Comment 6 for bug 1837847
Revision history for this message
| Adriaan Schmidt (adriaan-schmidt) wrote | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
e3ace39
(Get the code!)
The way I create Neutron ports is a hack. It goes:
- Agent starts OpenVPN server, and is then no longer involved.
- Client initiates connection to OpenVPN, passes username and password.
- OpenVPN calls my authentication hook, where I try to get a Keystone token (via the client API) to decide if the client is allowed to connect. If I get a token I store it termporarily in a file.
- Client connection succeeds, and OpenVPN calls my learn-address hook, passing the client's mac address. Here I re-use the stored token to create the port (again via client API), as the client user who is connecting. Then I forget/delete the token.
- Client disconnects, and OpenVPN could call a hook again, where I would like to remove the port. But I no longer have a valid token to call the client API.