Skip to content
Snippets Groups Projects
Normal view Permalink
init-vpn 2.43 KiB
Newer Older
  • Learn to ignore specific revisions
    • Paul Bourke's avatar
    Add basic docs for neutron-vpnaas
    Paul Bourke committed
    1 2 3 4 
    #!/usr/bin/env bash

# Script originally copied from https://wiki.openstack.org/wiki/Neutron/VPNaaS/HowToInstall
    ZhijunWei's avatar
    Add test for credentials set  
    ZhijunWei committed
    5 6 7 8 9 10 
    # Test for credentials set
if [[ "${OS_USERNAME}" == "" ]]; then
    echo "No Keystone credentials specified.  Try running source openrc"
    exit
fi
    Paul Bourke's avatar
    Add basic docs for neutron-vpnaas
    Paul Bourke committed
    11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 
    EXT_NW_ID=`neutron net-list | awk '/public/{print $2}'`
WEST_SUBNET='192.168.1.0/24'
EAST_SUBNET='192.168.2.0/24'

function setup_site(){
    local site_name=$1
    local cidr=$2
    neutron net-create net_$site_name
    neutron subnet-create --name subnet_$site_name net_$site_name $2
    neutron router-create router_$site_name
    neutron router-interface-add router_$site_name subnet_$site_name
    neutron router-gateway-set router_$site_name $EXT_NW_ID
    neutron vpn-service-create --name vpn_$site_name router_$site_name subnet_$site_name
}

function get_external_ip(){
    local router_id=`neutron router-show $1 | awk '/ id /{print $4}'`
    rtmdk's avatar
    fix shell error about tools/init-vpn  
    rtmdk committed
    28 
        echo `neutron router-list | grep '$router_id' | awk -F '"' '{print $16}'`
    Paul Bourke's avatar
    Add basic docs for neutron-vpnaas
    Paul Bourke committed
    29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 
    }

function clean_site(){
    local site_name=$1
    neutron ipsec-site-connection-delete conn_$site_name
    neutron vpn-service-list | awk '/vpn_'$site_name'/{print "neutron vpn-service-delete " $2}' |
bash
    neutron router-gateway-clear router_$site_name
    neutron router-interface-delete router_$site_name subnet_$site_name
    neutron router-list | awk '/router_'$site_name'/{print "neutron router-delete " $2}' | bash
    neutron subnet-list | awk '/subnet_'$site_name'/{print "neutron subnet-delete " $2}' | bash
    neutron net-list | awk '/net_'$site_name'/{print "neutron net-delete " $2}' | bash
}

function setup(){
    neutron vpn-ikepolicy-create ikepolicy1
    neutron vpn-ipsecpolicy-create ipsecpolicy1
    setup_site west $WEST_SUBNET
    WEST_IP=$(get_external_ip router_west)
    setup_site east $EAST_SUBNET
    EAST_IP=$(get_external_ip router_east)
    rtmdk's avatar
    fix shell error about tools/init-vpn  
    rtmdk committed
    50 51 
        neutron ipsec-site-connection-create --name conn_east --vpnservice-id vpn_east --ikepolicy-id \
ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $WEST_IP --peer-id $WEST_IP --peer-cidr \
    Paul Bourke's avatar
    Add basic docs for neutron-vpnaas
    Paul Bourke committed
    52 
    $WEST_SUBNET --psk secret
    rtmdk's avatar
    fix shell error about tools/init-vpn  
    rtmdk committed
    53 54 
        neutron ipsec-site-connection-create --name conn_west --vpnservice-id vpn_west --ikepolicy-id \
ikepolicy1 --ipsecpolicy-id ipsecpolicy1 --peer-address $EAST_IP --peer-id $EAST_IP --peer-cidr \
    Paul Bourke's avatar
    Add basic docs for neutron-vpnaas
    Paul Bourke committed
    55 56 57 58 59 60 61 62 63 64 65 66 
    $EAST_SUBNET --psk secret
}

function cleanup(){
    clean_site west
    clean_site east
    neutron vpn-ikepolicy-delete ikepolicy1
    neutron vpn-ipsecpolicy-delete ipsecpolicy1
}

cleanup
setup