+1 for watching the presentation, it was excellent (I was there!). Chris
On Thu, Feb 9, 2017 at 10:19 AM, Matt Fischer <m...@mattfischer.com> wrote: > Please reply all to the list rather than emailing me directly. > > Key rotation is done with a keystone-manage command or we just end up > effectively renumbering the keys with our deploy process. > > I'd recommend you watch our presentation from the Austin summit or read my > blog posts on this. > > http://www.mattfischer.com/blog/?p=648 > https://www.youtube.com/watch?v=702SRZHdNW8 > > > On Wed, Feb 8, 2017 at 8:14 AM, Matt Fischer <m...@mattfischer.com> wrote: > >> I think that you just replied to me directly. But you are asking about >> sharing keys. >> >> Since keys do not need to be in-sync on all nodes at the same time you >> can use any number of sharing mechanisms. We used puppet + ansible (our >> normal deploy process). Key rotation allows them to be out of sync which >> simplifies the problem for you. >> >> On Tue, Feb 7, 2017 at 9:25 PM, Matt Fischer <m...@mattfischer.com> >> wrote: >> >>> Do you mean sharing tokens or keys? >>> >>> On Feb 7, 2017 11:34 AM, "Ignazio Cassano" <ignaziocass...@gmail.com> >>> wrote: >>> >>>> Hi everybody, >>>> Can anyone talk me about Sebring fernet tokens in an openstack with >>>> more than one controller? >>>> Regards >>>> Ignazio >>>> >>>> >>>> >>>> _______________________________________________ >>>> OpenStack-operators mailing list >>>> OpenStack-operators@lists.openstack.org >>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators >>>> >>>> >> > > _______________________________________________ > OpenStack-operators mailing list > OpenStack-operators@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators > > -- Chris Morgan <mihali...@gmail.com>
_______________________________________________ OpenStack-operators mailing list OpenStack-operators@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
