devstack/lib/neutron_plugins/services/vpn

# Neutron VPN plugin
# ---------------------------

# Save trace setting
VPN_XTRACE=$(set +o | grep xtrace)
set +o xtrace


AGENT_VPN_BINARY="$NEUTRON_BIN_DIR/neutron-vpn-agent"
VPN_PLUGIN=${VPN_PLUGIN:-"neutron_vpnaas.services.vpn.plugin.VPNDriverPlugin"}
IPSEC_PACKAGE=${IPSEC_PACKAGE:-"openswan"}

function neutron_vpn_install_agent_packages {
    install_package $IPSEC_PACKAGE
    if is_ubuntu && [[ "$IPSEC_PACKAGE" == "strongswan" ]]; then
        sudo ln -sf /etc/apparmor.d/usr.lib.ipsec.charon /etc/apparmor.d/disable/
        sudo ln -sf /etc/apparmor.d/usr.lib.ipsec.stroke /etc/apparmor.d/disable/
        # NOTE: Due to https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1387220
        # one must use 'sudo start apparmor ACTION=reload' for Ubuntu 14.10
        restart_service apparmor
    fi
}

function neutron_vpn_configure_common {
    _neutron_service_plugin_class_add $VPN_PLUGIN
    _neutron_deploy_rootwrap_filters $NEUTRON_VPNAAS_DIR
}

function neutron_vpn_configure_agent {
    cp $NEUTRON_VPNAAS_DIR/etc/vpn_agent.ini $Q_VPN_CONF_FILE
    if [[ "$IPSEC_PACKAGE" == "strongswan" ]]; then
        iniset_multiline $Q_VPN_CONF_FILE vpnagent vpn_device_driver neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver
        if is_fedora; then
            iniset $Q_VPN_CONF_FILE strongswan default_config_area /usr/share/strongswan/templates/config/strongswan.d
        fi
    else
        iniset_multiline $Q_VPN_CONF_FILE vpnagent vpn_device_driver neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver
    fi
}

function neutron_vpn_stop {
    local ipsec_data_dir=$DATA_DIR/neutron/ipsec
    local pids
    if [ -d $ipsec_data_dir ]; then
        pids=$(find $ipsec_data_dir -name 'pluto.pid' -exec cat {} \;)
    fi
    if [ -n "$pids" ]; then
        sudo kill $pids
    fi
    stop_process q-vpn
}

# Restore xtrace
$VPN_XTRACE