From 69b3ff63e4eac221b20607af754f4bcea1478bea Mon Sep 17 00:00:00 2001
From: Nachi Ueno <nachi@ntti3.com>
Date: Fri, 7 Jun 2013 10:28:33 -0700
Subject: [PATCH] Add Support for OpenStack Networking VPNaaS (IPSec)

Change-Id: I3e5c618237531452c8649d10ef1eb6284919fa31
---
 lib/neutron                      | 19 ++++++++++++++++++-
 lib/neutron_plugins/services/vpn | 29 +++++++++++++++++++++++++++++
 2 files changed, 47 insertions(+), 1 deletion(-)
 create mode 100644 lib/neutron_plugins/services/vpn

diff --git a/lib/neutron b/lib/neutron
index c28bd28fb0..425fb3c003 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -202,6 +202,11 @@ source $TOP_DIR/lib/neutron_plugins/$Q_PLUGIN
 # Hardcoding for 1 service plugin for now
 source $TOP_DIR/lib/neutron_plugins/services/loadbalancer
 
+# VPN service plugin functions
+# -------------------------------------------
+# Hardcoding for 1 service plugin for now
+source $TOP_DIR/lib/neutron_plugins/services/vpn
+
 # Use security group or not
 if has_neutron_plugin_security_group; then
     Q_USE_SECGROUP=${Q_USE_SECGROUP:-True}
@@ -222,6 +227,9 @@ function configure_neutron() {
     if is_service_enabled q-lbaas; then
         _configure_neutron_lbaas
     fi
+    if is_service_enabled q-vpn; then
+        _configure_neutron_vpn
+    fi
     if is_service_enabled q-svc; then
         _configure_neutron_service
     fi
@@ -248,6 +256,7 @@ function create_nova_conf_neutron() {
     iniset $NOVA_CONF DEFAULT quantum_admin_auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v2.0"
     iniset $NOVA_CONF DEFAULT quantum_auth_strategy "$Q_AUTH_STRATEGY"
     iniset $NOVA_CONF DEFAULT quantum_admin_tenant_name "$SERVICE_TENANT_NAME"
+    iniset $NOVA_CONF DEFAULT quantum_region_name "RegionOne"
     iniset $NOVA_CONF DEFAULT quantum_url "http://$Q_HOST:$Q_PORT"
 
     if [[ "$Q_USE_SECGROUP" == "True" ]]; then
@@ -536,7 +545,8 @@ function _configure_neutron_l3_agent() {
     Q_L3_ENABLED=True
     # for l3-agent, only use per tenant router if we have namespaces
     Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE
-    AGENT_L3_BINARY="$NEUTRON_BIN_DIR/neutron-l3-agent"
+
+    AGENT_L3_BINARY=${AGENT_L3_BINARY:-"$NEUTRON_BIN_DIR/neutron-l3-agent"}
     Q_L3_CONF_FILE=$NEUTRON_CONF_DIR/l3_agent.ini
 
     cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE
@@ -571,6 +581,13 @@ function _configure_neutron_lbaas() {
     neutron_agent_lbaas_configure_agent
 }
 
+function _configure_neutron_vpn()
+{
+    neutron_vpn_install_agent_packages
+    neutron_vpn_configure_common
+    neutron_vpn_configure_agent
+}
+
 # _configure_neutron_plugin_agent() - Set config files for neutron plugin agent
 # It is called when q-agt is enabled.
 function _configure_neutron_plugin_agent() {
diff --git a/lib/neutron_plugins/services/vpn b/lib/neutron_plugins/services/vpn
new file mode 100644
index 0000000000..3c030c5f42
--- /dev/null
+++ b/lib/neutron_plugins/services/vpn
@@ -0,0 +1,29 @@
+# Neutron VPN plugin
+# ---------------------------
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+VPN_BINARY="$NEUTRON_DIR/bin/neutron-vpn-agent"
+VPN_PLUGIN="neutron.services.vpn.plugin.VPNDriverPlugin"
+
+function neutron_vpn_install_agent_packages() {
+    install_package strongswan
+}
+
+function neutron_vpn_configure_common() {
+    if [[ $Q_SERVICE_PLUGIN_CLASSES == '' ]]; then
+        Q_SERVICE_PLUGIN_CLASSES=$VPN_PLUGIN
+    else
+        Q_SERVICE_PLUGIN_CLASSES="$Q_SERVICE_PLUGIN_CLASSES,$VPN_PLUGIN"
+    fi
+}
+
+function neutron_vpn_configure_agent() {
+    AGENT_L3_BINARY="$NEUTRON_DIR/bin/neutron-vpn-agent"
+}
+
+# Restore xtrace
+$MY_XTRACE