On Fri, 21 Aug 2020 at 20:40, Tony Liu <tonyliu0...@hotmail.com> wrote: > > Hi, > > The ovsdb-server UNIX socket permission is 0750. It works > fine for OVS services, like ovs-vswitchd and ovn-controller > who run as root. > > When integrate with OpenStack, neutron-ovn-metadata-agent > running as user "neutron" needs to connect to ovsdb-server. > TCP connection works fine. But, since it's local connection, > it would be better to use UNIX socket to get better performance > and avoid inactivity probe.
Are you still using RAFT? If so I think you must connect to all tcp endpoints, or leader-only operations will execute on the wrong node. I know that locking specifically doesn't work unless all clients pick the same node to lock on, which means they must all be connected to all nodes. > So, is there any option for ovsdb-server to create UNIX socket > with permission 0777? Or any better option for the agent to > connect to UNIX socket? Assuming you're not using RAFT, can you workaround by just chowning it? Matt -- Matthew Booth Red Hat OpenStack Engineer, Compute DFG Phone: +442070094448 (UK) _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
