{"id":2003667,"url":"http://patchwork.ozlabs.org/api/patches/2003667/?format=json","web_url":"http://patchwork.ozlabs.org/project/openvswitch/patch/20241029101608.2991596-7-i.maximets@ovn.org/","project":{"id":47,"url":"http://patchwork.ozlabs.org/api/projects/47/?format=json","name":"Open vSwitch","link_name":"openvswitch","list_id":"ovs-dev.openvswitch.org","list_email":"ovs-dev@openvswitch.org","web_url":"http://openvswitch.org/","scm_url":"git@github.com:openvswitch/ovs.git","webscm_url":"https://github.com/openvswitch/ovs","list_archive_url":"","list_archive_url_format":"","commit_url_format":""},"msgid":"<20241029101608.2991596-7-i.maximets@ovn.org>","list_archive_url":null,"date":"2024-10-29T10:15:04","name":"[ovs-dev,6/9] ipsec: Make command timeout configurable.","commit_ref":null,"pull_url":null,"state":"changes-requested","archived":false,"hash":"978aeefa3ed59664592ea800a6f981ccfd9595fc","submitter":{"id":76798,"url":"http://patchwork.ozlabs.org/api/people/76798/?format=json","name":"Ilya Maximets","email":"i.maximets@ovn.org"},"delegate":null,"mbox":"http://patchwork.ozlabs.org/project/openvswitch/patch/20241029101608.2991596-7-i.maximets@ovn.org/mbox/","series":[{"id":430270,"url":"http://patchwork.ozlabs.org/api/series/430270/?format=json","web_url":"http://patchwork.ozlabs.org/project/openvswitch/list/?series=430270","date":"2024-10-29T10:14:58","name":"ipsec: Resiliency to Libreswan failures.","version":1,"mbox":"http://patchwork.ozlabs.org/series/430270/mbox/"}],"comments":"http://patchwork.ozlabs.org/api/patches/2003667/comments/","check":"success","checks":"http://patchwork.ozlabs.org/api/patches/2003667/checks/","tags":{},"related":[],"headers":{"Return-Path":"<ovs-dev-bounces@openvswitch.org>","X-Original-To":["incoming@patchwork.ozlabs.org","ovs-dev@openvswitch.org"],"Delivered-To":["patchwork-incoming@legolas.ozlabs.org","ovs-dev@lists.linuxfoundation.org"],"Authentication-Results":["legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org\n (client-ip=140.211.166.138; helo=smtp1.osuosl.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org)","smtp3.osuosl.org;\n dmarc=none (p=none dis=none) header.from=ovn.org"],"Received":["from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4Xd5lN3NJFz1xwn\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 29 Oct 2024 21:16:48 +1100 (AEDT)","from localhost (localhost [127.0.0.1])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id 82B4F81357;\n\tTue, 29 Oct 2024 10:16:46 +0000 (UTC)","from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id l1YdIbum_Xyg; Tue, 29 Oct 2024 10:16:43 +0000 (UTC)","from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])\n\tby smtp1.osuosl.org (Postfix) with ESMTPS id 6F53381398;\n\tTue, 29 Oct 2024 10:16:40 +0000 (UTC)","from lf-lists.osuosl.org (localhost [127.0.0.1])\n\tby lists.linuxfoundation.org (Postfix) with ESMTP id 993A4C08A6;\n\tTue, 29 Oct 2024 10:16:40 +0000 (UTC)","from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136])\n by lists.linuxfoundation.org (Postfix) with ESMTP id 1D2A6C08A9\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 10:16:39 +0000 (UTC)","from localhost (localhost [127.0.0.1])\n by smtp3.osuosl.org (Postfix) with ESMTP id 1F29960D5A\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 10:16:30 +0000 (UTC)","from smtp3.osuosl.org ([127.0.0.1])\n by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id SBIqh_cGKwLi for <ovs-dev@openvswitch.org>;\n Tue, 29 Oct 2024 10:16:29 +0000 (UTC)","from mail-wm1-f67.google.com (mail-wm1-f67.google.com\n [209.85.128.67])\n by smtp3.osuosl.org (Postfix) with ESMTPS id ECEE760D4E\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 10:16:28 +0000 (UTC)","by mail-wm1-f67.google.com with SMTP id\n 5b1f17b1804b1-4315e62afe0so54646745e9.1\n for <ovs-dev@openvswitch.org>; Tue, 29 Oct 2024 03:16:28 -0700 (PDT)","from im-t490s.redhat.com (ip-86-49-44-151.bb.vodafone.cz.\n [86.49.44.151]) by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-431b4594ec3sm20279685e9.1.2024.10.29.03.16.26\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Tue, 29 Oct 2024 03:16:26 -0700 (PDT)"],"X-Virus-Scanned":["amavis at osuosl.org","amavis at osuosl.org"],"X-Comment":"SPF check N/A for local connections - client-ip=140.211.9.56;\n helo=lists.linuxfoundation.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN> ","DKIM-Filter":["OpenDKIM Filter v2.11.0 smtp1.osuosl.org 6F53381398","OpenDKIM Filter v2.11.0 smtp3.osuosl.org ECEE760D4E"],"Received-SPF":"Pass (mailfrom) identity=mailfrom; client-ip=209.85.128.67;\n helo=mail-wm1-f67.google.com; envelope-from=i.maximets.ovn@gmail.com;\n receiver=<UNKNOWN>","DMARC-Filter":"OpenDMARC Filter v1.4.2 smtp3.osuosl.org ECEE760D4E","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20230601; t=1730196987; x=1730801787;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc\n :subject:date:message-id:reply-to;\n bh=PFSGRtxaqrBEsIz4+N1CsbhK2kmPw0W1sbAnOLkfGxw=;\n b=KvCdy7qWrPjb4OJOD5rYVla7f3CxSDnfAcMNmtwwb0q1DJXVcM+p4IeAEVaHkYyKFI\n M9ofbb4FlPKj/HMKQZOnVkPZGZ3Joic2C1HYCveebpqsNvWi92reSgdex8qq3og3pfzx\n K5FLiDYJdXQ198OcXbKG6pzBED6Ws2mNhI9C3pZTCbB+ohZ+Y639Run/+5Ak3xwJ4FQj\n kb980UO86VIsX4n51qIV/AnFXiXLw/2Qm0xYD7990HKLgA48m8s3E6iYpZQsoHSrbB4Y\n tT7jvTzFHtjpdNRYp+aUbkT6jfWa9AklmsGTi5ryjLq4BNJcdDGwzVBwRgxH/sEasHfx\n GcQA==","X-Gm-Message-State":"AOJu0Yzj5t3lDZZ3+zJzDAEtW7BZSWBJUNdnWoWJiip3XgiifnGnzFur\n WKeDrV8Lc0jJP+b3dA52/aGg2/AwtxUIqrX5mM/JpkaeYIpfzETDD/GNdkoo","X-Google-Smtp-Source":"\n AGHT+IGHliLzc58i6NAL7an1FcjAB0+BLesZH2IWqAPzUbcMLoOUgDRAx5t9OMCcWGYlKAPdHvnb3g==","X-Received":"by 2002:a05:600c:4e46:b0:430:52ec:1e2b with SMTP id\n 5b1f17b1804b1-4319ad2b89emr105838045e9.29.1730196986614;\n Tue, 29 Oct 2024 03:16:26 -0700 (PDT)","From":"Ilya Maximets <i.maximets@ovn.org>","To":"ovs-dev@openvswitch.org","Date":"Tue, 29 Oct 2024 11:15:04 +0100","Message-ID":"<20241029101608.2991596-7-i.maximets@ovn.org>","X-Mailer":"git-send-email 2.46.0","In-Reply-To":"<20241029101608.2991596-1-i.maximets@ovn.org>","References":"<20241029101608.2991596-1-i.maximets@ovn.org>","MIME-Version":"1.0","Subject":"[ovs-dev] [PATCH 6/9] ipsec: Make command timeout configurable.","X-BeenThere":"ovs-dev@openvswitch.org","X-Mailman-Version":"2.1.30","Precedence":"list","List-Id":"<ovs-dev.openvswitch.org>","List-Unsubscribe":"<https://mail.openvswitch.org/mailman/options/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>","List-Archive":"<http://mail.openvswitch.org/pipermail/ovs-dev/>","List-Post":"<mailto:ovs-dev@openvswitch.org>","List-Help":"<mailto:ovs-dev-request@openvswitch.org?subject=help>","List-Subscribe":"<https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,\n <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>","Cc":"Ilya Maximets <i.maximets@ovn.org>","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"ovs-dev-bounces@openvswitch.org","Sender":"\"dev\" <ovs-dev-bounces@openvswitch.org>"},"content":"Add a new command line option --command-timeout that controls the\ncommand timeout.  It is important to have this configurable, because\nthe retransmit-timeout is configurable in Libreswan.  Also, users\nmay prefer the monitor to be more responsive.\n\novs-monitor-ipsec options are not documented anywhere, so not\ntrying to address that here.\n\nSigned-off-by: Ilya Maximets <i.maximets@ovn.org>\n---\n ipsec/ovs-monitor-ipsec.in | 9 ++++++++-\n 1 file changed, 8 insertions(+), 1 deletion(-)","diff":"diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in\nindex 264b055e6..2912075d7 100755\n--- a/ipsec/ovs-monitor-ipsec.in\n+++ b/ipsec/ovs-monitor-ipsec.in\n@@ -82,6 +82,7 @@ vlog = ovs.vlog.Vlog(\"ovs-monitor-ipsec\")\n exiting = False\n monitor = None\n xfrm = None\n+command_timeout = None\n TIEMOUT_EXPIRED = 37\n \n \n@@ -96,7 +97,7 @@ def run_command(args, description=None):\n     proc = subprocess.Popen(args, stdout=subprocess.PIPE,\n                             stderr=subprocess.PIPE)\n     try:\n-        pout, perr = proc.communicate(timeout=120)\n+        pout, perr = proc.communicate(timeout=command_timeout)\n         ret = proc.returncode\n     except subprocess.TimeoutExpired:\n         vlog.warn(\"Command timed out trying to %s.\" % description)\n@@ -1380,6 +1381,10 @@ def main():\n     parser.add_argument(\"--ipsec-ctl\", metavar=\"IPSEC-CTL\",\n                         help=\"Use DIR/IPSEC-CTL as location for \"\n                         \" pluto ctl socket (libreswan only).\")\n+    parser.add_argument(\"--command-timeout\", metavar=\"TIMEOUT\",\n+                        type=int, default=120,\n+                        help=\"Timeout for external commands called by the \"\n+                        \"ovs-monitor-ipsec daemon, e.g. ipsec --start.\")\n \n     ovs.vlog.add_args(parser)\n     ovs.daemon.add_args(parser)\n@@ -1389,11 +1394,13 @@ def main():\n \n     global monitor\n     global xfrm\n+    global command_timeout\n \n     root_prefix = args.root_prefix if args.root_prefix else \"\"\n     xfrm = XFRM(root_prefix)\n     monitor = IPsecMonitor(root_prefix, args.ike_daemon,\n                            not args.no_restart_ike_daemon, args)\n+    command_timeout = args.command_timeout\n \n     remote = args.database\n     schema_helper = ovs.db.idl.SchemaHelper()\n","prefixes":["ovs-dev","6/9"]}