The International Conference for High Performance Computing, Networking, Storage, and Analysis
The International Conference for High Performance Computing, Networking, Storage, and Analysis
Workshop:HPCSysPros21 Workshop
Authors: David King (University of Illinois)
Abstract: We were storing secrets in a private git repository that has security implications. Admins that would be working on a Puppet control repository would also have the secrets local to their systems even if the secret is encrypted.
Using Vault by Hashicorp with Consul as encrypted storage. This use’s Puppet Server CA certificate as authorization for servers to pull secrets. This also provides flexibility to create policies that control administrative access. A single Vault instance provides secret storage for multiple Puppet Servers as NCSA.
Back to HPCSysPros21 Workshop Archive Listing