@@ -49,6 +49,7 @@ source $TOP_DIR/lib/nova

 source $TOP_DIR/lib/cinder

 source $TOP_DIR/lib/swift

 source $TOP_DIR/lib/heat

+source $TOP_DIR/lib/neutron

 source $TOP_DIR/lib/neutron-legacy

 set -o xtrace

@@ -32,6 +32,7 @@ source $TOP_DIR/functions

 # Import project functions

 source $TOP_DIR/lib/cinder

+source $TOP_DIR/lib/neutron

 source $TOP_DIR/lib/neutron-legacy

 # Import configuration

@@ -31,6 +31,7 @@ source $TOP_DIR/functions

 source $TOP_DIR/openrc

 # Import project functions

+source $TOP_DIR/lib/neutron

 source $TOP_DIR/lib/neutron-legacy

 # Import exercise configuration

@@ -37,6 +37,7 @@ source $TOP_DIR/functions

 source $TOP_DIR/openrc

 # Import neutron functions

+source $TOP_DIR/lib/neutron

 source $TOP_DIR/lib/neutron-legacy

 # If neutron is not enabled we exit with exitcode 55, which means exercise is skipped.

@@ -32,6 +32,7 @@ source $TOP_DIR/openrc

 # Import project functions

 source $TOP_DIR/lib/cinder

+source $TOP_DIR/lib/neutron

 source $TOP_DIR/lib/neutron-legacy

 # Import exercise configuration

new file mode 100644

@@ -0,0 +1,556 @@

+#!/bin/bash

+#

+# lib/neutron

+# Install and start **Neutron** network services

+

+# Dependencies:

+#

+# ``functions`` file

+# ``DEST`` must be defined

+

+# ``stack.sh`` calls the entry points in this order:

+#

+# - is_XXXX_enabled

+# - install_XXXX

+# - configure_XXXX

+# - init_XXXX

+# - start_XXXX

+# - stop_XXXX

+# - cleanup_XXXX

+

+# Save trace setting

+XTRACE=$(set +o | grep xtrace)

+set +o xtrace

+

+# Defaults

+# --------

+

+# Set up default directories

+GITDIR["python-neutronclient"]=$DEST/python-neutronclient

+

+NEUTRON_AGENT=${NEUTRON_AGENT:-openvswitch}

+NEUTRON_DIR=$DEST/neutron

+NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron}

+

+NEUTRON_BIN_DIR=$(get_python_exec_prefix)

+NEUTRON_DHCP_BINARY="neutron-dhcp-agent"

+

+NEUTRON_CONF_DIR=/etc/neutron

+NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf

+NEUTRON_META_CONF=$NEUTRON_CONF_DIR/metadata_agent.ini

+

+NEUTRON_DHCP_CONF=$NEUTRON_CONF_DIR/dhcp_agent.ini

+NEUTRON_L3_CONF=$NEUTRON_CONF_DIR/l3_agent.ini

+NEUTRON_AGENT_CONF=$NEUTRON_CONF_DIR/

+

+NEUTRON_STATE_PATH=${NEUTRON_STATE_PATH:=$DATA_DIR/neutron}

+NEUTRON_AUTH_CACHE_DIR=${NEUTRON_AUTH_CACHE_DIR:-/var/cache/neutron}

+

+# By default, use the ML2 plugin

+NEUTRON_PLUGIN=${NEUTRON_PLUGIN:-ml2}

+NEUTRON_PLUGIN_CONF_FILENAME=${NEUTRON_PLUGIN_CONF_FILENAME:-ml2_conf.ini}

+NEUTRON_PLUGIN_CONF_PATH=$NEUTRON_CONF_DIR/plugins/$NEUTRON_PLUGIN

+NEUTRON_PLUGIN_CONF=$NEUTRON_PLUGIN_CONF_PATH/$NEUTRON_PLUGIN_CONF_FILENAME

+

+NEUTRON_AGENT_BINARY=${NEUTRON_AGENT_BINARY:-neutron-$NEUTRON_AGENT-agent}

+NEUTRON_L3_BINARY=${NEUTRON_L3_BINARY:-neutron-l3-agent}

+NEUTRON_META_BINARY=${NEUTRON_META_BINARY:-neutron-metadata-agent}

+

+# Public facing bits

+if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then

+    NEUTRON_SERVICE_PROTOCOL="https"

+fi

+NEUTRON_SERVICE_HOST=${NEUTRON_SERVICE_HOST:-$SERVICE_HOST}

+NEUTRON_SERVICE_PORT=${NEUTRON_SERVICE_PORT:-9696}

+NEUTRON_SERVICE_PORT_INT=${NEUTRON_SERVICE_PORT_INT:-19696}

+NEUTRON_SERVICE_PROTOCOL=${NEUTRON_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}

+

+NEUTRON_AUTH_STRATEGY=${NEUTRON_AUTH_STRATEGY:-keystone}

+NEUTRON_ROOTWRAP=$(get_rootwrap_location neutron)

+NEUTRON_ROOTWRAP_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf

+NEUTRON_ROOTWRAP_DAEMON_CMD="sudo $NEUTRON_ROOTWRAP-daemon $NEUTRON_ROOTWRAP_CONF_FILE"

+

+# Add all enabled config files to a single config arg

+NEUTRON_CONFIG_ARG=${NEUTRON_CONFIG_ARG:-""}

+

+# Functions

+# ---------

+

+# Test if any Neutron services are enabled

+# is_neutron_enabled

+function is_neutron_enabled {

+    [[ ,${ENABLED_SERVICES} =~ ,"neutron-" || ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0

+    return 1

+}

+

+# Test if any Neutron services are enabled

+# is_neutron_enabled

+function is_neutron_legacy_enabled {

+    [[ ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0

+    return 1

+}

+

+# cleanup_neutron() - Remove residual data files, anything left over from previous

+# runs that a clean run would need to clean up

+function cleanup_neutron_new {

+    source $TOP_DIR/lib/neutron_plugins/${NEUTRON_AGENT}_agent

+    if is_neutron_ovs_base_plugin; then

+        neutron_ovs_base_cleanup

+    fi

+

+    if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then

+        neutron_lb_cleanup

+    fi

+    # delete all namespaces created by neutron

+    for ns in $(sudo ip netns list | grep -o -E '(qdhcp|qrouter|qlbaas|fip|snat)-[0-9a-f-]*'); do

+        sudo ip netns delete ${ns}

+    done

+}

+

+# configure_neutron() - Set config files, create data dirs, etc

+function configure_neutron_new {

+    sudo install -d -o $STACK_USER $NEUTRON_CONF_DIR

+

+    (cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh)

+

+    cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF

+

+    configure_neutron_rootwrap

+

+    mkdir -p $NEUTRON_PLUGIN_CONF_PATH

+

+    cp $NEUTRON_DIR/etc/neutron/plugins/$NEUTRON_PLUGIN/$NEUTRON_PLUGIN_CONF_FILENAME.sample $NEUTRON_PLUGIN_CONF

+

+    iniset $NEUTRON_CONF database connection `database_connection_url neutron`

+    iniset $NEUTRON_CONF DEFAULT state_path $NEUTRON_STATE_PATH

+    iniset $NEUTRON_CONF oslo_concurrency lock_path $NEUTRON_STATE_PATH/lock

+    iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG

+

+    # Neutron API server & Neutron plugin

+    if is_service_enabled neutron-api; then

+        local policy_file=$NEUTRON_CONF_DIR/policy.json

+        cp $NEUTRON_DIR/etc/policy.json $policy_file

+        # Allow neutron user to administer neutron to match neutron account

+        sed -i 's/"context_is_admin":  "role:admin"/"context_is_admin":  "role:admin or user_name:neutron"/g' $policy_file

+

+        cp $NEUTRON_DIR/etc/api-paste.ini $NEUTRON_CONF_DIR/api-paste.ini

+

+        iniset $NEUTRON_CONF DEFAULT core_plugin ml2

+

+        iniset $NEUTRON_CONF DEFAULT verbose True

+        iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL

+        iniset $NEUTRON_CONF DEFAULT policy_file $policy_file

+        iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips True

+

+        iniset $NEUTRON_CONF DEFAULT auth_strategy $NEUTRON_AUTH_STRATEGY

+        configure_auth_token_middleware $NEUTRON_CONF neutron $NEUTRON_AUTH_CACHE_DIR keystone_authtoken

+

+        # Configuration for neutron notifations to nova.

+        iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES

+        iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES

+

+        iniset $NEUTRON_CONF nova auth_type password

+        iniset $NEUTRON_CONF nova auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"

+        iniset $NEUTRON_CONF nova username nova

+        iniset $NEUTRON_CONF nova password $SERVICE_PASSWORD

+        iniset $NEUTRON_CONF nova user_domain_id default

+        iniset $NEUTRON_CONF nova project_name $SERVICE_TENANT_NAME

+        iniset $NEUTRON_CONF nova project_domain_id default

+        iniset $NEUTRON_CONF nova region_name $REGION_NAME

+

+        # Configure VXLAN

+        # TODO(sc68cal) not hardcode?

+        iniset $NEUTRON_PLUGIN_CONF ml2 tenant_network_types vxlan

+        iniset $NEUTRON_PLUGIN_CONF ml2 type_drivers vxlan

+        iniset $NEUTRON_PLUGIN_CONF ml2 mechanism_drivers openvswitch,linuxbridge

+        iniset $NEUTRON_PLUGIN_CONF ml2_type_vxlan vni_ranges 1001:2000

+    fi

+

+    # Neutron OVS or LB agent

+    if is_service_enabled neutron-agent; then

+        iniset $NEUTRON_PLUGIN_CONF agent tunnel_types vxlan

+

+        # Configure the neutron agent

+        if [[ $NEUTRON_AGENT == "linuxbridge" ]]; then

+            iniset $NEUTRON_PLUGIN_CONF securitygroup iptables

+            iniset $NEUTRON_PLUGIN_CONF vxlan local_ip $HOST_IP

+        else

+            iniset $NEUTRON_PLUGIN_CONF securitygroup iptables_hybrid

+            iniset $NEUTRON_PLUGIN_CONF ovs local_ip $HOST_IP

+        fi

+    fi

+

+    # DHCP Agent

+    if is_service_enabled neutron-dhcp; then

+        cp $NEUTRON_DIR/etc/dhcp_agent.ini.sample $NEUTRON_DHCP_CONF

+

+        iniset $NEUTRON_DHCP_CONF DEFAULT verbose True

+        iniset $NEUTRON_DHCP_CONF DEFAULT debug True

+        iniset $NEUTRON_DHCP_CONF agent root_helper_daemon "$NEUTRON_ROOTWRAP_DAEMON_CMD"

+        iniset $NEUTRON_DHCP_CONF DEFAULT interface_driver $NEUTRON_AGENT

+        neutron_plugin_configure_dhcp_agent $NEUTRON_DHCP_CONF

+    fi

+

+    if is_service_enabled neutron-l3; then

+        cp $NEUTRON_DIR/etc/l3_agent.ini.sample $NEUTRON_L3_CONF

+        iniset $NEUTRON_L3_CONF DEFAULT interface_driver $NEUTRON_AGENT

+        iniset $NEUTRON_CONF DEFAULT service_plugins router

+        iniset $NEUTRON_L3_CONF agent root_helper_daemon "$NEUTRON_ROOTWRAP_DAEMON_CMD"

+        iniset $NEUTRON_L3_CONF DEFAULT debug True

+        iniset $NEUTRON_L3_CONF DEFAULT verbose True

+        neutron_plugin_configure_l3_agent $NEUTRON_L3_CONF

+    fi

+

+    # Metadata

+    if is_service_enabled neutron-meta; then

+        cp $NEUTRON_DIR/etc/metadata_agent.ini.sample $NEUTRON_META_CONF

+

+        iniset $NEUTRON_META_CONF DEFAULT verbose True

+        iniset $NEUTRON_META_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL

+        iniset $NEUTRON_META_CONF DEFAULT nova_metadata_ip $SERVICE_HOST

+        iniset $NEUTRON_META_CONF agent root_helper_daemon "$NEUTRON_ROOTWRAP_DAEMON_CMD"

+

+        # TODO(dtroyer): remove the v2.0 hard code below

+        iniset $NEUTRON_META_CONF DEFAULT auth_url $KEYSTONE_SERVICE_URI/v2.0

+        configure_auth_token_middleware $NEUTRON_META_CONF neutron $NEUTRON_AUTH_CACHE_DIR DEFAULT

+    fi

+

+    # Format logging

+    if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then

+        setup_colorized_logging $NEUTRON_CONF DEFAULT project_id

+    else

+        # Show user_name and project_name by default

+        iniset $NEUTRON_CONF DEFAULT logging_context_format_string "%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s"

+    fi

+

+    if is_service_enabled tls-proxy; then

+        # Set the service port for a proxy to take the original

+        iniset $NEUTRON_CONF DEFAULT bind_port "$NEUTRON_SERVICE_PORT_INT"

+    fi

+

+    if is_ssl_enabled_service "nova"; then

+        iniset $NEUTRON_CONF nova cafile $SSL_BUNDLE_FILE

+    fi

+

+    if is_ssl_enabled_service "neutron"; then

+        ensure_certificates NEUTRON

+

+        iniset $NEUTRON_CONF DEFAULT use_ssl True

+        iniset $NEUTRON_CONF DEFAULT ssl_cert_file "$NEUTRON_SSL_CERT"

+        iniset $NEUTRON_CONF DEFAULT ssl_key_file "$NEUTRON_SSL_KEY"

+    fi

+

+}

+

+# configure_neutron_rootwrap() - configure Neutron's rootwrap

+function configure_neutron_rootwrap {

+    # Set the paths of certain binaries

+    neutron_rootwrap=$(get_rootwrap_location neutron)

+

+    # Specify ``rootwrap.conf`` as first parameter to neutron-rootwrap

+    local rootwrap_sudoer_cmd="${neutron_rootwrap} $NEUTRON_CONF_DIR/rootwrap.conf"

+

+    # Deploy new rootwrap filters files (owned by root).

+    # Wipe any existing rootwrap.d files first

+    if [[ -d $NEUTRON_CONF_DIR/rootwrap.d ]]; then

+        sudo rm -rf $NEUTRON_CONF_DIR/rootwrap.d

+    fi

+

+    # Deploy filters to /etc/neutron/rootwrap.d

+    sudo install -d -o root -g root -m 755 $NEUTRON_CONF_DIR/rootwrap.d

+    sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/neutron/rootwrap.d/*.filters $NEUTRON_CONF_DIR/rootwrap.d

+

+    # Set up ``rootwrap.conf``, pointing to ``$NEUTRON_CONF_DIR/rootwrap.d``

+    sudo install -o root -g root -m 644 $NEUTRON_DIR/etc/rootwrap.conf $NEUTRON_CONF_DIR

+    sudo sed -e "s:^filters_path=.*$:filters_path=$NEUTRON_CONF_DIR/rootwrap.d:" -i $NEUTRON_CONF_DIR/rootwrap.conf

+

+    # Set up the rootwrap sudoers for Neutron

+    tempfile=`mktemp`

+    echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudoer_cmd *" >$tempfile

+    chmod 0440 $tempfile

+    sudo chown root:root $tempfile

+    sudo mv $tempfile /etc/sudoers.d/neutron-rootwrap

+}

+

+# Make Neutron-required changes to nova.conf

+function configure_neutron_nova_new {

+    iniset $NOVA_CONF DEFAULT use_neutron True

+    iniset $NOVA_CONF neutron auth_type "password"

+    iniset $NOVA_CONF neutron auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v3"

+    iniset $NOVA_CONF neutron username neutron

+    iniset $NOVA_CONF neutron password "$SERVICE_PASSWORD"

+    iniset $NOVA_CONF neutron user_domain_name "Default"

+    iniset $NOVA_CONF neutron project_name "$SERVICE_TENANT_NAME"

+    iniset $NOVA_CONF neutron project_domain_name "Default"

+    iniset $NOVA_CONF neutron auth_strategy $NEUTRON_AUTH_STRATEGY

+    iniset $NOVA_CONF neutron region_name "$REGION_NAME"

+    iniset $NOVA_CONF neutron url $NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT

+

+    iniset $NOVA_CONF DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver

+

+    if is_service_enabled neutron-meta; then

+        iniset $NOVA_CONF neutron service_metadata_proxy "True"

+    fi

+

+}

+

+# Tenant               User       Roles

+# ------------------------------------------------------------------

+# service              neutron    admin        # if enabled

+

+# create_neutron_accounts() - Create required service accounts

+function create_neutron_accounts_new {

+    if [[ "$ENABLED_SERVICES" =~ "neutron-api" ]]; then

+

+        create_service_user "neutron"

+

+        neutron_service=$(get_or_create_service "neutron" \

+            "network" "Neutron Service")

+        get_or_create_endpoint $neutron_service \

+            "$REGION_NAME" \

+            "$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/" \

+            "$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/" \

+            "$NEUTRON_SERVICE_PROTOCOL://$NEUTRON_SERVICE_HOST:$NEUTRON_SERVICE_PORT/"

+    fi

+}

+

+# create_neutron_cache_dir() - Part of the init_neutron() process

+function create_neutron_cache_dir {

+    # Create cache dir

+    sudo install -d -o $STACK_USER $NEUTRON_AUTH_CACHE_DIR

+    rm -f $NEUTRON_AUTH_CACHE_DIR/*

+}

+

+# init_neutron() - Initialize databases, etc.

+function init_neutron_new {

+

+    recreate_database neutron

+

+    # Run Neutron db migrations

+    $NEUTRON_BIN_DIR/neutron-db-manage $NEUTRON_CONFIG_ARG upgrade heads

+

+    create_neutron_cache_dir

+}

+

+# install_neutron() - Collect source and prepare

+function install_neutron_new {

+    git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH

+    setup_develop $NEUTRON_DIR

+

+    # Install neutron-lib from git so we make sure we're testing

+    # the latest code.

+    if use_library_from_git "neutron-lib"; then

+        git_clone_by_name "neutron-lib"

+        setup_dev_lib "neutron-lib"

+    fi

+

+    # L3 service requires radvd

+    if is_service_enabled neutron-l3; then

+        install_package radvd

+    fi

+

+    if is_service_enabled neutron-agent neutron-dhcp neutron-l3; then

+        #TODO(sc68cal) - kind of ugly

+        source $TOP_DIR/lib/neutron_plugins/${NEUTRON_AGENT}_agent

+        neutron_plugin_install_agent_packages

+    fi

+

+}

+

+# install_neutronclient() - Collect source and prepare

+function install_neutronclient {

+    if use_library_from_git "python-neutronclient"; then

+        git_clone_by_name "python-neutronclient"

+        setup_dev_lib "python-neutronclient"

+        sudo install -D -m 0644 -o $STACK_USER {${GITDIR["python-neutronclient"]}/tools/,/etc/bash_completion.d/}neutron.bash_completion

+    fi

+}

+

+# start_neutron_api() - Start the API process ahead of other things

+function start_neutron_api {

+    local service_port=$NEUTRON_SERVICE_PORT

+    local service_protocol=$NEUTRON_SERVICE_PROTOCOL

+    if is_service_enabled tls-proxy; then

+        service_port=$NEUTRON_SERVICE_PORT_INT

+        service_protocol="http"

+    fi

+

+    # Start the Neutron service

+    # TODO(sc68cal) Stop hard coding this

+    run_process neutron-api "$NEUTRON_BIN_DIR/neutron-server --config-file $NEUTRON_CONF --config-file $NEUTRON_PLUGIN_CONF"

+

+    if is_ssl_enabled_service "neutron"; then

+        ssl_ca="--ca-certificate=${SSL_BUNDLE_FILE}"

+        local testcmd="wget ${ssl_ca} --no-proxy -q -O- $service_protocol://$NEUTRON_SERVICE_HOST:$service_port"

+        test_with_retry "$testcmd" "Neutron did not start" $SERVICE_TIMEOUT

+    else

+        if ! wait_for_service $SERVICE_TIMEOUT $service_protocol://$NEUTRON_SERVICE_HOST:$service_port; then

+            die $LINENO "neutron-api did not start"

+        fi

+    fi

+

+

+    # Start proxy if enabled

+    if is_service_enabled tls-proxy; then

+        start_tls_proxy '*' $NEUTRON_SERVICE_PORT $NEUTRON_SERVICE_HOST $NEUTRON_SERVICE_PORT_INT &

+    fi

+}

+

+# start_neutron() - Start running processes, including screen

+function start_neutron_new {

+    _set_config_files

+

+    # Start up the neutron agents if enabled

+    # TODO(sc68cal) Make this pluggable so different DevStack plugins for different Neutron plugins

+    # can resolve the $NEUTRON_AGENT_BINARY

+    if is_service_enabled neutron-agent; then

+        run_process neutron-agent "$NEUTRON_BIN_DIR/$NEUTRON_AGENT_BINARY $NEUTRON_CONFIG_ARG"

+    fi

+    if is_service_enabled neutron-dhcp; then

+        neutron_plugin_configure_dhcp_agent $NEUTRON_DHCP_CONF

+        run_process neutron-dhcp "$NEUTRON_BIN_DIR/$NEUTRON_DHCP_BINARY $NEUTRON_CONFIG_ARG"

+    fi

+    if is_service_enabled neutron-l3; then

+        run_process neutron-l3 "$NEUTRON_BIN_DIR/$NEUTRON_L3_BINARY $NEUTRON_CONFIG_ARG"

+        # XXX(sc68cal) - Here's where plugins can wire up their own networks instead

+        # of the code in lib/neutron_plugins/services/l3

+        if type -p neutron_plugin_create_initial_networks > /dev/null; then

+            neutron_plugin_create_initial_networks

+        else

+            # XXX(sc68cal) Load up the built in Neutron networking code and build a topology

+            source $TOP_DIR/lib/neutron_plugins/services/l3

+            # Create the networks using servic

+            create_neutron_initial_network

+        fi

+    fi

+    if is_service_enabled neutron-meta; then

+        run_process neutron-meta "$NEUTRON_BIN_DIR/$NEUTRON_META_BINARY $NEUTRON_CONFIG_ARG"

+    fi

+}

+

+# stop_neutron() - Stop running processes (non-screen)

+function stop_neutron_new {

+    for serv in neutron-api neutron-agent neutron-l3; do

+        stop_process $serv

+    done

+

+    if is_service_enabled neutron-dhcp; then

+        stop_process neutron-dhcp

+        pid=$(ps aux | awk '/[d]nsmasq.+interface=(tap|ns-)/ { print $2 }')

+        [ ! -z "$pid" ] && sudo kill -9 $pid

+    fi

+

+    if is_service_enabled neutron-meta; then

+        sudo pkill -9 -f neutron-ns-metadata-proxy || :

+        stop_process neutron-meta

+    fi

+}

+

+# Compile the lost of enabled config files

+function _set_config_files {

+

+    #TODO(sc68cal) - see if we can clean up this and only

+    # pass in config files that make sense for certain agents

+    if is_service_enabled neutron-api; then

+        NEUTRON_CONFIG_ARG+=" --config-file $NEUTRON_CONF"

+    fi

+

+    #TODO(sc68cal) OVS and LB agent uses settings in NEUTRON_PLUGIN_CONF (ml2_conf.ini) but others may not

+    if is_service_enabled neutron-agent; then

+        NEUTRON_CONFIG_ARG+=" --config-file $NEUTRON_PLUGIN_CONF"

+    fi

+

+    if is_service_enabled neutron-dhcp; then

+        NEUTRON_CONFIG_ARG+=" --config-file $NEUTRON_DHCP_CONF"

+    fi

+

+    if is_service_enabled neutron-l3; then

+        NEUTRON_CONFIG_ARG+=" --config-file $NEUTRON_L3_CONF"

+    fi

+

+    if is_service_enabled neutron-meta; then

+        NEUTRON_CONFIG_ARG+=" --config-file $NEUTRON_META_CONF"

+    fi

+

+}

+

+# Dispatch functions

+# These are needed for compatibility between the old and new implementations

+# where there are function name overlaps.  These will be removed when

+# neutron-legacy is removed.

+# TODO(sc68cal) Remove when neutron-legacy is no more.

+function cleanup_neutron {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        cleanup_mutnauq "$@"

+    else

+        cleanup_neutron_new "$@"

+    fi

+}

+

+function configure_neutron {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        configure_mutnauq "$@"

+    else

+        configure_neutron_new "$@"

+    fi

+}

+

+function configure_neutron_nova {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        create_nova_conf_neutron "$@"

+    else

+        configure_neutron_nova_new "$@"

+    fi

+}

+

+function create_neutron_accounts {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        create_mutnauq_accounts "$@"

+    else

+        create_neutron_accounts_new "$@"

+    fi

+}

+

+function init_neutron {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        init_mutnauq "$@"

+    else

+        init_neutron_new "$@"

+    fi

+}

+

+function install_neutron {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        install_mutnauq "$@"

+    else

+        install_neutron_new "$@"

+    fi

+}

+

+function start_neutron {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        start_mutnauq_l2_agent "$@"

+        start_mutnauq_other_agents "$@"

+    else

+        start_neutron_new "$@"

+    fi

+}

+

+function stop_neutron {

+    if is_neutron_legacy_enabled; then

+        # Call back to old function

+        stop_mutnauq "$@"

+    else

+        stop_neutron_new "$@"

+    fi

+}

+

+# Restore xtrace

+$XTRACE

@@ -61,45 +61,12 @@

 # Neutron Network Configuration

 # -----------------------------

-# Subnet IP version

-IP_VERSION=${IP_VERSION:-"4+6"}

-# Validate IP_VERSION

-if [[ $IP_VERSION != "4" ]] && [[ $IP_VERSION != "6" ]] && [[ $IP_VERSION != "4+6" ]]; then

-    die $LINENO "IP_VERSION must be either 4, 6, or 4+6"

-fi

-# Gateway and subnet defaults, in case they are not customized in localrc

-NETWORK_GATEWAY=${NETWORK_GATEWAY:-10.0.0.1}

-PUBLIC_NETWORK_GATEWAY=${PUBLIC_NETWORK_GATEWAY:-172.24.4.1}

-PRIVATE_SUBNET_NAME=${PRIVATE_SUBNET_NAME:-"private-subnet"}

-PUBLIC_SUBNET_NAME=${PUBLIC_SUBNET_NAME:-"public-subnet"}

-

-# Subnetpool defaults

-SUBNETPOOL_NAME=${SUBNETPOOL_NAME:-"shared-default-subnetpool"}

-

-SUBNETPOOL_PREFIX_V4=${SUBNETPOOL_PREFIX_V4:-10.0.0.0/8}

-SUBNETPOOL_PREFIX_V6=${SUBNETPOOL_PREFIX_V6:-2001:db8:8000::/48}

-

-SUBNETPOOL_SIZE_V4=${SUBNETPOOL_SIZE_V4:-24}

-SUBNETPOOL_SIZE_V6=${SUBNETPOOL_SIZE_V6:-64}

 if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then

     Q_PROTOCOL="https"

 fi

-# Generate 40-bit IPv6 Global ID to comply with RFC 4193

-IPV6_GLOBAL_ID=`uuidgen | sed s/-//g | cut -c 23- | sed -e "s/\(..\)\(....\)\(....\)/\1:\2:\3/"`

-

-# IPv6 gateway and subnet defaults, in case they are not customized in localrc

-IPV6_RA_MODE=${IPV6_RA_MODE:-slaac}

-IPV6_ADDRESS_MODE=${IPV6_ADDRESS_MODE:-slaac}

-IPV6_PUBLIC_SUBNET_NAME=${IPV6_PUBLIC_SUBNET_NAME:-ipv6-public-subnet}

-IPV6_PRIVATE_SUBNET_NAME=${IPV6_PRIVATE_SUBNET_NAME:-ipv6-private-subnet}

-FIXED_RANGE_V6=${FIXED_RANGE_V6:-fd$IPV6_GLOBAL_ID::/64}

-IPV6_PRIVATE_NETWORK_GATEWAY=${IPV6_PRIVATE_NETWORK_GATEWAY:-fd$IPV6_GLOBAL_ID::1}

-IPV6_PUBLIC_RANGE=${IPV6_PUBLIC_RANGE:-2001:db8::/64}

-IPV6_PUBLIC_NETWORK_GATEWAY=${IPV6_PUBLIC_NETWORK_GATEWAY:-2001:db8::2}

-IPV6_ROUTER_GW_IP=${IPV6_ROUTER_GW_IP:-2001:db8::1}

 # Set up default directories

 GITDIR["python-neutronclient"]=$DEST/python-neutronclient

@@ -171,56 +138,6 @@ Q_NOTIFY_NOVA_PORT_STATUS_CHANGES=${Q_NOTIFY_NOVA_PORT_STATUS_CHANGES:-True}

 Q_NOTIFY_NOVA_PORT_DATA_CHANGES=${Q_NOTIFY_NOVA_PORT_DATA_CHANGES:-True}

 VIF_PLUGGING_IS_FATAL=${VIF_PLUGGING_IS_FATAL:-True}

 VIF_PLUGGING_TIMEOUT=${VIF_PLUGGING_TIMEOUT:-300}

-# Specify if the initial private and external networks should be created

-NEUTRON_CREATE_INITIAL_NETWORKS=${NEUTRON_CREATE_INITIAL_NETWORKS:-True}

-

-## Provider Network Information

-PROVIDER_SUBNET_NAME=${PROVIDER_SUBNET_NAME:-"provider_net"}

-IPV6_PROVIDER_SUBNET_NAME=${IPV6_PROVIDER_SUBNET_NAME:-"provider_net_v6"}

-IPV6_PROVIDER_FIXED_RANGE=${IPV6_PROVIDER_FIXED_RANGE:-}

-IPV6_PROVIDER_NETWORK_GATEWAY=${IPV6_PROVIDER_NETWORK_GATEWAY:-}

-

-# Define the public bridge that will transmit traffic from VMs to the

-# physical network - used by both the OVS and Linux Bridge drivers.

-PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}

-

-# Use flat providernet for public network

-#

-# If Q_USE_PROVIDERNET_FOR_PUBLIC=True, use a flat provider network

-# for external interface of neutron l3-agent.  In that case,

-# PUBLIC_PHYSICAL_NETWORK specifies provider:physical_network value

-# used for the network.  In case of ofagent, you should add the

-# corresponding entry to your OFAGENT_PHYSICAL_INTERFACE_MAPPINGS.

-# For openvswitch agent, you should add the corresponding entry to

-# your OVS_BRIDGE_MAPPINGS.

-#

-# eg.  (ofagent)

-#    Q_USE_PROVIDERNET_FOR_PUBLIC=True

-#    Q_USE_PUBLIC_VETH=True

-#    PUBLIC_PHYSICAL_NETWORK=public

-#    OFAGENT_PHYSICAL_INTERFACE_MAPPINGS=public:veth-pub-int

-#

-# eg.  (openvswitch agent)

-#    Q_USE_PROVIDERNET_FOR_PUBLIC=True

-#    PUBLIC_PHYSICAL_NETWORK=public

-#    OVS_BRIDGE_MAPPINGS=public:br-ex

-Q_USE_PROVIDERNET_FOR_PUBLIC=${Q_USE_PROVIDERNET_FOR_PUBLIC:-False}

-PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK:-public}

-

-# If Q_USE_PUBLIC_VETH=True, create and use a veth pair instead of

-# PUBLIC_BRIDGE.  This is intended to be used with

-# Q_USE_PROVIDERNET_FOR_PUBLIC=True.

-Q_USE_PUBLIC_VETH=${Q_USE_PUBLIC_VETH:-False}

-Q_PUBLIC_VETH_EX=${Q_PUBLIC_VETH_EX:-veth-pub-ex}

-Q_PUBLIC_VETH_INT=${Q_PUBLIC_VETH_INT:-veth-pub-int}

-

-# The next two variables are configured by plugin

-# e.g.  _configure_neutron_l3_agent or lib/neutron_plugins/*

-#

-# The plugin supports L3.

-Q_L3_ENABLED=${Q_L3_ENABLED:-False}

-# L3 routers exist per tenant

-Q_L3_ROUTER_PER_TENANT=${Q_L3_ROUTER_PER_TENANT:-True}

 # List of config file names in addition to the main plugin config file

 # See _configure_neutron_common() for details about setting it up

@@ -354,6 +271,9 @@ source $TOP_DIR/lib/neutron_plugins/services/metering

 # ---------------------------------

 source $TOP_DIR/lib/neutron_plugins/services/firewall

+# L3 Service functions

+source $TOP_DIR/lib/neutron_plugins/services/l3

+

 # Use security group or not

 if has_neutron_plugin_security_group; then

     Q_USE_SECGROUP=${Q_USE_SECGROUP:-True}

@@ -400,16 +320,9 @@ function determine_config_files {

     echo "$opts"

 }

-# Test if any Neutron services are enabled

-# is_neutron_enabled

-function is_neutron_enabled {

-    [[ ,${ENABLED_SERVICES} =~ ,"q-" ]] && return 0

-    return 1

-}

-

-# configure_neutron()

+# configure_mutnauq()

 # Set common config for all neutron server and agents.

-function configure_neutron {

+function configure_mutnauq {

     _configure_neutron_common

     iniset_rpc_backend neutron $NEUTRON_CONF

@@ -482,21 +395,14 @@ function create_nova_conf_neutron {

     iniset $NOVA_CONF DEFAULT vif_plugging_timeout "$VIF_PLUGGING_TIMEOUT"

 }

-# create_neutron_cache_dir() - Part of the _neutron_setup_keystone() process

-function create_neutron_cache_dir {

-    # Create cache dir

-    sudo install -d -o $STACK_USER $NEUTRON_AUTH_CACHE_DIR

-    rm -f $NEUTRON_AUTH_CACHE_DIR/*

-}

-

-# create_neutron_accounts() - Set up common required neutron accounts

+# create_mutnauq_accounts() - Set up common required neutron accounts

 # Tenant               User       Roles

 # ------------------------------------------------------------------

 # service              neutron    admin        # if enabled

 # Migrated from keystone_data.sh

-function create_neutron_accounts {

+function create_mutnauq_accounts {

     if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then

         create_service_user "neutron"

@@ -511,107 +417,15 @@ function create_neutron_accounts {

     fi

 }

-function create_neutron_initial_network {

-    local project_id

-    project_id=$(openstack project list | grep " demo " | get_field 1)

-    die_if_not_set $LINENO project_id "Failure retrieving project_id for demo"

-

-    # Allow drivers that need to create an initial network to do so here

-    if type -p neutron_plugin_create_initial_network_profile > /dev/null; then

-        neutron_plugin_create_initial_network_profile $PHYSICAL_NETWORK

-    fi

-

-    if is_provider_network; then

-        die_if_not_set $LINENO PHYSICAL_NETWORK "You must specify the PHYSICAL_NETWORK"

-        die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specify the PROVIDER_NETWORK_TYPE"

-        NET_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" net-create $PHYSICAL_NETWORK --tenant_id $project_id --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" ${SEGMENTATION_ID:+--provider:segmentation_id $SEGMENTATION_ID} --shared | grep ' id ' | get_field 2)

-        die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PHYSICAL_NETWORK $project_id"

-

-        if [[ "$IP_VERSION" =~ 4.* ]]; then

-            SUBNET_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" subnet-create --tenant_id $project_id --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --name $PROVIDER_SUBNET_NAME --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2)

-            die_if_not_set $LINENO SUBNET_ID "Failure creating SUBNET_ID for $PROVIDER_SUBNET_NAME $project_id"

-        fi

-

-        if [[ "$IP_VERSION" =~ .*6 ]] && [[ -n "$IPV6_PROVIDER_FIXED_RANGE" ]] && [[ -n "$IPV6_PROVIDER_NETWORK_GATEWAY" ]]; then

-            SUBNET_V6_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" subnet-create --tenant_id $project_id --ip_version 6 --ipv6-address-mode $IPV6_ADDRESS_MODE --gateway $IPV6_PROVIDER_NETWORK_GATEWAY --name $IPV6_PROVIDER_SUBNET_NAME $NET_ID $IPV6_PROVIDER_FIXED_RANGE | grep 'id' | get_field 2)

-            die_if_not_set $LINENO SUBNET_V6_ID "Failure creating SUBNET_V6_ID for $IPV6_PROVIDER_SUBNET_NAME $project_id"

-        fi

-

-        if [[ $Q_AGENT == "openvswitch" ]]; then

-            sudo ip link set $OVS_PHYSICAL_BRIDGE up

-            sudo ip link set br-int up

-            sudo ip link set $PUBLIC_INTERFACE up

-        fi

-    else

-        NET_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" net-create --tenant-id $project_id "$PRIVATE_NETWORK_NAME" | grep ' id ' | get_field 2)

-        die_if_not_set $LINENO NET_ID "Failure creating NET_ID for $PRIVATE_NETWORK_NAME $project_id"

-

-        if [[ "$IP_VERSION" =~ 4.* ]]; then

-            # Create IPv4 private subnet

-            SUBNET_ID=$(_neutron_create_private_subnet_v4 $project_id)

-        fi

-

-        if [[ "$IP_VERSION" =~ .*6 ]]; then

-            # Create IPv6 private subnet

-            IPV6_SUBNET_ID=$(_neutron_create_private_subnet_v6 $project_id)

-        fi

-    fi

-

-    AUTO_ALLOCATE_EXT=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" ext-list | grep 'auto-allocated-topology' | get_field 1)

-    SUBNETPOOL_EXT=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" ext-list | grep 'subnet_allocation' | get_field 1)

-    if [[ "$Q_L3_ENABLED" == "True" ]]; then

-        # Create a router, and add the private subnet as one of its interfaces

-        if [[ "$Q_L3_ROUTER_PER_TENANT" == "True" ]]; then

-            # create a tenant-owned router.

-            ROUTER_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" router-create --tenant-id $project_id $Q_ROUTER_NAME | grep ' id ' | get_field 2)

-            die_if_not_set $LINENO ROUTER_ID "Failure creating ROUTER_ID for $project_id $Q_ROUTER_NAME"

-        else

-            # Plugin only supports creating a single router, which should be admin owned.

-            ROUTER_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" router-create $Q_ROUTER_NAME | grep ' id ' | get_field 2)

-            die_if_not_set $LINENO ROUTER_ID "Failure creating ROUTER_ID for $Q_ROUTER_NAME"

-        fi

-

-        # if the extension is available, then mark the external

-        # network as default, and provision default subnetpools

-        EXTERNAL_NETWORK_FLAGS="--router:external"

-        if [[ -n $AUTO_ALLOCATE_EXT && -n $SUBNETPOOL_EXT ]]; then

-            EXTERNAL_NETWORK_FLAGS="$EXTERNAL_NETWORK_FLAGS --is-default"

-            if [[ "$IP_VERSION" =~ 4.* ]]; then

-                SUBNETPOOL_V4_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" subnetpool-create $SUBNETPOOL_NAME --default-prefixlen $SUBNETPOOL_SIZE_V4 --pool-prefix $SUBNETPOOL_PREFIX_V4 --shared --is-default=True | grep ' id ' | get_field 2)

-            fi

-            if [[ "$IP_VERSION" =~ .*6 ]]; then

-                SUBNETPOOL_V6_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" subnetpool-create $SUBNETPOOL_NAME --default-prefixlen $SUBNETPOOL_SIZE_V6 --pool-prefix $SUBNETPOOL_PREFIX_V6 --shared --is-default=True | grep ' id ' | get_field 2)

-            fi

-        fi

-        # Create an external network, and a subnet. Configure the external network as router gw

-        if [ "$Q_USE_PROVIDERNET_FOR_PUBLIC" = "True" ]; then

-            EXT_NET_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" net-create "$PUBLIC_NETWORK_NAME" -- $EXTERNAL_NETWORK_FLAGS --provider:network_type=flat --provider:physical_network=${PUBLIC_PHYSICAL_NETWORK} | grep ' id ' | get_field 2)

-        else

-            EXT_NET_ID=$(neutron --os-cloud devstack-admin --os-region "$REGION_NAME" net-create "$PUBLIC_NETWORK_NAME" -- $EXTERNAL_NETWORK_FLAGS | grep ' id ' | get_field 2)

-        fi

-        die_if_not_set $LINENO EXT_NET_ID "Failure creating EXT_NET_ID for $PUBLIC_NETWORK_NAME"

-

-        if [[ "$IP_VERSION" =~ 4.* ]]; then

-            # Configure router for IPv4 public access

-            _neutron_configure_router_v4

-        fi

-

-        if [[ "$IP_VERSION" =~ .*6 ]]; then

-            # Configure router for IPv6 public access

-            _neutron_configure_router_v6

-        fi

-    fi

-}

-

-# init_neutron() - Initialize databases, etc.

-function init_neutron {

+# init_mutnauq() - Initialize databases, etc.

+function init_mutnauq {

     recreate_database $Q_DB_NAME

     # Run Neutron db migrations

     $NEUTRON_BIN_DIR/neutron-db-manage --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE upgrade head

 }

-# install_neutron() - Collect source and prepare

-function install_neutron {

+# install_mutnauq() - Collect source and prepare

+function install_mutnauq {

     # Install neutron-lib from git so we make sure we're testing

     # the latest code.

     if use_library_from_git "neutron-lib"; then

@@ -649,15 +463,6 @@ function install_neutron {

     fi

 }

-# install_neutronclient() - Collect source and prepare

-function install_neutronclient {

-    if use_library_from_git "python-neutronclient"; then

-        git_clone_by_name "python-neutronclient"