[placement][nova][ptg] Protecting driver-provided traits

Eric Fried openstack at fried.cc
Thu Apr 11 14:58:24 UTC 2019

> be worth considering tweaking the placement API so that only the driver
> can set/unset traits which it owns?

This would entail placement tracking some kind of "owner" attribute
(ahem, metadata) on traits. Or maintaining a list of driver-owned traits
per resource provider. Or <your idea here>. And then a way to establish
a different identity/policy for the virt driver than for the admin. And
then a way for the admin to override that anyway because stuff happens.

That ^, IMO, is the "more work than benefit" I led with. Happy to be
convinced otherwise if there's a (*much*) simpler way to achieve the
desired goal.

> Although perhaps it would be better to at least spend 5
> minutes finding a good place in the docs to insert the Venn diagram:
>    https://pasteboard.co/I3iqqNm.jpg

Yes please. Bottom of [1] seems like the right place.

But for heaven's sake, don't violate my privacy [2].



More information about the openstack-discuss mailing list