¡@

Home 

OpenStack Study: ipsec.py

OpenStack Index

**** CubicPower OpenStack Study ****

# vim: tabstop=10 shiftwidth=4 softtabstop=4

#

# Copyright 2013, Nachi Ueno, NTT I3, Inc.

# All Rights Reserved.

#

# Licensed under the Apache License, Version 2.0 (the "License"); you may

# not use this file except in compliance with the License. You may obtain

# a copy of the License at

#

# http://www.apache.org/licenses/LICENSE-2.0

#

# Unless required by applicable law or agreed to in writing, software

# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

# License for the specific language governing permissions and limitations

# under the License.

import netaddr

from neutron.common import rpc as n_rpc

from neutron.openstack.common import log as logging

from neutron.openstack.common import rpc

from neutron.services.vpn.common import topics

from neutron.services.vpn import service_drivers

LOG = logging.getLogger(__name__)

IPSEC = 'ipsec'

BASE_IPSEC_VERSION = '1.0'

**** CubicPower OpenStack Study ****

class IPsecVpnDriverCallBack(object):

"""Callback for IPSecVpnDriver rpc."""

# history

# 1.0 Initial version

RPC_API_VERSION = BASE_IPSEC_VERSION

**** CubicPower OpenStack Study ****

    def __init__(self, driver):

        self.driver = driver

**** CubicPower OpenStack Study ****

    def create_rpc_dispatcher(self):

        return n_rpc.PluginRpcDispatcher([self])

**** CubicPower OpenStack Study ****

    def get_vpn_services_on_host(self, context, host=None):

        """Returns the vpnservices on the host."""

        plugin = self.driver.service_plugin

        vpnservices = plugin._get_agent_hosting_vpn_services(

            context, host)

        return [self.driver._make_vpnservice_dict(vpnservice)

                for vpnservice in vpnservices]

**** CubicPower OpenStack Study ****

    def update_status(self, context, status):

        """Update status of vpnservices."""

        plugin = self.driver.service_plugin

        plugin.update_status_by_agent(context, status)

**** CubicPower OpenStack Study ****

class IPsecVpnAgentApi(service_drivers.BaseIPsecVpnAgentApi):

"""Agent RPC API for IPsecVPNAgent."""

RPC_API_VERSION = BASE_IPSEC_VERSION

**** CubicPower OpenStack Study ****

    def __init__(self, topic, default_version):

        super(IPsecVpnAgentApi, self).__init__(

            topics.IPSEC_AGENT_TOPIC, topic, default_version)

**** CubicPower OpenStack Study ****

class IPsecVPNDriver(service_drivers.VpnDriver):

"""VPN Service Driver class for IPsec."""

**** CubicPower OpenStack Study ****

    def __init__(self, service_plugin):

        super(IPsecVPNDriver, self).__init__(service_plugin)

        self.callbacks = IPsecVpnDriverCallBack(self)

        self.conn = rpc.create_connection(new=True)

        self.conn.create_consumer(

            topics.IPSEC_DRIVER_TOPIC,

            self.callbacks.create_rpc_dispatcher(),

            fanout=False)

        self.conn.consume_in_thread()

        self.agent_rpc = IPsecVpnAgentApi(

            topics.IPSEC_AGENT_TOPIC, BASE_IPSEC_VERSION)

    @property

**** CubicPower OpenStack Study ****

    def service_type(self):

        return IPSEC

**** CubicPower OpenStack Study ****

    def create_ipsec_site_connection(self, context, ipsec_site_connection):

        vpnservice = self.service_plugin._get_vpnservice(

            context, ipsec_site_connection['vpnservice_id'])

        self.agent_rpc.vpnservice_updated(context, vpnservice['router_id'])

**** CubicPower OpenStack Study ****

    def update_ipsec_site_connection(

        self, context, old_ipsec_site_connection, ipsec_site_connection):

        vpnservice = self.service_plugin._get_vpnservice(

            context, ipsec_site_connection['vpnservice_id'])

        self.agent_rpc.vpnservice_updated(context, vpnservice['router_id'])

**** CubicPower OpenStack Study ****

    def delete_ipsec_site_connection(self, context, ipsec_site_connection):

        vpnservice = self.service_plugin._get_vpnservice(

            context, ipsec_site_connection['vpnservice_id'])

        self.agent_rpc.vpnservice_updated(context, vpnservice['router_id'])

**** CubicPower OpenStack Study ****

    def create_ikepolicy(self, context, ikepolicy):

        pass

**** CubicPower OpenStack Study ****

    def delete_ikepolicy(self, context, ikepolicy):

        pass

**** CubicPower OpenStack Study ****

    def update_ikepolicy(self, context, old_ikepolicy, ikepolicy):

        pass

**** CubicPower OpenStack Study ****

    def create_ipsecpolicy(self, context, ipsecpolicy):

        pass

**** CubicPower OpenStack Study ****

    def delete_ipsecpolicy(self, context, ipsecpolicy):

        pass

**** CubicPower OpenStack Study ****

    def update_ipsecpolicy(self, context, old_ipsec_policy, ipsecpolicy):

        pass

**** CubicPower OpenStack Study ****

    def create_vpnservice(self, context, vpnservice):

        pass

**** CubicPower OpenStack Study ****

    def update_vpnservice(self, context, old_vpnservice, vpnservice):

        self.agent_rpc.vpnservice_updated(context, vpnservice['router_id'])

**** CubicPower OpenStack Study ****

    def delete_vpnservice(self, context, vpnservice):

        self.agent_rpc.vpnservice_updated(context, vpnservice['router_id'])

**** CubicPower OpenStack Study ****

    def _make_vpnservice_dict(self, vpnservice):

        """Convert vpnservice information for vpn agent.

        also converting parameter name for vpn agent driver

        """

        vpnservice_dict = dict(vpnservice)

        vpnservice_dict['ipsec_site_connections'] = []

        vpnservice_dict['subnet'] = dict(

            vpnservice.subnet)

        vpnservice_dict['external_ip'] = vpnservice.router.gw_port[

            'fixed_ips'][0]['ip_address']

        for ipsec_site_connection in vpnservice.ipsec_site_connections:

            ipsec_site_connection_dict = dict(ipsec_site_connection)

            try:

                netaddr.IPAddress(ipsec_site_connection['peer_id'])

            except netaddr.core.AddrFormatError:

                ipsec_site_connection['peer_id'] = (

                    '@' + ipsec_site_connection['peer_id'])

            ipsec_site_connection_dict['ikepolicy'] = dict(

                ipsec_site_connection.ikepolicy)

            ipsec_site_connection_dict['ipsecpolicy'] = dict(

                ipsec_site_connection.ipsecpolicy)

            vpnservice_dict['ipsec_site_connections'].append(

                ipsec_site_connection_dict)

            peer_cidrs = [

                peer_cidr.cidr

                for peer_cidr in ipsec_site_connection.peer_cidrs]

            ipsec_site_connection_dict['peer_cidrs'] = peer_cidrs

        return vpnservice_dict