mir/ovs
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-08-22 01:51:26 +00:00
Code Issues Releases Wiki Activity
ovs/rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template
Ilya Maximets e67f317ef1 ovs-ctl: Fix inability to set custom options for ovs-monitor-ipsec. 
Commit in the fixes tag added support for using custom ipsec.conf with
ovs-monitor-ipsec, but it didn't provide a way to use those options
via ovs-ctl.  This makes it not possible to use these options from a
systemd unit, for example.

Fix that by adding --ovs-monitor-ipsec-options knob to ovs-ctl and
allowing OPTIONS to be passed via sysconfig.

Our Debian units are using StrongSwan, so they do not need these
Libreswan-specific options, however, it's better to keep systemd
integration similar to Fedora/RHEL.  There is at least one other
option that can be used with StrongSwan.

Only the Debian init file is updated, because we don't have IPsec
support for init in Fedora/RHEL.

There is a line length warning in the example, but it's hard to split
it into multiple lines, and I think, it's a good configuration example
to provide.

Fixes: 09d7c5ac0054 ("ipsec: Add support for using non-root ipsec.conf.")
Acked-by: Frode Nordahl <fnordahl@ubuntu.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2025-01-16 13:54:30 +01:00

35 lines
1.1 KiB
Plaintext
Raw Permalink Blame History

### Configuration options for openvswitch
#
# Enable core files.
# This option should be set to "yes" or "no". The default is "yes".
# --force-corefiles=yes
#
# Set "nice" priority at which to run ovsdb-server:
# --ovsdb-server-priority=-10
#
# Set "nice" priority at which to run ovsdb-vswitchd:
# --ovs-vswitchd-priority=-10
#
# Pass or not --mlockall option to ovs-vswitchd.
# This option should be set to "yes" or "no". The default is "yes".
# Enabling this option can avoid networking interruptions due to
# system memory pressure in extraordinary situations, such as multiple
# concurrent VM import operations.
# --mlockall=yes
#
# Use valgrind:
# --ovs-vswitchd-wrapper=valgrind
# --ovsdb-server-wrapper=valgrind
#
# Specify additional options, for example to start with debug logs:
# --ovs-vswitchd-options='-vconsole:dbg -vfile:dbg'
# --ovsdb-server-options='-vconsole:dbg -vfile:dbg'
#
# Or to start with non-root IPsec config file:
# --ovs-monitor-ipsec-options='--ipsec-conf=/etc/ipsec.d/ovs.conf --root-ipsec-conf=/etc/ipsec.conf'
#
OPTIONS=""
# Uncomment and set the OVS User/Group value
#OVS_USER_ID="openvswitch:openvswitch"
Reference in New Issue View Git Blame Copy Permalink