To provide a better deployer experience, let’s provide a tool that deployers can run to validate the state of a deployment and immediately receive comprehensive feedback on suggested changes with detailed explanations.
As upstream developers, operators, and summit attendees, many of us carry tribal knowledge of various aspects of configuration that we recommend to other deployers. We currently share that knowledge widely via documentation and blog posts, which not all operators read. We also log deprecation warnings at runtime.
Implement a new keystone-manage called doctor. keystone-manage doctor should diagnose issues with your deployment and make detailed recommendations to resolve any issues.
This command could be used to reveal security issues with a deployment.
End users are not be able to use keystone-manage (only deployers).
Running the command could place load on the keystone deployment, as it iterates through large datasets looking for issues.
Similar to release notes, developers and code reviewers will need to be aware of changes that should result in new checks that doctor should perform.
Operators should be made aware of the command’s availability via release notes and in openstack-manuals.