44b49adda1
the /etc/kolla/adminrc.sh should be export before init vpn script, this ps to add test for credentials set to avoid it missing. Change-Id: Ib849d5f5804221c507c2466f2f08179340188c24
67 lines
2.4 KiB
Bash
Executable File
67 lines
2.4 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
# Script originally copied from https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall
|
|
|
|
# Test for credentials set
|
|
if [[ "${OS_USERNAME}" == "" ]]; then
|
|
echo "No Keystone credentials specified. Try running source openrc"
|
|
exit
|
|
fi
|
|
|
|
EXT_NW_ID=`neutron net-list | awk '/public/{print $2}'`
|
|
WEST_SUBNET='192.168.1.0/24'
|
|
EAST_SUBNET='192.168.2.0/24'
|
|
|
|
function setup_site(){
|
|
local site_name=$1
|
|
local cidr=$2
|
|
neutron net-create net_$site_name
|
|
neutron subnet-create --name subnet_$site_name net_$site_name $2
|
|
neutron router-create router_$site_name
|
|
neutron router-interface-add router_$site_name subnet_$site_name
|
|
neutron router-gateway-set router_$site_name $EXT_NW_ID
|
|
neutron vpn-service-create --name vpn_$site_name router_$site_name subnet_$site_name
|
|
}
|
|
|
|
function get_external_ip(){
|
|
local router_id=`neutron router-show $1 | awk '/ id /{print $4}'`
|
|
echo `neutron router-list | grep '$router_id' | awk -F '"' '{print $16}'`
|
|
}
|
|
|
|
function clean_site(){
|
|
local site_name=$1
|
|
neutron ipsec-site-connection-delete conn_$site_name
|
|
neutron vpn-service-list | awk '/vpn_'$site_name'/{print "neutron vpn-service-delete " $2}' |
|
|
bash
|
|
neutron router-gateway-clear router_$site_name
|
|
neutron router-interface-delete router_$site_name subnet_$site_name
|
|
neutron router-list | awk '/router_'$site_name'/{print "neutron router-delete " $2}' | bash
|
|
neutron subnet-list | awk '/subnet_'$site_name'/{print "neutron subnet-delete " $2}' | bash
|
|
neutron net-list | awk '/net_'$site_name'/{print "neutron net-delete " $2}' | bash
|
|
}
|
|
|
|
function setup(){
|
|
neutron vpn-ikepolicy-create ikepolicy1
|
|
neutron vpn-ipsecpolicy-create ipsecpolicy1
|
|
setup_site west $WEST_SUBNET
|
|
WEST_IP=$(get_external_ip router_west)
|
|
setup_site east $EAST_SUBNET
|
|
EAST_IP=$(get_external_ip router_east)
|
|
neutron ipsec-site-connection-create --name conn_east --vpnservice-id vpn_east --ikepolicy-id \
|
|
ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $WEST_IP --peer-id $WEST_IP --peer-cidr \
|
|
$WEST_SUBNET --psk secret
|
|
neutron ipsec-site-connection-create --name conn_west --vpnservice-id vpn_west --ikepolicy-id \
|
|
ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $EAST_IP --peer-id $EAST_IP --peer-cidr \
|
|
$EAST_SUBNET --psk secret
|
|
}
|
|
|
|
function cleanup(){
|
|
clean_site west
|
|
clean_site east
|
|
neutron vpn-ikepolicy-delete ikepolicy1
|
|
neutron vpn-ipsecpolicy-delete ipsecpolicy1
|
|
}
|
|
|
|
cleanup
|
|
setup
|