diff --git a/docker/neutron/neutron-base/Dockerfile.j2 b/docker/neutron/neutron-base/Dockerfile.j2
index 774562822d..ab27210f40 100644
--- a/docker/neutron/neutron-base/Dockerfile.j2
+++ b/docker/neutron/neutron-base/Dockerfile.j2
@@ -134,7 +134,12 @@ RUN ln -s neutron-base-source/* neutron \
     && chown -R neutron: /etc/neutron /usr/share/neutron \
     && sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/neutron/rootwrap.conf \
     && if [ "$(ls /plugins)" ]; then \
-        {{ macros.install_pip(neutron_base_plugins_pip_packages) }}; \
+        {{ macros.install_pip(neutron_base_plugins_pip_packages) }} \
+        && for neutron_plugins in $(ls /plugins); do \
+            if [[ -d "/plugins/$neutron_plugins/etc/neutron/rootwrap.d" ]]; then \
+                cp /plugins/$neutron_plugins/etc/neutron/rootwrap.d/* /etc/neutron/rootwrap.d; \
+            fi; \
+        done; \
     fi
 
 {% endif %}
diff --git a/docker/neutron/neutron-l3-agent/Dockerfile.j2 b/docker/neutron/neutron-l3-agent/Dockerfile.j2
index c4477ca0a4..2a4c54722a 100644
--- a/docker/neutron/neutron-l3-agent/Dockerfile.j2
+++ b/docker/neutron/neutron-l3-agent/Dockerfile.j2
@@ -6,22 +6,41 @@ LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build
 {% import "macros.j2" as macros with context %}
 
 {% if install_type == 'binary' %}
-    {% if base_distro in ['debian', 'ubuntu'] %}
+   {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
+       {% set neutron_l3_agent_packages = [
+            'openstack-neutron-vpn-agent',
+            'libreswan'
+       ] %}
+
+# TODO(chenxing) Currently, there is no Ubuntu vpnaas package for Queens release.
+    {% elif base_distro in ['debian', 'ubuntu'] %}
 
         {% set neutron_l3_agent_packages = [
-            'neutron-l3-agent'
+            'neutron-l3-agent',
+            'strongswan'
         ] %}
 
-    {% endif %}
-{% elif install_type == 'source' %}
-    {% set neutron_l3_agent_packages = [
-        'radvd'
-    ] %}
-
-{% endif %}
+   {% endif %}
 
 {{ macros.install_packages(neutron_l3_agent_packages | customizable("packages")) }}
 
+{% elif install_type == 'source' %}
+   {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
+       {% set neutron_l3_agent_packages = [
+            'libreswan',
+            'radvd'
+       ] %}
+   {% elif base_distro in ['debian', 'ubuntu'] %}
+      {% set neutron_l3_agent_packages = [
+            'strongswan',
+            'radvd'
+      ] %}
+   {% endif %}
+
+{{ macros.install_packages(neutron_l3_agent_packages | customizable("packages")) }}
+
+{% endif %}
+
 {% block neutron_l3_agent_footer %}{% endblock %}
 {% block footer %}{% endblock %}
 
diff --git a/docker/neutron/neutron-server/extend_start.sh b/docker/neutron/neutron-server/extend_start.sh
index 4f33483806..a7619c5765 100644
--- a/docker/neutron/neutron-server/extend_start.sh
+++ b/docker/neutron/neutron-server/extend_start.sh
@@ -6,6 +6,7 @@ if [[ "${!KOLLA_BOOTSTRAP[@]}" ]]; then
     OPTS="--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini"
     neutron-db-manage ${OPTS} upgrade head
     neutron-db-manage ${OPTS} --subproject neutron-fwaas upgrade head
+    neutron-db-manage ${OPTS} --subproject neutron-vpnaas upgrade head
     exit 0
 fi
 
diff --git a/docker/neutron/neutron-vpnaas-agent/Dockerfile.j2 b/docker/neutron/neutron-vpnaas-agent/Dockerfile.j2
deleted file mode 100644
index d22e6d00e8..0000000000
--- a/docker/neutron/neutron-vpnaas-agent/Dockerfile.j2
+++ /dev/null
@@ -1,60 +0,0 @@
-FROM {{ namespace }}/{{ image_prefix }}neutron-base:{{ tag }}
-LABEL maintainer="{{ maintainer }}" name="{{ image_name }}" build-date="{{ build_date }}"
-
-{% block neutron_vpnaas_agent_header %}{% endblock %}
-
-{% import "macros.j2" as macros with context %}
-
-{% if install_type == 'binary' %}
-   {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
-       {% set neutron_vpnaas_agent_packages = [
-            'openstack-neutron-vpn-agent',
-            'openswan'
-       ] %}
-   {% elif base_distro in ['debian', 'ubuntu'] %}
-      {% set neutron_vpnaas_agent_packages = [
-            'neutron-vpn-agent',
-            'strongswan'
-      ] %}
-   {% endif %}
-
-{{ macros.install_packages(neutron_vpnaas_agent_packages | customizable("packages")) }}
-
-{% elif install_type == 'source' %}
-
-   {% if base_distro in ['centos', 'oraclelinux', 'rhel'] %}
-       {% set neutron_vpnaas_agent_packages = [
-            'openswan'
-       ] %}
-   {% elif base_distro in ['debian', 'ubuntu'] %}
-      {% set neutron_vpnaas_agent_packages = [
-            'strongswan'
-      ] %}
-   {% endif %}
-
-{{ macros.install_packages(neutron_vpnaas_agent_packages | customizable("packages")) }}
-
-ADD neutron-vpnaas-agent-archive /neutron-vpnaas-agent-source
-
-{% set neutron_vpnaas_agent_pip_packages = [
-    '/neutron_vpnaas'
-] %}
-
-RUN ln -s neutron-vpnaas-agent-source/* neutron_vpnaas \
-    && {{ macros.install_pip(neutron_vpnaas_agent_pip_packages | customizable("pip_packages")) }} \
-    && cp /neutron_vpnaas/etc/neutron/rootwrap.d/* /etc/neutron/rootwrap.d
-
-{% endif %}
-
-COPY extend_start.sh /usr/local/bin/kolla_neutron_extend_start
-RUN chmod 755 /usr/local/bin/kolla_neutron_extend_start
-
-{% block neutron_vpnaas_agent_footer %}{% endblock %}
-{% block footer %}{% endblock %}
-
-# TODO(pbourke): The libreswan driver required by redhat derived bases
-# currently requires root in Neutron. Remove this if condition once
-# https://bugs.launchpad.net/neutron/+bug/1644517 is addressed.
-{% if base_distro in ['debian', 'ubuntu'] %}
-USER neutron
-{% endif %}
diff --git a/kolla/common/config.py b/kolla/common/config.py
index 9ca23d9258..0a8d2ea842 100755
--- a/kolla/common/config.py
+++ b/kolla/common/config.py
@@ -542,6 +542,10 @@ SOURCES = {
         'type': 'url',
         'location': ('$tarballs_base/vmware-nsx/'
                      'vmware-nsx-stable-queens.tar.gz')},
+    'neutron-base-plugin-vpnaas-agent': {
+        'type': 'url',
+        'location': ('$tarballs_base/neutron-vpnaas/'
+                     'neutron-vpnaas-12.0.0.tar.gz')},
     'neutron-bgp-dragent': {
         'type': 'url',
         'location': ('$tarballs_base/neutron-dynamic-routing/'
@@ -578,10 +582,6 @@ SOURCES = {
         'type': 'url',
         'location': ('$tarballs_base/vmware-nsxlib/'
                      'vmware-nsxlib-stable-queens.tar.gz')},
-    'neutron-server-plugin-vpnaas-agent': {
-        'type': 'url',
-        'location': ('$tarballs_base/neutron-vpnaas/'
-                     'neutron-vpnaas-12.0.0.tar.gz')},
     'neutron-vpnaas-agent': {
         'type': 'url',
         'location': ('$tarballs_base/neutron-vpnaas/'
diff --git a/releasenotes/notes/remove-neutron-vpnaas-agent-216810affb495ad0.yaml b/releasenotes/notes/remove-neutron-vpnaas-agent-216810affb495ad0.yaml
new file mode 100644
index 0000000000..c09f4ab8ce
--- /dev/null
+++ b/releasenotes/notes/remove-neutron-vpnaas-agent-216810affb495ad0.yaml
@@ -0,0 +1,11 @@
+---
+upgrade:
+  - |
+    The neutron-vpnaas-agent has been loaded just inside of the existing l3 agent
+    rather than requiring operators to run a completely different binary with a
+    subclass of the existing L3 agent.
+
+deprecation:
+  - |
+    As neutron-vpnaas-agent can be loaded by the neutron l3 agent, neutron-vpnaas
+    standalone mode is not supported. It's time to remove this container.