Neutron already supports flavor framework, and currently, only l3 service is using it. In VPNaaS, we also would like to support flavor, in order to support multiple vpn service drivers in one deployment.
One real use case from us:
We (a public cloud provider) are using openswan driver for vpnaas in our public cloud, and recently, some customers are asking SHA2 for more secure connection, it's time for us to do upgrade for vpnaas now (we are still running liberty). Since openswan is not maintained properly, we are also considering switching to stongswan smoothly without bring much overhead to customers.
The upgrade will be a non-trivial job without flavor support. With flavor, we could easily add strongswan as the default driver, but still use openswan for old vpn connections. Of course, other things need to be done to make sure operations for old resources are handled properly by the right driver. With thad said, after upgrade, customers could still use their old ipsec site connections which are served by openswan, but new request will use strongswan to create vpn service.
Fix proposed to branch: master /review. openstack. org/457527
Review: https:/