[openstack-dev] [Neutron] minimal device driver for VPN
Julio Carlos Barrera Juez
juliocarlos.barrera at i2cat.net
Fri Jul 18 06:30:51 UTC 2014
Is there any documentation about these RPC messages? Or de we need to use
examples as guide?
Once again, thank you Paul.
<http://dana.i2cat.net> <http://www.i2cat.net/en>
Julio C. Barrera Juez [image: View my profile on LinkedIn]
<http://es.linkedin.com/in/jcbarrera/en>
Office phone: (+34) 93 357 99 27 (ext. 527)
Office mobile phone: (+34) 625 66 77 26
Distributed Applications and Networks Area (DANA)
i2CAT Foundation, Barcelona
On 17 July 2014 20:37, Paul Michali (pcm) <pcm at cisco.com> wrote:
> So you have your driver loading… great!
>
> The service driver will log in screen-q-*svc*.log, provided you have the
> service driver called out in neutron.conf (as the only one for VPN).
>
> Later, you’ll need the supporting RPC classes to send messages from
> service driver to device driver…
>
>
> Regards,
>
>
> PCM (Paul Michali)
>
> MAIL …..…. pcm at cisco.com
> IRC ……..… pcm_ (irc.freenode.com)
> TW ………... @pmichali
> GPG Key … 4525ECC253E31A83
> Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
>
>
>
> On Jul 17, 2014, at 2:18 PM, Julio Carlos Barrera Juez <
> juliocarlos.barrera at i2cat.net> wrote:
>
> We have followed your advices:
>
> - We created our fake device driver located in the same level as other
> device drivers
> (/opt/stack/neutron/neutron/services/vpn//device_drivers/fake_device_driver.py):
>
> import abc
> import six
>
> from neutron.openstack.common import log
> from neutron.services.vpn import device_drivers
>
>
> LOG = log.getLogger(__name__)
>
> @six.add_metaclass(abc.ABCMeta)
> class FakeDeviceDriver(device_drivers.DeviceDriver):
> '''
> classdocs
> '''
>
> def __init__(self, agent, host):
> pass
>
> def sync(self, context, processes):
> pass
>
> def create_router(self, process_id):
> pass
>
> def destroy_router(self, process_id):
> pass
>
>
> - Our service driver located in
> /opt/stack/neutron/neutron/services/vpn/service_drivers/fake_service_driver.py:
>
> from neutron.openstack.common import log
>
> LOG = log.getLogger(__name__)
>
> class FakeServiceDriver():
> '''
> classdocs
> '''
>
> def get_vpnservices(self, context, filters=None, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_vpnservice(self, context, vpnservice_id, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def create_vpnservice(self, context, vpnservice):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def update_vpnservice(self, context, vpnservice_id, vpnservice):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def delete_vpnservice(self, context, vpnservice_id):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_ipsec_site_connections(self, context, filters=None,
> fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_ipsec_site_connection(self, context,
> ipsecsite_conn_id, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_ikepolicy(self, context, ikepolicy_id, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_ikepolicies(self, context, filters=None, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def create_ikepolicy(self, context, ikepolicy):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def update_ikepolicy(self, context, ikepolicy_id, ikepolicy):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def delete_ikepolicy(self, context, ikepolicy_id):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_ipsecpolicies(self, context, filters=None, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def get_ipsecpolicy(self, context, ipsecpolicy_id, fields=None):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def create_ipsecpolicy(self, context, ipsecpolicy):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def update_ipsecpolicy(self, context, ipsecpolicy_id, ipsecpolicy):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
> def delete_ipsecpolicy(self, context, ipsecpolicy_id):
> LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
> pass
>
>
>
> - Our /etc/neutron/vpn_agent.ini:
>
> [DEFAULT]
> # VPN-Agent configuration file
> # Note vpn-agent inherits l3-agent, so you can use configs on l3-agent also
>
> [vpnagent]
> # vpn device drivers which vpn agent will use
> # If we want to use multiple drivers, we need to define this option
> multiple times.
> #
> vpn_device_driver=neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver
> #
> vpn_device_driver=neutron.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver
> # vpn_device_driver=another_driver
>
> # custom config
> # implementation location:
> /opt/stack/neutron/neutron/services/vpn//device_drivers/fake_device_driver.py
>
> vpn_device_driver=neutron.services.vpn.device_drivers.fake_device_driver.FakeDeviceDriver
>
> [ipsec]
> # Status check interval
> # ipsec_status_check_interval=60
>
>
> It seems now everything is working and q-vpn starts. In one line in his
> log we see:
>
> 2014-07-16 21:59:45.009 DEBUG neutron.openstack.common.service
> [req-fb6ed9ca-0e71-4783-804b-81ea34b16679 None None]
> service_providers.service_provider =
> ['VPN:fake_junos_vpnaas:neutron.services.vpn.service_drivers.fake_service_driver.FakeServiceDriver:default']
> from (pid=14423) log_opt_values
> /usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py:1988
>
> But now we don't know how to continue. We don't any of our logs in q-vpn
> when we execute commands like:
>
> neutron vpn-ipsecpolicy-create test-ike-policy
> neutron vpn-ikepolicy-list
> neutron vpn-service-list
>
> We don't see any error anyway.
>
> How we could proceed?
>
> Thank you.
>
> <http://dana.i2cat.net/> <http://www.i2cat.net/en>
> Julio C. Barrera Juez [image: View my profile on LinkedIn]
> <http://es.linkedin.com/in/jcbarrera/en>
> Office phone: (+34) 93 357 99 27 (ext. 527)
> Office mobile phone: (+34) 625 66 77 26
> Distributed Applications and Networks Area (DANA)
> i2CAT Foundation, Barcelona
>
>
> On 17 July 2014 14:18, Paul Michali (pcm) <pcm at cisco.com> wrote:
>
>> See line @PCM
>>
>>
>> PCM (Paul Michali)
>>
>> MAIL …..…. pcm at cisco.com
>> IRC ……..… pcm_ (irc.freenode.com)
>> TW ………... @pmichali
>> GPG Key … 4525ECC253E31A83
>> Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
>>
>>
>>
>> On Jul 17, 2014, at 6:32 AM, Julio Carlos Barrera Juez <
>> juliocarlos.barrera at i2cat.net> wrote:
>>
>> I have __init__.py in the directory. Sorry my code is not public, but I
>> can show you some contents, anyway is an experiment with no functional code.
>>
>>
>> @PCM Could you provide a patch with the files so we could patch it into a
>> local repo and try things? I’m assuming since it is an experiment with no
>> functional code that maybe there’s nothing proprietary? :)
>>
>>
>>
>>
>> My /etc/neutron/vpn_agent.ini:
>>
>>
>>
>>
>>
>>
>> [DEFAULT]
>> [vpnagent]
>> # implementation location: /opt/stack/neutron/neutron/services/vpn/junos_vpnaas/device_drivers/fake_device_driver.py
>> vpn_device_driver=neutron.services.vpn.junos_vpnaas.device_drivers.fake_device_driver.FakeDeviceDriver
>>
>>
>>
>>
>> @PCM Hmmm… Just a wild guess... I’m wondering if this is the issue. You
>> class would need to inherit from the base device driver class. Does your
>> fake_device_driver.py have the correct import paths? I say that, because
>> your hierarchy is different. For example, the layout currently is…
>>
>> neutron/services/vpn/ - plugin
>> neutron/services/vpn/device_drivers/ - reference and Cisco device drivers
>> neutron/services/vpn/service_drivers/ - reference and Cisco service
>> drivers
>>
>> Your hierarchy has another level…
>>
>> neutron/services/vpn/*junos_vpnaas*/device_drivers/
>>
>> I’m wondering if there is some import wrong. For example, the reference
>> device driver has:
>>
>> from neutron.services.vpn import device_drivers
>> …
>> @six.add_metaclass(abc.ABCMeta)
>> class IPsecDriver(*device_drivers.DeviceDrive*r):
>> """VPN Device Driver for IPSec.
>>
>> Where the import is used to access the base class DeviceDriver. If you’re
>> doing the same, that file may be failing to load.
>>
>> Regards,
>>
>> PCM
>>
>>
>>
>>
>>
>>
>>
>> FakeDeviceDriver is an empty class with a constructor located in file /opt/stack/neutron/neutron/services/vpn/junos_vpnaas/device_drivers/fake_device_driver.py.
>>
>>
>>
>>
>>
>> I don't have access to my devstask instance, but the error was produced in q-vpn service:
>>
>> DeviceDriverImportError: Can not load driver :neutron.services.vpn.junos_vpnaas.device_drivers.fake_device_driver.FakeDeviceDriver
>>
>>
>>
>>
>> I can provide full stack this afternoon.
>>
>>
>>
>>
>>
>> Thank you.
>>
>>
>> <http://dana.i2cat.net/> <http://www.i2cat.net/en>
>> Julio C. Barrera Juez [image: View my profile on LinkedIn]
>> <http://es.linkedin.com/in/jcbarrera/en>
>> Office phone: (+34) 93 357 99 27 (ext. 527)
>> Office mobile phone: (+34) 625 66 77 26
>> Distributed Applications and Networks Area (DANA)
>> i2CAT Foundation, Barcelona
>>
>>
>> On 16 July 2014 20:59, Paul Michali (pcm) <pcm at cisco.com> wrote:
>>
>>> Do you have a repo with the code that is visible to the public?
>>>
>>> What does the /etc/neutron/vpn_agent.ini look like?
>>>
>>> Can you put the log output of the actual error messages seen?
>>>
>>> Regards,
>>>
>>> PCM (Paul Michali)
>>>
>>> MAIL …..…. pcm at cisco.com
>>> IRC ……..… pcm_ (irc.freenode.com)
>>> TW ………... @pmichali
>>> GPG Key … 4525ECC253E31A83
>>> Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
>>>
>>>
>>>
>>> On Jul 16, 2014, at 2:43 PM, Julio Carlos Barrera Juez <
>>> juliocarlos.barrera at i2cat.net> wrote:
>>>
>>> I am fighting with this for months. I want to develop a VPN Neutron
>>> plugin, but it is almost impossible to realize how to achieve it. this is a
>>> thread I opened months ago and Paul Mchali helped me a lot:
>>> http://lists.openstack.org/pipermail/openstack-dev/2014-February/028389.html
>>>
>>> I want to know the minimum requirements to develop a device driver and a
>>> service driver for a VPN Neutron plugin. I tried adding an empty device
>>> driver and I got this error:
>>>
>>> DeviceDriverImportError: Can not load driver
>>> :neutron.services.vpn.junos_vpnaas.device_drivers.fake_device_driver.FakeDeviceDriver
>>>
>>> Both Python file and class exists, but the implementation is empty. What
>>> is the problem? What I need to include in this file/class to avoid this
>>> error?
>>>
>>> Thank you.
>>>
>>> <http://dana.i2cat.net/> <http://www.i2cat.net/en>
>>> Julio C. Barrera Juez [image: View my profile on LinkedIn]
>>> <http://es.linkedin.com/in/jcbarrera/en>
>>> Office phone: (+34) 93 357 99 27 (ext. 527)
>>> Office mobile phone: (+34) 625 66 77 26
>>> Distributed Applications and Networks Area (DANA)
>>> i2CAT Foundation, Barcelona
>>> _______________________________________________
>>> OpenStack-dev mailing list
>>> OpenStack-dev at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>>>
>>> _______________________________________________
>>> OpenStack-dev mailing list
>>> OpenStack-dev at lists.openstack.org
>>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>>
>>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140718/2abb6e0b/attachment.html>
More information about the OpenStack-dev
mailing list