tl;dr: please respond with your use cases and concerns about secret
keys, passwords, etc on cloud-vps
Right now we have two not-very-good ways to distribute a secret key
within a cloud project:
1) copy the secret onto each VM by hand as you create it
2) create a puppetmaster in your project and and have it distribute the
secrets
Option #2 is pretty good for big, long-lived projects but involves a lot
of overhead. Option #1 is fine for projects with only one or two VMs
but scales terribly.
The WMCS team has been discussing the question of secrets distribution
for years, and we have a few different possible solutions in mind but no
favorite. Rather than rattle off those options here, we're trying to
rewind a bit and gather possible use-cases and user wishes in this area.
So: if this is a feature you've been missing, please respond with an
answer to this question:
"How would I make use of secrets on cloud-vps instances?"
If possible, please include thoughts about these points:
- Is it good enough to provide project-wide distribution, or do we need
finer-grained control, limiting secrets to particular users or instances?
- Is a web UI for managing secrets a requirement, or are command line
tools adequate? What if there were /only/ a web-ui and no command line?
- Would supporting secret management solve immediate issues on its own,
or is it only useful as a part of larger instrumentation tooling (e.g.
puppet, heat, or terraform integration)
Thank you! I welcome your thoughts on-list, but you're also welcome to
list thoughts or use-cases on the phabricator tracking task
https://phabricator.wikimedia.org/T283032