Neutron/VPNaaS/HowToInstall
Contents
Installation
- . apt-get install strongswan
- . replace binary quantum-l3-agent to quantum-vpn-agent
Note: you can use WIP devstack for VPNaaS Devstack review is here -> https://review.openstack.org/#/c/32174/ (WIP)
git clone https://github.com/openstack-dev/devstack.git cd devstack git review -d 32174
Set localrc ( q-vpn is added)
DEST=/opt/stack disable_service n-net enable_service q-svc enable_service q-agt enable_service q-dhcp enable_service q-l3 enable_service q-meta enable_service quantum enable_service tempest enable_service q-vpn API_RATE_LIMIT=False VOLUME_BACKING_FILE_SIZE=4G FIXED_RANGE=10.1.0.0/24 FIXED_NETWORK_SIZE=256 VIRT_DRIVER=libvirt SWIFT_REPLICAS=1 export OS_NO_CACHE=True SCREEN_LOGDIR=/opt/stack/screen-logs SYSLOG=True SKIP_EXERCISES=boot_from_volume,client-env ROOTSLEEP=0 ACTIVE_TIMEOUT=60 Q_USE_SECGROUP=True BOOT_TIMEOUT=90 ASSOCIATE_TIMEOUT=60 ADMIN_PASSWORD=openstack MYSQL_PASSWORD=openstack RABBIT_PASSWORD=openstack SERVICE_PASSWORD=openstack SERVICE_TOKEN=tokentoken Q_PLUGIN=openvswitch Q_USE_DEBUG_COMMAND=True NETWORK_GATEWAY=10.1.0.1
Checkout Test branches
Quantum TBD Quantum client : https://review.openstack.org/#/c/29811/
Run Devstack
./stack.sh
Setup Params
ROUTER_ID=`quantum router-show router1 | awk '/ id /{print $4}'` SUBNET_ID=`quantum subnet-create private 20.0.0.0/24 | awk '/ id /{print $4}'`
CLI Walkthough
Setup VPN Connection
Create VPN Service
quantum vpn-service-create --name vpn1 --router_id $ROUTER_ID --subnet_id $SUBNET_ID
List VPN Service
quantum vpn-service-list
Show VPN Service
quantum vpn-service-show vpn1 VPN1=`quantum vpn-service-show vpn1 | awk '/ id /{print $4}'`
Create IKE policy
quantum vpn-ikepolicy-create --name ike_policy1
List IKE policy
quantum vpn-ikepolicy-list
Show IKE policy
quantum vpn-ikepolicy-show ike_policy1
Create IPSec policy
quantum vpn-ipsecpolicy-create --name ipsecpolicy1
Show IPSec policy
quantum vpn-ipsecpolicy-show ike_policy1
Create VPN Connection
quantum vpn-connection-create --name vpnconnection1 vpn1 ikepolicy1 ipsecpolicy1
List VPN Connection
quantum vpn-connection-list
Show VPN Connection
quantum vpn-connection-show vpnconnection1
Delete VPN configuration
Delete VPN Connection
quantum vpn-connection-delete vpnconnection1
Delete VPN Service
quantum vpn-service-delete $VPN1
Remove Router Interface ( <-- This should be automatically done by VPNService )
quantum router-interface-delete $ROUTER_ID $SUBNET_ID
Delete IKE policy
quantum vpn-ikepolicy-delete ike_policy1
Delete IPSec policy
quantum vpn-ipsecpolicy-delete ipsecpolicy1