[openstack-dev] [neutron] Runtime checks vs Sanity checks
Miguel Angel Ajo Pelayo
mangelajo at redhat.com
Mon Aug 25 07:22:52 UTC 2014
In spite of my +1 I actually agree. I had forgotten about the sanity
check framework. We put it in place to avoid an excessive (and
growing) amount of checks to be done in runtime.
In this case several agents need would be doing the same check.
We should do things either one way or another, but not mixed.
In this case, the check would require a privilege drop to be done:
(probably could be done by using a root_helper=
"su - %(neutron_user)s %(root_helper)s")
----- Original Message -----
> Kevin Benton has proposed adding a runtime check for netns permission
> There seems to be consensus on the patch that this is something that we want
> to do at runtime, but that would seem to run counter to the precedent that
> host-specific issues such as this one be considered a deployment-time
> responsibility. The addition of the sanity check framework would seem to
> support the latter case:
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
More information about the OpenStack-dev