[ovs-discuss] ovsdb-server unix socket permission
Matthew Booth
mbooth at redhat.com
Sat Aug 22 22:11:53 UTC 2020
On Fri, 21 Aug 2020 at 20:40, Tony Liu <tonyliu0592 at hotmail.com> wrote:
>
> Hi,
>
> The ovsdb-server UNIX socket permission is 0750. It works
> fine for OVS services, like ovs-vswitchd and ovn-controller
> who run as root.
>
> When integrate with OpenStack, neutron-ovn-metadata-agent
> running as user "neutron" needs to connect to ovsdb-server.
> TCP connection works fine. But, since it's local connection,
> it would be better to use UNIX socket to get better performance
> and avoid inactivity probe.
Are you still using RAFT? If so I think you must connect to all tcp
endpoints, or leader-only operations will execute on the wrong node. I
know that locking specifically doesn't work unless all clients pick
the same node to lock on, which means they must all be connected to
all nodes.
> So, is there any option for ovsdb-server to create UNIX socket
> with permission 0777? Or any better option for the agent to
> connect to UNIX socket?
Assuming you're not using RAFT, can you workaround by just chowning it?
Matt
--
Matthew Booth
Red Hat OpenStack Engineer, Compute DFG
Phone: +442070094448 (UK)
More information about the discuss
mailing list