ovs-monitor-ipsec: Allow exit of ipsec daemon maintaining state.

When 'ovs-monitor-ipsec' exits, it clears all persistent state (i.e. active ipsec connections, /etc/ipsec.conf, certs/keys). In some use-cases, we may want to exit and maintain state so that ipsec connectivity is maintained. One example of this is during an upgrade. This will require the caller to clear this persistent state when appropriate (e.g. before 'ovs-monitor-ipsec') is restarted. Signed-off-by: Mark Gray <mark.d.gray@redhat.com> Acked-by: Eelco Chaudron <echaudro@redhat.com> Acked-by: Flavio Leitner <fbl@sysclose.org> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
author: Mark Gray <mark.d.gray@redhat.com> 2021-01-05 17:53:40 -0500
committer: Ilya Maximets <i.maximets@ovn.org> 2021-01-06 12:03:04 +0100
commit: aa8bed0986f3a5b48ba85d519ef75128ef1d32ca (patch)
tree: bbba533bf175e50dc13c8b03bbed81400be56f5c /ipsec
parent: 409c35a2f17125f9357002f2059c78fdbdcda4d6 (diff)
download: openvswitch-aa8bed0986f3a5b48ba85d519ef75128ef1d32ca.tar.gz
1 files changed, 21 insertions, 9 deletions
diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in
index f9451e53c..6d12cd8d2 100755
--- a/ipsec/ovs-monitor-ipsec.in
+++ b/ipsec/ovs-monitor-ipsec.in
@@ -1150,19 +1150,30 @@ def unixctl_refresh(conn, unused_argv, unused_aux):
     conn.reply(None)
 
 
-def unixctl_exit(conn, unused_argv, unused_aux):
+def unixctl_exit(conn, argv, unused_aux):
     global monitor
     global exiting
+    ret = None
     exiting = True
+    cleanup = True
 
-    # Make sure persistent global states are cleared
-    monitor.update_conf([None, None, None, None], None)
-    # Make sure persistent tunnel states are cleared
-    for tunnel in monitor.tunnels.keys():
-        monitor.del_tunnel(tunnel)
-    monitor.run()
+    for arg in argv:
+        if arg == "--no-cleanup":
+            cleanup = False
+        else:
+            cleanup = False
+            exiting = False
+            ret = str("unrecognized parameter: %s" % arg)
+
+    if cleanup:
+        # Make sure persistent global states are cleared
+        monitor.update_conf([None, None, None, None], None)
+        # Make sure persistent tunnel states are cleared
+        for tunnel in monitor.tunnels.keys():
+            monitor.del_tunnel(tunnel)
+        monitor.run()
 
-    conn.reply(None)
+    conn.reply(ret)
 
 
 def main():
@@ -1208,7 +1219,8 @@ def main():
     ovs.unixctl.command_register("tunnels/show", "", 0, 0,
                                  unixctl_show, None)
     ovs.unixctl.command_register("refresh", "", 0, 0, unixctl_refresh, None)
-    ovs.unixctl.command_register("exit", "", 0, 0, unixctl_exit, None)
+    ovs.unixctl.command_register("exit", "[--no-cleanup]", 0, 1,
+                                 unixctl_exit, None)
 
     error, unixctl_server = ovs.unixctl.server.UnixctlServer.create(None)
     if error:
author	Mark Gray <mark.d.gray@redhat.com>	2021-01-05 17:53:40 -0500
committer	Ilya Maximets <i.maximets@ovn.org>	2021-01-06 12:03:04 +0100
commit	aa8bed0986f3a5b48ba85d519ef75128ef1d32ca (patch)
tree	bbba533bf175e50dc13c8b03bbed81400be56f5c /ipsec
parent	409c35a2f17125f9357002f2059c78fdbdcda4d6 (diff)
download	openvswitch-aa8bed0986f3a5b48ba85d519ef75128ef1d32ca.tar.gz