+def update_ipsec(ipsec, interfaces, new_interfaces):
+ for name, vals in interfaces.iteritems():
+ if name not in new_interfaces:
+ ipsec.del_entry(vals["local_ip"], vals["remote_ip"])
+
+ for name, vals in new_interfaces.iteritems():
+ orig_vals = interfaces.get(name)
+ if orig_vals:
+ # Configuration for this host already exists. Check if it's
+ # changed.
+ if vals == orig_vals:
+ continue
+ else:
+ ipsec.del_entry(vals["local_ip"], vals["remote_ip"])
+
+ try:
+ ipsec.add_entry(vals["local_ip"], vals["remote_ip"], vals)
+ except error.Error, msg:
+ vlog.warn("skipping ipsec config for %s: %s" % (name, msg))
+
+
+def get_ssl_cert(data):
+ for ovs_rec in data["Open_vSwitch"].rows.itervalues():
+ if ovs_rec.ssl:
+ ssl = ovs_rec.ssl[0]
+ if ssl.certificate and ssl.private_key:
+ return (ssl.certificate, ssl.private_key)
+
+ return None
+
+
+def main():
+
+ parser = argparse.ArgumentParser()
+ parser.add_argument("database", metavar="DATABASE",
+ help="A socket on which ovsdb-server is listening.")
+ parser.add_argument("--root-prefix", metavar="DIR",
+ help="Use DIR as alternate root directory"
+ " (for testing).")
+
+ ovs.vlog.add_args(parser)
+ ovs.daemon.add_args(parser)
+ args = parser.parse_args()
+ ovs.vlog.handle_args(args)
+ ovs.daemon.handle_args(args)
+
+ global root_prefix
+ if args.root_prefix:
+ root_prefix = args.root_prefix
+
+ remote = args.database
+ schema_file = "%s/vswitch.ovsschema" % ovs.dirs.PKGDATADIR
+ schema = ovs.db.schema.DbSchema.from_json(ovs.json.from_file(schema_file))
+ prune_schema(schema)
+ idl = ovs.db.idl.Idl(remote, schema)