Run neutron-vpn-netns-wrapper in venv
When neutron is installed inside venv, neutron-vpn-netns-wrapper is placed inside venv as well. Currently vpn creation will fail due to missing wrapper inside $PATH. So we should respect venvs and launch neutron-vpn-netns-wrapper from the venv when applicable. Closes-Bug: 1848201 Change-Id: I9c50bfc2cefdd97c6d54e8bfabe97748c8dfce13
This commit is contained in:
parent
6188fcf580
commit
e0fb6700b1
@ -20,6 +20,7 @@ import os
|
|||||||
import re
|
import re
|
||||||
import shutil
|
import shutil
|
||||||
import socket
|
import socket
|
||||||
|
import sys
|
||||||
|
|
||||||
import eventlet
|
import eventlet
|
||||||
import jinja2
|
import jinja2
|
||||||
@ -175,6 +176,8 @@ class BaseSwanProcess(object, metaclass=abc.ABCMeta):
|
|||||||
"v1": "never"
|
"v1": "never"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
NS_WRAPPER = 'neutron-vpn-netns-wrapper'
|
||||||
|
|
||||||
STATUS_DICT = {
|
STATUS_DICT = {
|
||||||
'erouted': constants.ACTIVE,
|
'erouted': constants.ACTIVE,
|
||||||
'unrouted': constants.DOWN
|
'unrouted': constants.DOWN
|
||||||
@ -234,6 +237,18 @@ class BaseSwanProcess(object, metaclass=abc.ABCMeta):
|
|||||||
psk = encodeutils.safe_decode(encoded_psk, incoming='utf_8')
|
psk = encodeutils.safe_decode(encoded_psk, incoming='utf_8')
|
||||||
ipsec_site_conn['psk'] = PSK_BASE64_PREFIX + psk
|
ipsec_site_conn['psk'] = PSK_BASE64_PREFIX + psk
|
||||||
|
|
||||||
|
def get_ns_wrapper(self):
|
||||||
|
"""
|
||||||
|
Check if we're inside a virtualenv. If we are, then we should
|
||||||
|
respect this and launch wrapper from venv as well.
|
||||||
|
"""
|
||||||
|
if (hasattr(sys, 'real_prefix') or
|
||||||
|
(hasattr(sys, 'base_prefix') and sys.base_prefix != sys.prefix)):
|
||||||
|
ns_wrapper = os.path.join(sys.prefix, "bin/", self.NS_WRAPPER)
|
||||||
|
else:
|
||||||
|
ns_wrapper = self.NS_WRAPPER
|
||||||
|
return ns_wrapper
|
||||||
|
|
||||||
def update_vpnservice(self, vpnservice):
|
def update_vpnservice(self, vpnservice):
|
||||||
self.vpnservice = vpnservice
|
self.vpnservice = vpnservice
|
||||||
self.translate_dialect()
|
self.translate_dialect()
|
||||||
|
@ -19,8 +19,6 @@ from neutron.agent.linux import ip_lib
|
|||||||
|
|
||||||
from neutron_vpnaas.services.vpn.device_drivers import ipsec
|
from neutron_vpnaas.services.vpn.device_drivers import ipsec
|
||||||
|
|
||||||
NS_WRAPPER = 'neutron-vpn-netns-wrapper'
|
|
||||||
|
|
||||||
|
|
||||||
class LibreSwanProcess(ipsec.OpenSwanProcess):
|
class LibreSwanProcess(ipsec.OpenSwanProcess):
|
||||||
"""Libreswan Process manager class.
|
"""Libreswan Process manager class.
|
||||||
@ -45,8 +43,9 @@ class LibreSwanProcess(ipsec.OpenSwanProcess):
|
|||||||
mount_paths_str = ','.join(
|
mount_paths_str = ','.join(
|
||||||
"%s:%s" % (source, target)
|
"%s:%s" % (source, target)
|
||||||
for source, target in mount_paths.items())
|
for source, target in mount_paths.items())
|
||||||
|
ns_wrapper = self.get_ns_wrapper()
|
||||||
return ip_wrapper.netns.execute(
|
return ip_wrapper.netns.execute(
|
||||||
[NS_WRAPPER,
|
[ns_wrapper,
|
||||||
'--mount_paths=%s' % mount_paths_str,
|
'--mount_paths=%s' % mount_paths_str,
|
||||||
('--rootwrap_config=%s' % self._rootwrap_cfg
|
('--rootwrap_config=%s' % self._rootwrap_cfg
|
||||||
if self._rootwrap_cfg else ''),
|
if self._rootwrap_cfg else ''),
|
||||||
|
@ -57,8 +57,6 @@ strongswan_opts = [
|
|||||||
]
|
]
|
||||||
cfg.CONF.register_opts(strongswan_opts, 'strongswan')
|
cfg.CONF.register_opts(strongswan_opts, 'strongswan')
|
||||||
|
|
||||||
NS_WRAPPER = 'neutron-vpn-netns-wrapper'
|
|
||||||
|
|
||||||
|
|
||||||
class StrongSwanProcess(ipsec.BaseSwanProcess):
|
class StrongSwanProcess(ipsec.BaseSwanProcess):
|
||||||
|
|
||||||
@ -112,8 +110,9 @@ class StrongSwanProcess(ipsec.BaseSwanProcess):
|
|||||||
The namespace wrapper will bind /etc/ and /var/run
|
The namespace wrapper will bind /etc/ and /var/run
|
||||||
"""
|
"""
|
||||||
ip_wrapper = ip_lib.IPWrapper(namespace=self.namespace)
|
ip_wrapper = ip_lib.IPWrapper(namespace=self.namespace)
|
||||||
|
ns_wrapper = self.get_ns_wrapper()
|
||||||
return ip_wrapper.netns.execute(
|
return ip_wrapper.netns.execute(
|
||||||
[NS_WRAPPER,
|
[ns_wrapper,
|
||||||
'--mount_paths=/etc:%s/etc,%s:%s/var/run' % (
|
'--mount_paths=/etc:%s/etc,%s:%s/var/run' % (
|
||||||
self.config_dir, self._strongswan_piddir, self.config_dir),
|
self.config_dir, self._strongswan_piddir, self.config_dir),
|
||||||
('--rootwrap_config=%s' % self._rootwrap_cfg
|
('--rootwrap_config=%s' % self._rootwrap_cfg
|
||||||
|
Loading…
Reference in New Issue
Block a user