Hello Casey, Barbican is probably still in use by a lot of people, including ourselves. We would love to still have this support in there, perhaps we can find a way forward keeping that support if we can involve some more people in the maintenance process. I proposed to bump the version for the OpenStack components way back in March [1] but haven’t received any feedback, perhaps if we could get some directions on how to get that tested to provide feedback ourselves we can work together on that part. Looking forward to your reply. Best regards Tobias [1] https://github.com/ceph/ceph/pull/45379 > On 5 Aug 2022, at 17:37, Casey Bodley <cbodley@xxxxxxxxxx> wrote: > > Barbican was the first key management server used for rgw's Server > Side Encryption feature. it's integration is documented in > https://docs.ceph.com/en/quincy/radosgw/barbican/ > > we've since added SSE-KMS support for Vault and KMIP, and the SSE-S3 > feature (coming soon to quincy) requires Vault > > our Barbican tests stopped working about 6 months ago (see > https://tracker.ceph.com/issues/54247), and nobody is familiar enough > with the ecosystem to fix it. these tests are pinned to old versions > of keystone (17.0.0 which was ossuri?) and barbican (5.0.0 which was > pike?), but something changed and they no longer work > > rgw can't maintain features that we can't test. if Barbican support is > important to the community, we'd love some assistance in > updating/fixing these tests. if there is no interest, we'll likely > deprecate it in R and remove it in S > > our team feels that Vault is a more attractive target for continued > development. does Barbican offer any specific advantages? please let > us know your thoughts! > > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |