From 8c1ddaaa19151bb746c0613e90ec5fcd08640033 Mon Sep 17 00:00:00 2001 From: Paul Bourke Date: Thu, 24 Nov 2016 11:18:54 +0000 Subject: [PATCH] Fix neutron-vpnaas for redhat derived bases The current redhat derived bases that Kolla ships use libreswan instead of openswan (even running 'yum install openswan' on these bases results in libreswan being installed). This means we need to use this device_driver in vpnaas_agent.ini. Also /lib/modules is required from the host for the ipsec driver. Change-Id: I94480cda06718ab4aa10250520fa58956151e33a Closes-Bug: #1644518 --- ansible/roles/neutron/tasks/start.yml | 1 + ansible/roles/neutron/templates/vpnaas_agent.ini.j2 | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ansible/roles/neutron/tasks/start.yml b/ansible/roles/neutron/tasks/start.yml index 95f5e65d4c..9c5009f857 100644 --- a/ansible/roles/neutron/tasks/start.yml +++ b/ansible/roles/neutron/tasks/start.yml @@ -295,6 +295,7 @@ - "/etc/localtime:/etc/localtime:ro" - "/run:/run:shared" - "/run/netns/:/run/netns/:shared" + - "/lib/modules:/lib/modules:ro" - "neutron_metadata_socket:/var/lib/neutron/kolla/" - "kolla_logs:/var/log/kolla/" when: diff --git a/ansible/roles/neutron/templates/vpnaas_agent.ini.j2 b/ansible/roles/neutron/templates/vpnaas_agent.ini.j2 index 2f4d33d638..5647ac2040 100644 --- a/ansible/roles/neutron/templates/vpnaas_agent.ini.j2 +++ b/ansible/roles/neutron/templates/vpnaas_agent.ini.j2 @@ -1,4 +1,4 @@ -{% set vpn_device_driver = 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver' if kolla_base_distro in ['ubuntu', 'debian'] else 'neutron_vpnaas.services.vpn.device_drivers.ipsec.OpenSwanDriver'%} +{% set vpn_device_driver = 'neutron_vpnaas.services.vpn.device_drivers.strongswan_ipsec.StrongSwanDriver' if kolla_base_distro in ['ubuntu', 'debian'] else 'neutron_vpnaas.services.vpn.device_drivers.libreswan_ipsec.LibreSwanDriver'%} [DEFAULT] [ipsec]