack-barbican | 17:10 | |
| *** randomhack has quit IRC | 17:13 | |
| *** abishop has left #openstack-barbican | 17:14 | |
| *** randomhack has joined #openstack-barbican | 17:28 | |
| *** mathiasb has quit IRC | 18:09 | |
| *** cpuga has joined #openstack-barbican | 18:13 | |
| *** mathiasb has joined #openstack-barbican | 18:16 | |
| *** cpuga has quit IRC | 18:17 | |
| *** alee has quit IRC | 18:23 | |
| *** alee has joined #openstack-barbican | 18:29 | |
| *** salmankhan has joined #openstack-barbican | 18:51 | |
| *** salmankhan has quit IRC | 18:53 | |
| *** salmankhan has joined #openstack-barbican | 19:19 | |
| *** randomhack has quit IRC | 19:33 | |
| *** randomhack has joined #openstack-barbican | 19:46 | |
| *** raildo has quit IRC | 19:56 | |
| *** alee has quit IRC | 20:06 | |
| *** cpuga has joined #openstack-barbican | 20:14 | |
| *** alee has joined #openstack-barbican | 20:17 | |
| *** cpuga has quit IRC | 20:19 | |
| *** randomhack has quit IRC | 20:22 | |
| *** cpuga has joined #openstack-barbican | 22:16 | |
| *** cpuga has quit IRC | 22:21 | |
| *** salmankhan has quit IRC | 23:18 | |
| *** randomhack has joined #openstack-barbican | 23:19 | |
| *** catintheroof has quit IRC | 23:21 | |
| *** randomhack has quit IRC | 23:23 | |
| *** chlong__ has joined #openstack-barbican | 23:36 | |
| *** chlong_ has quit IRC | 23:37 | |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!