Bug 1400841 - RFE: Encrypt secret data rather than base64 encode
Summary: RFE: Encrypt secret data rather than base64 encode
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: RFE
Version: 3.3.0
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
: 3.7.0
Assignee: Derek Carr
QA Contact: Xiaoli Tian
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-12-02 08:19 UTC by Kenjiro Nakayama
Modified: 2021-08-30 13:39 UTC (History)
11 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-10-04 21:36:16 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1416468 0 unspecified CLOSED [RFE] The keys used in the cluster should all be private 2021-02-22 00:41:40 UTC
Red Hat Knowledge Base (Solution) 2820821 0 None None None 2016-12-20 04:47:05 UTC
Red Hat Knowledge Base (Solution) 2919201 0 None None None 2017-07-11 15:07:38 UTC

Description Kenjiro Nakayama 2016-12-02 08:19:19 UTC 
1. Proposed title of this feature request

  RFE: Encrypt secret data rather than base64 encode

3. What is the nature and description of the request?

  Currently OpenShift secret values are encoded by base64. Since they can be decoded easily, we need some way to encrypt the secret data.

4. Why does the customer need this? (List the business requirements here)

  One of the customers want to run payment applications on OpenShift and they don't want to protect database passwords strictly.

7. Is there already an existing RFE upstream or in Red Hat Bugzilla?

  No, there are some requests like using vault, but there are no concrete way to use them on OpenShift.

8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?

  The customer requested 1Q 2017.
Comment 3 Steven Walter 2017-10-04 21:36:16 UTC 
This is solved by: https://docs.openshift.com/container-platform/3.6/admin_guide/encrypting_data.html
Note You need to log in before you can comment on or make changes to this bug.