diff options
author | Mark Gray <mark.d.gray@redhat.com> | 2021-01-05 17:53:40 -0500 |
---|---|---|
committer | Ilya Maximets <i.maximets@ovn.org> | 2021-01-06 12:03:04 +0100 |
commit | aa8bed0986f3a5b48ba85d519ef75128ef1d32ca (patch) | |
tree | bbba533bf175e50dc13c8b03bbed81400be56f5c /ipsec | |
parent | 409c35a2f17125f9357002f2059c78fdbdcda4d6 (diff) | |
download | openvswitch-aa8bed0986f3a5b48ba85d519ef75128ef1d32ca.tar.gz |
ovs-monitor-ipsec: Allow exit of ipsec daemon maintaining state.
When 'ovs-monitor-ipsec' exits, it clears all persistent state (i.e.
active ipsec connections, /etc/ipsec.conf, certs/keys). In some
use-cases, we may want to exit and maintain state so that ipsec
connectivity is maintained. One example of this is during an
upgrade. This will require the caller to clear this persistent
state when appropriate (e.g. before 'ovs-monitor-ipsec') is restarted.
Signed-off-by: Mark Gray <mark.d.gray@redhat.com>
Acked-by: Eelco Chaudron <echaudro@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Diffstat (limited to 'ipsec')
-rwxr-xr-x | ipsec/ovs-monitor-ipsec.in | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in index f9451e53c..6d12cd8d2 100755 --- a/ipsec/ovs-monitor-ipsec.in +++ b/ipsec/ovs-monitor-ipsec.in @@ -1150,19 +1150,30 @@ def unixctl_refresh(conn, unused_argv, unused_aux): conn.reply(None) -def unixctl_exit(conn, unused_argv, unused_aux): +def unixctl_exit(conn, argv, unused_aux): global monitor global exiting + ret = None exiting = True + cleanup = True - # Make sure persistent global states are cleared - monitor.update_conf([None, None, None, None], None) - # Make sure persistent tunnel states are cleared - for tunnel in monitor.tunnels.keys(): - monitor.del_tunnel(tunnel) - monitor.run() + for arg in argv: + if arg == "--no-cleanup": + cleanup = False + else: + cleanup = False + exiting = False + ret = str("unrecognized parameter: %s" % arg) + + if cleanup: + # Make sure persistent global states are cleared + monitor.update_conf([None, None, None, None], None) + # Make sure persistent tunnel states are cleared + for tunnel in monitor.tunnels.keys(): + monitor.del_tunnel(tunnel) + monitor.run() - conn.reply(None) + conn.reply(ret) def main(): @@ -1208,7 +1219,8 @@ def main(): ovs.unixctl.command_register("tunnels/show", "", 0, 0, unixctl_show, None) ovs.unixctl.command_register("refresh", "", 0, 0, unixctl_refresh, None) - ovs.unixctl.command_register("exit", "", 0, 0, unixctl_exit, None) + ovs.unixctl.command_register("exit", "[--no-cleanup]", 0, 1, + unixctl_exit, None) error, unixctl_server = ovs.unixctl.server.UnixctlServer.create(None) if error: |