[openstack-dev] [Neutron] minimal device driver for VPN
Julio Carlos Barrera Juez
juliocarlos.barrera at i2cat.net
Thu Jul 17 18:18:27 UTC 2014
We have followed your advices:
- We created our fake device driver located in the same level as other
device drivers
(/opt/stack/neutron/neutron/services/vpn//device_drivers/fake_device_driver.py):
import abc
import six
from neutron.openstack.common import log
from neutron.services.vpn import device_drivers
LOG = log.getLogger(__name__)
@six.add_metaclass(abc.ABCMeta)
class FakeDeviceDriver(device_drivers.DeviceDriver):
'''
classdocs
'''
def __init__(self, agent, host):
pass
def sync(self, context, processes):
pass
def create_router(self, process_id):
pass
def destroy_router(self, process_id):
pass
- Our service driver located in
/opt/stack/neutron/neutron/services/vpn/service_drivers/fake_service_driver.py:
from neutron.openstack.common import log
LOG = log.getLogger(__name__)
class FakeServiceDriver():
'''
classdocs
'''
def get_vpnservices(self, context, filters=None, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_vpnservice(self, context, vpnservice_id, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def create_vpnservice(self, context, vpnservice):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def update_vpnservice(self, context, vpnservice_id, vpnservice):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def delete_vpnservice(self, context, vpnservice_id):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_ipsec_site_connections(self, context, filters=None,
fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_ipsec_site_connection(self, context,
ipsecsite_conn_id, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_ikepolicy(self, context, ikepolicy_id, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_ikepolicies(self, context, filters=None, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def create_ikepolicy(self, context, ikepolicy):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def update_ikepolicy(self, context, ikepolicy_id, ikepolicy):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def delete_ikepolicy(self, context, ikepolicy_id):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_ipsecpolicies(self, context, filters=None, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def get_ipsecpolicy(self, context, ipsecpolicy_id, fields=None):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def create_ipsecpolicy(self, context, ipsecpolicy):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def update_ipsecpolicy(self, context, ipsecpolicy_id, ipsecpolicy):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
def delete_ipsecpolicy(self, context, ipsecpolicy_id):
LOG.info('XXXXXXXXXXXXXX Calling method: ' + __name__)
pass
- Our /etc/neutron/vpn_agent.ini:
[DEFAULT]
# VPN-Agent configuration file
# Note vpn-agent inherits l3-agent, so you can use configs on l3-agent also
[vpnagent]
# vpn device drivers which vpn agent will use
# If we want to use multiple drivers, we need to define this option
multiple times.
# vpn_device_driver=neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver
#
vpn_device_driver=neutron.services.vpn.device_drivers.cisco_ipsec.CiscoCsrIPsecDriver
# vpn_device_driver=another_driver
# custom config
# implementation location:
/opt/stack/neutron/neutron/services/vpn//device_drivers/fake_device_driver.py
vpn_device_driver=neutron.services.vpn.device_drivers.fake_device_driver.FakeDeviceDriver
[ipsec]
# Status check interval
# ipsec_status_check_interval=60
It seems now everything is working and q-vpn starts. In one line in his log
we see:
2014-07-16 21:59:45.009 DEBUG neutron.openstack.common.service
[req-fb6ed9ca-0e71-4783-804b-81ea34b16679 None None]
service_providers.service_provider =
['VPN:fake_junos_vpnaas:neutron.services.vpn.service_drivers.fake_service_driver.FakeServiceDriver:default']
from (pid=14423) log_opt_values
/usr/local/lib/python2.7/dist-packages/oslo/config/cfg.py:1988
But now we don't know how to continue. We don't any of our logs in q-vpn
when we execute commands like:
neutron vpn-ipsecpolicy-create test-ike-policy
neutron vpn-ikepolicy-list
neutron vpn-service-list
We don't see any error anyway.
How we could proceed?
Thank you.
<http://dana.i2cat.net> <http://www.i2cat.net/en>
Julio C. Barrera Juez [image: View my profile on LinkedIn]
<http://es.linkedin.com/in/jcbarrera/en>
Office phone: (+34) 93 357 99 27 (ext. 527)
Office mobile phone: (+34) 625 66 77 26
Distributed Applications and Networks Area (DANA)
i2CAT Foundation, Barcelona
On 17 July 2014 14:18, Paul Michali (pcm) <pcm at cisco.com> wrote:
> See line @PCM
>
>
> PCM (Paul Michali)
>
> MAIL …..…. pcm at cisco.com
> IRC ……..… pcm_ (irc.freenode.com)
> TW ………... @pmichali
> GPG Key … 4525ECC253E31A83
> Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
>
>
>
> On Jul 17, 2014, at 6:32 AM, Julio Carlos Barrera Juez <
> juliocarlos.barrera at i2cat.net> wrote:
>
> I have __init__.py in the directory. Sorry my code is not public, but I
> can show you some contents, anyway is an experiment with no functional code.
>
>
> @PCM Could you provide a patch with the files so we could patch it into a
> local repo and try things? I’m assuming since it is an experiment with no
> functional code that maybe there’s nothing proprietary? :)
>
>
>
>
> My /etc/neutron/vpn_agent.ini:
>
>
>
>
> [DEFAULT]
> [vpnagent]
> # implementation location: /opt/stack/neutron/neutron/services/vpn/junos_vpnaas/device_drivers/fake_device_driver.py
> vpn_device_driver=neutron.services.vpn.junos_vpnaas.device_drivers.fake_device_driver.FakeDeviceDriver
>
>
> @PCM Hmmm… Just a wild guess... I’m wondering if this is the issue. You
> class would need to inherit from the base device driver class. Does your
> fake_device_driver.py have the correct import paths? I say that, because
> your hierarchy is different. For example, the layout currently is…
>
> neutron/services/vpn/ - plugin
> neutron/services/vpn/device_drivers/ - reference and Cisco device drivers
> neutron/services/vpn/service_drivers/ - reference and Cisco service drivers
>
> Your hierarchy has another level…
>
> neutron/services/vpn/*junos_vpnaas*/device_drivers/
>
> I’m wondering if there is some import wrong. For example, the reference
> device driver has:
>
> from neutron.services.vpn import device_drivers
> …
> @six.add_metaclass(abc.ABCMeta)
> class IPsecDriver(*device_drivers.DeviceDrive*r):
> """VPN Device Driver for IPSec.
>
> Where the import is used to access the base class DeviceDriver. If you’re
> doing the same, that file may be failing to load.
>
> Regards,
>
> PCM
>
>
>
>
>
> FakeDeviceDriver is an empty class with a constructor located in file /opt/stack/neutron/neutron/services/vpn/junos_vpnaas/device_drivers/fake_device_driver.py.
>
>
>
> I don't have access to my devstask instance, but the error was produced in q-vpn service:
>
> DeviceDriverImportError: Can not load driver :neutron.services.vpn.junos_vpnaas.device_drivers.fake_device_driver.FakeDeviceDriver
>
>
> I can provide full stack this afternoon.
>
>
>
> Thank you.
>
>
> <http://dana.i2cat.net/> <http://www.i2cat.net/en>
> Julio C. Barrera Juez [image: View my profile on LinkedIn]
> <http://es.linkedin.com/in/jcbarrera/en>
> Office phone: (+34) 93 357 99 27 (ext. 527)
> Office mobile phone: (+34) 625 66 77 26
> Distributed Applications and Networks Area (DANA)
> i2CAT Foundation, Barcelona
>
>
> On 16 July 2014 20:59, Paul Michali (pcm) <pcm at cisco.com> wrote:
>
>> Do you have a repo with the code that is visible to the public?
>>
>> What does the /etc/neutron/vpn_agent.ini look like?
>>
>> Can you put the log output of the actual error messages seen?
>>
>> Regards,
>>
>> PCM (Paul Michali)
>>
>> MAIL …..…. pcm at cisco.com
>> IRC ……..… pcm_ (irc.freenode.com)
>> TW ………... @pmichali
>> GPG Key … 4525ECC253E31A83
>> Fingerprint .. 307A 96BB 1A4C D2C7 931D 8D2D 4525 ECC2 53E3 1A83
>>
>>
>>
>> On Jul 16, 2014, at 2:43 PM, Julio Carlos Barrera Juez <
>> juliocarlos.barrera at i2cat.net> wrote:
>>
>> I am fighting with this for months. I want to develop a VPN Neutron
>> plugin, but it is almost impossible to realize how to achieve it. this is a
>> thread I opened months ago and Paul Mchali helped me a lot:
>> http://lists.openstack.org/pipermail/openstack-dev/2014-February/028389.html
>>
>> I want to know the minimum requirements to develop a device driver and a
>> service driver for a VPN Neutron plugin. I tried adding an empty device
>> driver and I got this error:
>>
>> DeviceDriverImportError: Can not load driver
>> :neutron.services.vpn.junos_vpnaas.device_drivers.fake_device_driver.FakeDeviceDriver
>>
>> Both Python file and class exists, but the implementation is empty. What
>> is the problem? What I need to include in this file/class to avoid this
>> error?
>>
>> Thank you.
>>
>> <http://dana.i2cat.net/> <http://www.i2cat.net/en>
>> Julio C. Barrera Juez [image: View my profile on LinkedIn]
>> <http://es.linkedin.com/in/jcbarrera/en>
>> Office phone: (+34) 93 357 99 27 (ext. 527)
>> Office mobile phone: (+34) 625 66 77 26
>> Distributed Applications and Networks Area (DANA)
>> i2CAT Foundation, Barcelona
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
>>
>> _______________________________________________
>> OpenStack-dev mailing list
>> OpenStack-dev at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>>
>>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140717/686f7dd1/attachment.html>
More information about the OpenStack-dev
mailing list