[Openstack] LBaaS & VPNaaS

Yngvi Páll Þorfinnsson yngvith at siminn.is
Thu Oct 8 08:54:40 UTC 2015 

Hi James
Thanks so much ;-)

Regards
Yngvi

From: James Denton [mailto:james.denton at rackspace.com]
Sent: 7. október 2015 16:58
To: Yngvi Páll Þorfinnsson <yngvith at siminn.is>
Cc: Sayaji Patil <sayaji15 at gmail.com>; openstack at lists.openstack.org
Subject: Re: [Openstack] LBaaS & VPNaaS

Hi Yngvi,

In my most recent experience with VPNaaS on Kilo, I did the following (all on the controller node):

1. Install VPN agent

apt-get install neutron-vpnaas-agent

2. Edit /etc/neutron/vpn_agent.ini and add the following to configure the device driver:

[vpnagent]
vpn_device_driver = neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver

3. Edit /etc/neutron/neutron.conf and add vpnaas to the list of service plugins:

service_plugins = router,vpnaas

4. Edit /etc/neutron/neutron_vpnaas.conf and configure the service provider:

[service_providers]
service_provider = VPN:vpnaas:neutron_vpnaas.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
5. Restart Neutron service:

service neutron-server restart

6. Update AppArmor profile:

sudo ln -sf /etc/apparmor.d/usr.lib.ipsec.charon /etc/apparmor.d/disable/
sudo ln -sf /etc/apparmor.d/usr.lib.ipsec.stroke /etc/apparmor.d/disable/
service apparmor restart

7. Work around https://bugs.launchpad.net/neutron/+bug/1456335
cat >> /usr/bin/neutron-vpn-netns-wrapper << EOF
#!/usr/bin/python2

import sys

from neutron_vpnaas.services.vpn.common.netns_wrapper import main

if __name__ == "__main__":
    sys.exit(main())
EOF

8. Set permissions:

chmod 755 /usr/bin/neutron-vpn-netns-wrapper

9. Restart VPN agent

service neutron-vpn-agent restart

——

Here are the instructions for LBaaS. Again, this is for Kilo but may work with Juno as well:

1. Install agent:

apt-get install neutron-lbaas-agent

2. Define interface driver. This is specific to OVS or LinuxBridge. Edit the /etc/neutron/lbaas_agent.ini file and add the following:

[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver

-OR-

interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
3. Define the device driver in /etc/neutron/lbaas_agent.ini:

[DEFAULT]
device_driver = neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver
 4. Define service provider in   /etc/neutron/neutron_lbaas.conf    :

[service_providers]
service_provider = LOADBALANCER:Haproxy:neutron_lbaas.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
5. Define service plugin in /etc/neutron/neutron.conf:

service_plugins = router,vpnaas,lbaas

6. Restart Neutron service:

service neutron-server restart

7. Restart LBaaS agent:

service neutron-lbaas-agent restart

——

No returns and no warranty! Give it a shot and let me know.

James Denton
Network Architect
Rackspace Private Cloud
james.denton at rackspace.com<mailto:james.denton at rackspace.com>

On Oct 7, 2015, at 5:08 AM, Yngvi Páll Þorfinnsson <yngvith at siminn.is<mailto:yngvith at siminn.is>> wrote:

OK, thanks a lot Sayaji  ;-)

Regards
Yngvi

From: Sayaji Patil [mailto:sayaji15 at gmail.com]
Sent: 6. október 2015 18:21
To: Yngvi Páll Þorfinnsson <yngvith at siminn.is<mailto:yngvith at siminn.is>>
Cc: openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Subject: Re: [Openstack] LBaaS & VPNaaS

I was able to get VPNaas working by following this link

https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall

Regards,
Sayaji

On Tue, Oct 6, 2015 at 3:38 AM, Yngvi Páll Þorfinnsson <yngvith at siminn.is<mailto:yngvith at siminn.is>> wrote:
Dear all

Can anyone please advise me on a good „install guide for Openstack Juno“ for
LbaaS and VPNaaS ?
My openstack servers are all Ubuntu 14.04 LTS.

Best regards
Yngvi

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

_______________________________________________
Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org<mailto:openstack at lists.openstack.org>
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20151008/05ed4c82/attachment.html>

More information about the Openstack mailing list