Closed blaggacao closed 6 years ago
For the record, confd now supports Vault. Since rancher provides a confd-compatible metadata API, this makes it all the more interesting now to mix values from rancher-metadata and vault.
@deniseschannon Would https://github.com/rancher/rancher/releases/tag/v1.1.0-dev2 close this? Or is the scope of the vault catalogue entry a less tight integration? Havn't had time to inspect it in detail...
@blaggacao The Vault integration added to the Catalog authenticates containers and provisions them with Vault access credentials.
OK, thanks. Let's keep this open then...
With the release of Rancher 2.0, development on v1.6 is only limited to critical bug fixes and security patches.
Vault (Hashicorp) besides for it's multiple other use cases in the rancher ecosystem, could be elegantly included as a Access Control Backend.
Vault, in turn, also supports, among other backends, LDAP, github and user/pwd, and I'm sure Active Directory is just a yard away, but comes with the additional benefit of:
It possibly can be used to even replace/offload backend maintenance efforts to the vault project, if that would come in handy. /cc @will-chan : yet another use case.
https://vaultproject.io/docs/auth/github.html https://vaultproject.io/docs/auth/ldap.html https://vaultproject.io/docs/auth/userpass.html