Update README
Update the castellan-ui README with a Features section and Troubleshooting section. Change-Id: I8939abfac71536eb277b97b0d998155c4501f4bd
This commit is contained in:
parent
a17eb51430
commit
c1ba5aa7af
59
README.rst
59
README.rst
|
@ -11,7 +11,31 @@ Generic Key Manager UI Plugin for Horizon
|
|||
Features
|
||||
--------
|
||||
|
||||
* TODO
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
| | Import from file | Import using direct input | Download | Delete | Generate [1] |
|
||||
====================+==================+===========================+===============+===========+==============+
|
||||
| X.509 Certificates | supported [2] | supported [2] | supported [2] | supported | N/A |
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
| Private Keys | supported [2] | supported [2] | supported [2] | supported | supported |
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
| Public Keys | supported [2] | supported [2] | supported [2] | supported | supported |
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
| Symmetric Keys | supported [3] | supported [4] | supported [3] | supported | supported |
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
| Opaque Data | supported [3] | supported [4] | supported [3] | supported | N/A |
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
| Passphrases [5] | X | supported | X | supported | N/A |
|
||||
--------------------+------------------+---------------------------+---------------+-----------+--------------+
|
||||
|
||||
1. Key managers typically support generating keys only and do not generate
|
||||
other types of objects. Private and public keys will be generated as a key
|
||||
pair, and symmetric keys can be generated individually.
|
||||
2. Supports Privacy-enhanced Electronic Mail (PEM) formatted objects.
|
||||
3. Raw bytes represent the object.
|
||||
4. Object bytes are represented using hex characters.
|
||||
5. Because passphrases are typically not saved to files, passphrases are
|
||||
imported through a form on the web page and are not downloadable, only
|
||||
viewed through the web page.
|
||||
|
||||
Enabling in DevStack
|
||||
--------------------
|
||||
|
@ -32,7 +56,9 @@ Begin by cloning the Horizon and Castellan UI repositories::
|
|||
Create a virtual environment and install Horizon dependencies::
|
||||
|
||||
cd horizon
|
||||
python tools/install_venv.py
|
||||
virtualenv horizon_dev
|
||||
. horizon_dev/bin/activate
|
||||
pip install -r requirements.txt
|
||||
|
||||
Set up your ``local_settings.py`` file::
|
||||
|
||||
|
@ -49,9 +75,10 @@ editor. You will want to customize several settings:
|
|||
|
||||
Install Castellan UI with all dependencies in your virtual environment::
|
||||
|
||||
tools/with_venv.sh pip install -e ../castellan-ui/
|
||||
. horizon_dev/bin/activate
|
||||
pip install -e ../castellan-ui/
|
||||
|
||||
And enable it in Horizon::
|
||||
And enable it in Horizon (use full paths instead of relative paths)::
|
||||
|
||||
ln -s ../castellan-ui/castellan_ui/enabled/_90_project_key_manager_panelgroup.py openstack_dashboard/local/enabled
|
||||
ln -s ../castellan-ui/castellan_ui/enabled/_91_project_key_manager_x509_certificates_panel.py openstack_dashboard/local/enabled
|
||||
|
@ -63,7 +90,29 @@ And enable it in Horizon::
|
|||
|
||||
To run horizon with the newly enabled Castellan UI plugin run::
|
||||
|
||||
./run_tests.sh --runserver 0.0.0.0:8080
|
||||
python manage.py runserver -- 0.0.0.0:8080
|
||||
|
||||
to have the application start on port 8080 and the horizon dashboard will be
|
||||
available in your browser at http://localhost:8080/
|
||||
|
||||
Troubleshooting Tips
|
||||
--------------------
|
||||
|
||||
If you are using Barbican plugin for Castellan, be sure to note that Barbican
|
||||
requires the 'admin' or 'creator' role be assigned to a user before the user
|
||||
can list or create key manager objects. The error message that appears if this
|
||||
is not the case is as follows::
|
||||
|
||||
Could not list objects: Key manager error: Forbidden: Secret(s) retrieval attempt not allowed - please review your user/project privileges
|
||||
|
||||
To add the appropriate role for a non-admin user, use the following command (as an admin) ::
|
||||
|
||||
openstack role add --user <username> --project <project name> creator
|
||||
|
||||
See Also
|
||||
--------
|
||||
|
||||
* Castellan: https://github.com/openstack/castellan
|
||||
* Barbican: https://github.com/openstack/barbican
|
||||
* Vault: https://github.com/hashicorp/vault
|
||||
* PyKMIP: https://github.com/OpenKMIP/PyKMIP
|
||||
|
|
Loading…
Reference in New Issue