Currently, if openvswitch-ipsec service will die for any reason, it will not be restarted. At the same time, that will prevent updating tunnel configuration and prohibit adding new nodes in OVN clusters, for example.
Add the 'on-failure' restart policy, so it behaves the same as all other OVS daemons. Signed-off-by: Ilya Maximets <[email protected]> --- debian/openvswitch-ipsec.service | 1 + rhel/usr_lib_systemd_system_openvswitch-ipsec.service | 1 + 2 files changed, 2 insertions(+) diff --git a/debian/openvswitch-ipsec.service b/debian/openvswitch-ipsec.service index dfb1e50d9..51b9b315a 100644 --- a/debian/openvswitch-ipsec.service +++ b/debian/openvswitch-ipsec.service @@ -6,6 +6,7 @@ After=openvswitch-switch.service [Service] Type=forking PIDFile=/run/openvswitch/ovs-monitor-ipsec.pid +Restart=on-failure ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-monitor \ --ike-daemon=strongswan start-ovs-ipsec ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec diff --git a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service index 88a509662..a4bf475d0 100644 --- a/rhel/usr_lib_systemd_system_openvswitch-ipsec.service +++ b/rhel/usr_lib_systemd_system_openvswitch-ipsec.service @@ -6,6 +6,7 @@ After=openvswitch.service [Service] Type=forking PIDFile=/run/openvswitch/ovs-monitor-ipsec.pid +Restart=on-failure ExecStart=/usr/share/openvswitch/scripts/ovs-ctl --no-monitor \ --ike-daemon=libreswan start-ovs-ipsec ExecStop=/usr/share/openvswitch/scripts/ovs-ctl stop-ovs-ipsec -- 2.47.0 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
