On Thu, Dec 01, 2016 at 09:03:30AM -0500, John Trowbridge wrote: > 1. Doing tasks as root on the virthost makes clean up trickier. With the > current model, deleting the non-root quickstart user cleans up almost > everything. By keeping all of the root privilege tasks in the provision > and environment roles, it is much easier to reason about the few things > that do not get cleaned up when deleting the quickstart user. If we > start allowing root privilege tasks in the libvirt role, this will be > harder. > > 2. Theoretically, (I have not actually heard anyone actually doing > this), someone could set up a virthost for use by quickstart, and > then...
The particular use case that inspired the current architecture was the
situation in which people did not want a random script from the
internet running with privileges on their system.
The existing model means that you can manually configure a host for
use by quickstart (installing libvirt, creating the necessary bridges
devices and permissions, etc), and then use quickstart exclusively as
a non-root user.
This is really nice for a number of reasons. For example, I often
have multiple quickstart-provisioned environments on my virt host,
each associated with a particular user. Being able to run everything
as a non-root user means that it's easy to keep these separate, and
that I won't accidentally break one environment because of a typo or
something (because my "master tripleo" user is not able to modify the
environment of my "rdo release" user).
--
Lars Kellogg-Stedman <l...@redhat.com> | larsks @ {freenode,twitter,github}
Cloud Engineering / OpenStack | http://blog.oddbit.com/
signature.asc
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
