summaryrefslogtreecommitdiff
path: root/doc/source/admin/credential-encryption.rst
diff options
context:
space:
mode:
Diffstat (limited to 'doc/source/admin/credential-encryption.rst')
-rw-r--r--doc/source/admin/credential-encryption.rst41
1 files changed, 0 insertions, 41 deletions
diff --git a/doc/source/admin/credential-encryption.rst b/doc/source/admin/credential-encryption.rst
index 7a721ff70..d54209be3 100644
--- a/doc/source/admin/credential-encryption.rst
+++ b/doc/source/admin/credential-encryption.rst
@@ -60,47 +60,6 @@ the response. Neither the cipher text, nor the hash of the key used to encrypt
the ``blob`` are exposed through the API. Furthermore, the key is only used
internally to keystone.
-Encrypting existing credentials
--------------------------------
-
-When upgrading a Mitaka deployment to Newton, three database migrations will
-ensure all credentials are encrypted. The process is as follows:
-
-1. An additive schema change is made to create the new ``encrypted_blob`` and
- ``key_hash`` columns in the existing ``credential`` table using
- ``keystone-manage db_sync --expand``.
-2. A data migration will loop through all existing credentials, encrypt each
- ``blob`` and store the result in the new ``encrypted_blob`` column. The hash
- of the key used is also written to the ``key_hash`` column for that specific
- credential. This step is done using ``keystone-manage db_sync --migrate``.
-3. A contractive schema will remove the ``blob`` column that held the plain
- text representations of the credential using ``keystone-manage db_sync
- --contract``. This should only be done after all nodes in the deployment are
- running Newton. If any Mitaka nodes are running after the database is
- contracted, they won't be able to read credentials since they are looking
- for the ``blob`` column that no longer exists.
-
-.. NOTE::
-
- You may also use ``keystone-manage db_sync --check`` in order to check the
- current status of your rolling upgrades.
-
-If performing a rolling upgrade, please note that a limited service outage will
-take affect during this migration. When the migration is in place, credentials
-will become read-only until the database is contracted. After the contract
-phase is complete, credentials will be writeable to the backend. A
-``[credential] key_repository`` location must be specified through
-configuration and bootstrapped with keys using ``keystone-manage
-credential_setup`` prior to migrating any existing credentials. If a new key
-repository isn't setup using ``keystone-manage credential_setup`` keystone will
-assume a null key to encrypt and decrypt credentials until a proper key
-repository is present. The null key is a key consisting of all null bytes and
-its only purpose is to ease the upgrade process from Mitaka to Newton. It is
-highly recommended that the null key isn't used. It is no more secure than
-storing credentials in plain text. If the null key is used, you should migrate
-to a proper key repository using ``keystone-manage credential_setup`` and
-``keystone-manage credential_migrate``.
-
Encryption key management
-------------------------
View Lorry Controller Status