Let StrongswanManager check connections periodically

Signed-off-by: yanjianbo <[email protected]>
FabEdge · Oct 24, 2023 · 5dfd42c · 5dfd42c
1 parent cf649f7
commit 5dfd42c
Showing 1 changed file with 29 additions and 0 deletions.
diff --git a/pkg/tunnel/strongswan/strongswan.go b/pkg/tunnel/strongswan/strongswan.go
@@ -23,6 +23,7 @@ import (
 	"strconv"
 	"strings"
 	"sync"
+	"time"
 
 	"github.com/strongswan/govici/vici"
 	"k8s.io/apimachinery/pkg/util/sets"
@@ -96,6 +97,13 @@ func New(opts ...option) (*StrongSwanManager, error) {
 		opt(manager)
 	}
 
+	go func() {
+		for {
+			manager.checkConnections()
+			time.Sleep(5 * time.Second)
+		}
+	}()
+
 	return manager, nil
 }
 
@@ -415,6 +423,27 @@ func (m StrongSwanManager) UnloadConn(name string) error {
 	return m.terminateSA(name)
 }
 
+// checkConnections will remove any in-memory connection from manager if
+// its counterpart does not exist in strongswan, this will keep StrongswanManager
+// keep in sync with strongswan in a certain extent
+func (m StrongSwanManager) checkConnections() {
+	names, err := m.ListConnNames()
+	// If error happens, skip checking this time. Normally list-conns won't return error,
+	// unless strongswan is not running
+	if err != nil {
+		return
+	}
+	nameSet := sets.NewString(names...)
+
+	m.mu.Lock()
+	m.mu.Unlock()
+	for name := range m.connectionByName {
+		if !nameSet.Has(name) {
+			delete(m.connectionByName, name)
+		}
+	}
+}
+
 func (m StrongSwanManager) do(fn func(session *vici.Session) error) error {
 	session, err := vici.NewSession(vici.WithSocketPath(m.socketPath))
 	if err != nil {