> -----Original Message----- > From: Matthew Booth <mbo...@redhat.com> > Sent: Saturday, August 22, 2020 3:12 PM > To: Tony Liu <tonyliu0...@hotmail.com> > Cc: ovs-discuss@openvswitch.org; ovs-dev <ovs-...@openvswitch.org> > Subject: Re: [ovs-discuss] ovsdb-server unix socket permission > > On Fri, 21 Aug 2020 at 20:40, Tony Liu <tonyliu0...@hotmail.com> wrote: > > > > Hi, > > > > The ovsdb-server UNIX socket permission is 0750. It works fine for OVS > > services, like ovs-vswitchd and ovn-controller who run as root. > > > > When integrate with OpenStack, neutron-ovn-metadata-agent running as > > user "neutron" needs to connect to ovsdb-server. > > TCP connection works fine. But, since it's local connection, it would > > be better to use UNIX socket to get better performance and avoid > > inactivity probe. > > Are you still using RAFT? If so I think you must connect to all tcp > endpoints, or leader-only operations will execute on the wrong node. I > know that locking specifically doesn't work unless all clients pick the > same node to lock on, which means they must all be connected to all > nodes.
It has nothing to do with RAFT. This is the connection to local ovsdb-server on compute node. > > So, is there any option for ovsdb-server to create UNIX socket with > > permission 0777? Or any better option for the agent to connect to UNIX > > socket? > > Assuming you're not using RAFT, can you workaround by just chowning it? Yes, I can, then the caveat is that, since the socket is owned by ovsdb-server, when it restarts, the socket will be recreated and chown change will be lost. Thanks! Tony > > Matt > -- > Matthew Booth > Red Hat OpenStack Engineer, Compute DFG > > Phone: +442070094448 (UK) _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
