VPNaaS UI implementation

This is an implementation of VPNaaS UI.

implements blueprint vpnaas-ui.

Change-Id: I6c92505bb07399ba83e6b7fd7dd75f0fd1b4b2a8

openstack_dashboard/api/__init__.py

@@ -45,6 +45,7 @@ from openstack_dashboard.api import neutron
 from openstack_dashboard.api import nova
 from openstack_dashboard.api import swift
 from openstack_dashboard.api import trove
+from openstack_dashboard.api import vpn
 
 assert base
 assert cinder
@@ -58,3 +59,4 @@ assert lbaas
 assert swift
 assert ceilometer
 assert trove
+assert vpn

openstack_dashboard/api/vpn.py

@@ -0,0 +1,330 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+from __future__ import absolute_import
+
+from openstack_dashboard.api import neutron
+
+neutronclient = neutron.neutronclient
+
+
+class IKEPolicy(neutron.NeutronAPIDictWrapper):
+
+    """Wrapper for neutron VPN IKEPolicy."""
+
+    def __init__(self, apiresource):
+        super(IKEPolicy, self).__init__(apiresource)
+
+
+class IPSecPolicy(neutron.NeutronAPIDictWrapper):
+
+    """Wrapper for neutron VPN IPSecPolicy."""
+
+    def __init__(self, apiresource):
+        super(IPSecPolicy, self).__init__(apiresource)
+
+
+class IPSecSiteConnection(neutron.NeutronAPIDictWrapper):
+
+    """Wrapper for neutron IPSecSiteConnection."""
+
+    def __init__(self, apiresource):
+        super(IPSecSiteConnection, self).__init__(apiresource)
+
+    class AttributeDict(dict):
+        def __getattr__(self, attr):
+            return self[attr]
+
+        def __setattr__(self, attr, value):
+            self[attr] = value
+
+    def readable(self, request):
+        cFormatted = {'id': self.id,
+                      'name': self.name,
+                      'description': self.description,
+                      'status': self.status,
+                      }
+        try:
+            cFormatted['ikepolicy_id'] = self.ikepolicy_id
+            cFormatted['ikepolicy_name'] = ikepolicy_get(
+                request, self.ikepolicy_id).name
+        except Exception:
+            cFormatted['ikepolicy_id'] = self.ikepolicy_id
+            cFormatted['ikepolicy_name'] = self.ikepolicy_id
+
+        try:
+            cFormatted['ipsecpolicy_id'] = self.ipsecpolicy_id
+            cFormatted['ipsecpolicy_name'] = ipsecpolicy_get(
+                request, self.ipsecpolicy_id).name
+        except Exception:
+            cFormatted['ipsecpolicy_id'] = self.ipsecpolicy_id
+            cFormatted['ipsecpolicy_name'] = self.ipsecpolicy_id
+
+        try:
+            cFormatted['vpnservice_id'] = self.vpnservice_id
+            cFormatted['vpnservice_name'] = vpnservice_get(
+                request, self.vpnservice_id).name
+        except Exception:
+            cFormatted['vpnservice_id'] = self.vpnservice_id
+            cFormatted['vpnservice_name'] = self.vpnservice_id
+
+        return self.AttributeDict(cFormatted)
+
+
+class VPNService(neutron.NeutronAPIDictWrapper):
+
+    """Wrapper for neutron VPNService."""
+
+    def __init__(self, apiresource):
+        super(VPNService, self).__init__(apiresource)
+
+    class AttributeDict(dict):
+        def __getattr__(self, attr):
+            return self[attr]
+
+        def __setattr__(self, attr, value):
+            self[attr] = value
+
+    def readable(self, request):
+        sFormatted = {'id': self.id,
+                      'name': self.name,
+                      'description': self.description,
+                      'admin_state_up': self.admin_state_up,
+                      'status': self.status,
+                      }
+        try:
+            sFormatted['subnet_id'] = self.subnet_id
+            sFormatted['subnet_name'] = neutron.subnet_get(
+                request, self.subnet_id).cidr
+        except Exception:
+            sFormatted['subnet_id'] = self.subnet_id
+            sFormatted['subnet_name'] = self.subnet_id
+
+        try:
+            sFormatted['router_id'] = self.router_id
+            sFormatted['router_name'] = neutron.router_get(
+                request, self.router_id).name
+        except Exception:
+            sFormatted['router_id'] = self.router_id
+            sFormatted['router_name'] = self.router_id
+
+        return self.AttributeDict(sFormatted)
+
+
+def vpnservice_create(request, **kwargs):
+    """Create VPNService
+
+    :param request: request context
+    :param admin_state_up: admin state (default on)
+    :param name: name for VPNService
+    :param description: description for VPNService
+    :param router_id: router id for router of VPNService
+    :param subnet_id: subnet id for subnet of VPNService
+    """
+    body = {'vpnservice': {
+                    'admin_state_up': kwargs['admin_state_up'],
+                    'name': kwargs['name'],
+                    'description': kwargs['description'],
+                    'router_id': kwargs['router_id'],
+                    'subnet_id': kwargs['subnet_id']}
+            }
+    vpnservice = neutronclient(request).create_vpnservice(body).get(
+        'vpnservice')
+    return VPNService(vpnservice)
+
+
+def vpnservices_get(request, **kwargs):
+    vpnservices = neutronclient(request).list_vpnservices().get('vpnservices')
+    return [VPNService(v) for v in vpnservices]
+
+
+def vpnservice_get(request, vpnservice_id):
+    vpnservice = neutronclient(request).show_vpnservice(vpnservice_id).get(
+        'vpnservice')
+    return VPNService(vpnservice)
+
+
+def vpnservice_update(request, vpnservice_id, **kwargs):
+    vpnservice = neutronclient(request).update_vpnservice(
+        vpnservice_id, kwargs).get('vpnservice')
+    return VPNService(vpnservice)
+
+
+def vpnservice_delete(request, vpnservice_id):
+    neutronclient(request).delete_vpnservice(vpnservice_id)
+
+
+def ikepolicy_create(request, **kwargs):
+    """Create IKEPolicy
+
+    :param request: request context
+    :param name: name for IKEPolicy
+    :param description: description for IKEPolicy
+    :param auth_algorithm: authorization algorithm for IKEPolicy
+    :param encryption_algorithm: encryption algorithm for IKEPolicy
+    :param ike_version: IKE version for IKEPolicy
+    :param lifetime: Lifetime Units and Value for IKEPolicy
+    :param pfs: Perfect Forward Secrecy for IKEPolicy
+    :param phase1_negotiation_mode: IKE Phase1 negotiation mode for IKEPolicy
+    """
+    body = {'ikepolicy': {
+                    'name': kwargs['name'],
+                    'description': kwargs['description'],
+                    'auth_algorithm': kwargs['auth_algorithm'],
+                    'encryption_algorithm': kwargs[
+                        'encryption_algorithm'],
+                    'ike_version': kwargs['ike_version'],
+                    'lifetime': kwargs['lifetime'],
+                    'pfs': kwargs['pfs'],
+                    'phase1_negotiation_mode': kwargs[
+                        'phase1_negotiation_mode']}
+            }
+    ikepolicy = neutronclient(request).create_ikepolicy(body).get(
+        'ikepolicy')
+    return IKEPolicy(ikepolicy)
+
+
+def ikepolicies_get(request, **kwargs):
+    ikepolicies = neutronclient(request).list_ikepolicies().get('ikepolicies')
+    return [IKEPolicy(v) for v in ikepolicies]
+
+
+def ikepolicy_get(request, ikepolicy_id):
+    ikepolicy = neutronclient(request).show_ikepolicy(
+        ikepolicy_id).get('ikepolicy')
+    return IKEPolicy(ikepolicy)
+
+
+def ikepolicy_update(request, ikepolicy_id, **kwargs):
+    ikepolicy = neutronclient(request).update_ikepolicy(
+        ikepolicy_id, kwargs).get('ikepolicy')
+    return IKEPolicy(ikepolicy)
+
+
+def ikepolicy_delete(request, ikepolicy_id):
+    neutronclient(request).delete_ikepolicy(ikepolicy_id)
+
+
+def ipsecpolicy_create(request, **kwargs):
+    """Create IPSecPolicy
+
+    :param request: request context
+    :param name: name for IPSecPolicy
+    :param description: description for IPSecPolicy
+    :param auth_algorithm: authorization algorithm for IPSecPolicy
+    :param encapsulation_mode: encapsulation mode for IPSecPolicy
+    :param encryption_algorithm: encryption algorithm for IPSecPolicy
+    :param lifetime: Lifetime Units and Value for IPSecPolicy
+    :param pfs: Perfect Forward Secrecy for IPSecPolicy
+    :param transform_protocol: Transform Protocol for IPSecPolicy
+    """
+    body = {'ipsecpolicy': {
+                    'name': kwargs['name'],
+                    'description': kwargs['description'],
+                    'auth_algorithm': kwargs['auth_algorithm'],
+                    'encapsulation_mode': kwargs['encapsulation_mode'],
+                    'encryption_algorithm': kwargs['encryption_algorithm'],
+                    'lifetime': kwargs['lifetime'],
+                    'pfs': kwargs['pfs'],
+                    'transform_protocol': kwargs['transform_protocol']}
+            }
+    ipsecpolicy = neutronclient(request).create_ipsecpolicy(body).get(
+        'ipsecpolicy')
+    return IPSecPolicy(ipsecpolicy)
+
+
+def ipsecpolicies_get(request, **kwargs):
+    ipsecpolicies = neutronclient(request).list_ipsecpolicies().get(
+        'ipsecpolicies')
+    return [IPSecPolicy(v) for v in ipsecpolicies]
+
+
+def ipsecpolicy_get(request, ipsecpolicy_id):
+    ipsecpolicy = neutronclient(request).show_ipsecpolicy(
+        ipsecpolicy_id).get('ipsecpolicy')
+    return IPSecPolicy(ipsecpolicy)
+
+
+def ipsecpolicy_update(request, ipsecpolicy_id, **kwargs):
+    ipsecpolicy = neutronclient(request).update_ipsecpolicy(
+        ipsecpolicy_id, kwargs).get('ipsecpolicy')
+    return IPSecPolicy(ipsecpolicy)
+
+
+def ipsecpolicy_delete(request, ipsecpolicy_id):
+    neutronclient(request).delete_ipsecpolicy(ipsecpolicy_id)
+
+
+def ipsecsiteconnection_create(request, **kwargs):
+    """Create IPSecSiteConnection
+
+    :param request: request context
+    :param name: name for IPSecSiteConnection
+    :param description: description for IPSecSiteConnection
+    :param dpd: dead peer detection action, interval and timeout
+    :param ikepolicy_id: IKEPolicy associated with this connection
+    :param initiator: initiator state
+    :param ipsecpolicy_id: IPsecPolicy associated with this connection
+    :param mtu: MTU size for the connection
+    :param peer_address: remote branch router public
+    :param peer_cidrs: remote subnet(s) in CIDR format
+    :param peer_id: remote branch router identity"
+    :param psk: Pre-Shared Key string
+    :param vpnservice_id: VPNService associated with this connection
+    :param admin_state_up: admin state (default on)
+    """
+    body = {'ipsec_site_connection': {
+                    'name': kwargs['name'],
+                    'description': kwargs['description'],
+                    'dpd': kwargs['dpd'],
+                    'ikepolicy_id': kwargs['ikepolicy_id'],
+                    'initiator': kwargs['initiator'],
+                    'ipsecpolicy_id': kwargs['ipsecpolicy_id'],
+                    'mtu': kwargs['mtu'],
+                    'peer_address': kwargs['peer_address'],
+                    'peer_cidrs': kwargs['peer_cidrs'],
+                    'peer_id': kwargs['peer_id'],
+                    'psk': kwargs['psk'],
+                    'vpnservice_id': kwargs['vpnservice_id'],
+                    'admin_state_up': kwargs['admin_state_up']}
+            }
+    ipsecsiteconnection = neutronclient(request).create_ipsec_site_connection(
+        body).get('ipsec_site_connection')
+    return IPSecSiteConnection(ipsecsiteconnection)
+
+
+def ipsecsiteconnections_get(request, **kwargs):
+    ipsecsiteconnections = neutronclient(
+        request).list_ipsec_site_connections().get('ipsec_site_connections')
+    return [IPSecSiteConnection(v) for v in ipsecsiteconnections]
+
+
+def ipsecsiteconnection_get(request, ipsecsiteconnection_id):
+    ipsecsiteconnection = neutronclient(request).show_ipsec_site_connection(
+        ipsecsiteconnection_id).get('ipsec_site_connection')
+    return IPSecSiteConnection(ipsecsiteconnection)
+
+
+def ipsecsiteconnection_update(request, ipsecsiteconnection_id, **kwargs):
+    ipsecsiteconnection = neutronclient(request).update_ipsec_site_connection(
+        ipsecsiteconnection_id, kwargs).get('ipsec_site_connection')
+    return IPSecSiteConnection(ipsecsiteconnection)
+
+
+def ipsecsiteconnection_delete(request, ipsecsiteconnection_id):
+    neutronclient(request).delete_ipsec_site_connection(ipsecsiteconnection_id)

openstack_dashboard/dashboards/project/dashboard.py

@@ -35,7 +35,8 @@ class NetworkPanels(horizon.PanelGroup):
     panels = ('networks',
               'routers',
               'loadbalancers',
-              'network_topology',)
+              'network_topology',
+              'vpn',)
 
 
 class ObjectStorePanels(horizon.PanelGroup):

openstack_dashboard/dashboards/project/vpn/panel.py

@@ -0,0 +1,34 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+from django.conf import settings  # noqa
+from django.utils.translation import ugettext_lazy as _  # noqa
+
+import horizon
+
+from openstack_dashboard.dashboards.project import dashboard
+
+
+class VPN(horizon.Panel):
+    name = _("VPN")
+    slug = 'vpn'
+    permissions = ('openstack.services.network',)
+
+
+if getattr(settings, 'OPENSTACK_NEUTRON_NETWORK', {}).get('enable_vpn', False):
+    dashboard.Project.register(VPN)

openstack_dashboard/dashboards/project/vpn/tables.py

@@ -0,0 +1,179 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+
+import logging
+
+from django.template.defaultfilters import title  # noqa
+from django.utils.translation import ugettext_lazy as _  # noqa
+
+from horizon import tables
+from horizon.utils import filters
+
+
+LOG = logging.getLogger(__name__)
+
+
+class AddIKEPolicyLink(tables.LinkAction):
+    name = "addikepolicy"
+    verbose_name = _("Add IKEPolicy")
+    url = "horizon:project:vpn:addikepolicy"
+    classes = ("ajax-modal", "btn-addikepolicy",)
+
+
+class AddIPSecPolicyLink(tables.LinkAction):
+    name = "addipsecpolicy"
+    verbose_name = _("Add IPSecPolicy")
+    url = "horizon:project:vpn:addipsecpolicy"
+    classes = ("ajax-modal", "btn-addipsecpolicy",)
+
+
+class AddVPNServiceLink(tables.LinkAction):
+    name = "addvpnservice"
+    verbose_name = _("Add VPNService")
+    url = "horizon:project:vpn:addvpnservice"
+    classes = ("ajax-modal", "btn-addvpnservice",)
+
+
+class AddIPSecSiteConnectionLink(tables.LinkAction):
+    name = "addipsecsiteconnection"
+    verbose_name = _("Add IPSecSiteConnection")
+    url = "horizon:project:vpn:addipsecsiteconnection"
+    classes = ("ajax-modal", "btn-addipsecsiteconnection",)
+
+
+class DeleteVPNServiceLink(tables.DeleteAction):
+    name = "deletevpnservice"
+    action_present = _("Delete")
+    action_past = _("Scheduled deletion of")
+    data_type_singular = _("VPNService")
+    data_type_plural = _("VPNServices")
+
+
+class DeleteIKEPolicyLink(tables.DeleteAction):
+    name = "deleteikepolicy"
+    action_present = _("Delete")
+    action_past = _("Scheduled deletion of")
+    data_type_singular = _("IKEPolicy")
+    data_type_plural = _("IKEPolicies")
+
+
+class DeleteIPSecPolicyLink(tables.DeleteAction):
+    name = "deleteipsecpolicy"
+    action_present = _("Delete")
+    action_past = _("Scheduled deletion of")
+    data_type_singular = _("IPSecPolicy")
+    data_type_plural = _("IPSecPolicies")
+
+
+class DeleteIPSecSiteConnectionLink(tables.DeleteAction):
+    name = "deleteipsecsiteconnection"
+    action_present = _("Delete")
+    action_past = _("Scheduled deletion of")
+    data_type_singular = _("IPSecSiteConnection")
+    data_type_plural = _("IPSecSiteConnections")
+
+
+class IPSecSiteConnectionsTable(tables.DataTable):
+    STATUS_CHOICES = (
+        ("Active", True),
+        ("Down", True),
+        ("Error", False),
+    )
+    id = tables.Column('id', verbose_name=_('Id'), hidden=True)
+    name = tables.Column('name', verbose_name=_('Name'),
+                         link="horizon:project:vpn:ipsecsiteconnectiondetails")
+    vpnservice_name = tables.Column('vpnservice_name',
+                                    verbose_name=_('VPNService'))
+    ikepolicy_name = tables.Column('ikepolicy_name',
+                                   verbose_name=_('IKEPolicy'))
+    ipsecpolicy_name = tables.Column('ipsecpolicy_name',
+                                     verbose_name=_('IPSecPolicy'))
+    status = tables.Column("status",
+                           filters=(title, filters.replace_underscores),
+                           verbose_name=_("Status"),
+                           status=True,
+                           status_choices=STATUS_CHOICES)
+
+    class Meta:
+        name = "ipsecsiteconnectionstable"
+        verbose_name = _("IPSecSiteConnections")
+        table_actions = (AddIPSecSiteConnectionLink,
+                         DeleteIPSecSiteConnectionLink)
+        row_actions = (DeleteIPSecSiteConnectionLink,)
+
+
+class VPNServicesTable(tables.DataTable):
+    STATUS_CHOICES = (
+        ("Active", True),
+        ("Down", True),
+        ("Error", False),
+    )
+    id = tables.Column('id', verbose_name=_('Id'), hidden=True)
+    name = tables.Column("name", verbose_name=_('Name'),
+                         link="horizon:project:vpn:vpnservicedetails")
+    description = tables.Column('description', verbose_name=_('Description'))
+    subnet_name = tables.Column('subnet_name', verbose_name=_('Subnet'))
+    router_name = tables.Column('router_name', verbose_name=_('Router'))
+    status = tables.Column("status",
+                           filters=(title, filters.replace_underscores),
+                           verbose_name=_("Status"),
+                           status=True,
+                           status_choices=STATUS_CHOICES)
+
+    class Meta:
+        name = "vpnservicestable"
+        verbose_name = _("VPNServices")
+        table_actions = (AddVPNServiceLink, DeleteVPNServiceLink)
+        row_actions = (DeleteVPNServiceLink,)
+
+
+class IKEPoliciesTable(tables.DataTable):
+    id = tables.Column('id', verbose_name=_('Id'), hidden=True)
+    name = tables.Column("name", verbose_name=_('Name'),
+                         link="horizon:project:vpn:ikepolicydetails")
+    auth_algorithm = tables.Column('auth_algorithm',
+                                   verbose_name=_('Authorization algorithm'))
+    encryption_algorithm = tables.Column(
+                                'encryption_algorithm',
+                                verbose_name=_('Encryption algorithm'))
+    pfs = tables.Column("pfs", verbose_name=_('PFS'))
+
+    class Meta:
+        name = "ikepoliciestable"
+        verbose_name = _("IKEPolicies")
+        table_actions = (AddIKEPolicyLink, DeleteIKEPolicyLink)
+        row_actions = (DeleteIKEPolicyLink,)
+
+
+class IPSecPoliciesTable(tables.DataTable):
+    id = tables.Column('id', verbose_name=_('Id'), hidden=True)
+    name = tables.Column("name", verbose_name=_('Name'),
+                         link="horizon:project:vpn:ipsecpolicydetails")
+    auth_algorithm = tables.Column('auth_algorithm',
+                                   verbose_name=_('Authorization algorithm'))
+    encryption_algorithm = tables.Column(
+                                'encryption_algorithm',
+                                verbose_name=_('Encryption algorithm'))
+    pfs = tables.Column("pfs", verbose_name=_('PFS'))
+
+    class Meta:
+        name = "ipsecpoliciestable"
+        verbose_name = _("IPSecPolicies")
+        table_actions = (AddIPSecPolicyLink, DeleteIPSecPolicyLink,)
+        row_actions = (DeleteIPSecPolicyLink,)

openstack_dashboard/dashboards/project/vpn/tabs.py

@@ -0,0 +1,190 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+
+from django.utils.translation import ugettext_lazy as _  # noqa
+
+from horizon import exceptions
+from horizon import tabs
+
+from openstack_dashboard import api
+
+from openstack_dashboard.dashboards.project.vpn import tables
+
+
+class IPSecSiteConnectionsTab(tabs.TableTab):
+    table_classes = (tables.IPSecSiteConnectionsTable,)
+    name = _("IPSecSiteConnections")
+    slug = "ipsecsiteconnections"
+    template_name = ("horizon/common/_detail_table.html")
+
+    def get_ipsecsiteconnectionstable_data(self):
+        try:
+            ipsecsiteconnections = api.vpn.ipsecsiteconnections_get(
+                self.tab_group.request)
+            ipsecsiteconnectionsFormatted = [s.readable(self.tab_group.request)
+                for s in ipsecsiteconnections]
+        except Exception:
+            ipsecsiteconnectionsFormatted = []
+            exceptions.handle(self.tab_group.request,
+                _('Unable to retrieve IPSecSiteConnections list.'))
+        return ipsecsiteconnectionsFormatted
+
+
+class VPNServicesTab(tabs.TableTab):
+    table_classes = (tables.VPNServicesTable,)
+    name = _("VPNServices")
+    slug = "vpnservices"
+    template_name = ("horizon/common/_detail_table.html")
+
+    def get_vpnservicestable_data(self):
+        try:
+            vpnservices = api.vpn.vpnservices_get(
+                self.tab_group.request)
+            vpnservicesFormatted = [s.readable(self.tab_group.request) for
+                              s in vpnservices]
+        except Exception:
+            vpnservicesFormatted = []
+            exceptions.handle(self.tab_group.request,
+                              _('Unable to retrieve VPNServices list.'))
+        return vpnservicesFormatted
+
+
+class IKEPoliciesTab(tabs.TableTab):
+    table_classes = (tables.IKEPoliciesTable,)
+    name = _("IKEPolicies")
+    slug = "ikepolicies"
+    template_name = ("horizon/common/_detail_table.html")
+
+    def get_ikepoliciestable_data(self):
+        try:
+            ikepolicies = api.vpn.ikepolicies_get(
+                self.tab_group.request)
+        except Exception:
+            ikepolicies = []
+            exceptions.handle(self.tab_group.request,
+                              _('Unable to retrieve IKEPolicies list.'))
+        return ikepolicies
+
+
+class IPSecPoliciesTab(tabs.TableTab):
+    table_classes = (tables.IPSecPoliciesTable,)
+    name = _("IPSecPolicies")
+    slug = "ipsecpolicies"
+    template_name = ("horizon/common/_detail_table.html")
+
+    def get_ipsecpoliciestable_data(self):
+        try:
+            ipsecpolicies = api.vpn.ipsecpolicies_get(
+                self.tab_group.request)
+        except Exception:
+            ipsecpolicies = []
+            exceptions.handle(self.tab_group.request,
+                              _('Unable to retrieve IPSecPolicies list.'))
+        return ipsecpolicies
+
+
+class VPNTabs(tabs.TabGroup):
+    slug = "vpntabs"
+    tabs = (IKEPoliciesTab, IPSecPoliciesTab,
+            VPNServicesTab, IPSecSiteConnectionsTab,)
+    sticky = True
+
+
+class IKEPolicyDetailsTab(tabs.Tab):
+    name = _("IKEPolicy Details")
+    slug = "ikepolicydetails"
+    template_name = "project/vpn/_ikepolicy_details.html"
+
+    def get_context_data(self, request):
+        pid = self.tab_group.kwargs['ikepolicy_id']
+        try:
+            ikepolicy = api.vpn.ikepolicy_get(request, pid)
+        except Exception:
+            ikepolicy = []
+            exceptions.handle(request,
+                              _('Unable to retrieve IKEPolicy details.'))
+        return {'ikepolicy': ikepolicy}
+
+
+class IKEPolicyDetailsTabs(tabs.TabGroup):
+    slug = "ikepolicytabs"
+    tabs = (IKEPolicyDetailsTab,)
+
+
+class IPSecPolicyDetailsTab(tabs.Tab):
+    name = _("IPSecPolicy Details")
+    slug = "ipsecpolicydetails"
+    template_name = "project/vpn/_ipsecpolicy_details.html"
+
+    def get_context_data(self, request):
+        pid = self.tab_group.kwargs['ipsecpolicy_id']
+        try:
+            ipsecpolicy = api.vpn.ipsecpolicy_get(request, pid)
+        except Exception:
+            ipsecpolicy = []
+            exceptions.handle(request,
+                              _('Unable to retrieve IPSecPolicy details.'))
+        return {'ipsecpolicy': ipsecpolicy}
+
+
+class IPSecPolicyDetailsTabs(tabs.TabGroup):
+    slug = "ipsecpolicytabs"
+    tabs = (IPSecPolicyDetailsTab,)
+
+
+class VPNServiceDetailsTab(tabs.Tab):
+    name = _("VPNService Details")
+    slug = "vpnservicedetails"
+    template_name = "project/vpn/_vpnservice_details.html"
+
+    def get_context_data(self, request):
+        sid = self.tab_group.kwargs['vpnservice_id']
+        try:
+            vpnservice = api.vpn.vpnservice_get(request, sid)
+        except Exception:
+            vpnservice = []
+            exceptions.handle(request,
+                              _('Unable to retrieve VPNService details.'))
+        return {'vpnservice': vpnservice}
+
+
+class VPNServiceDetailsTabs(tabs.TabGroup):
+    slug = "vpnservicetabs"
+    tabs = (VPNServiceDetailsTab,)
+
+
+class IPSecSiteConnectionDetailsTab(tabs.Tab):
+    name = _("IPSecSiteConnection Details")
+    slug = "ipsecsiteconnectiondetails"
+    template_name = "project/vpn/_ipsecsiteconnection_details.html"
+
+    def get_context_data(self, request):
+        cid = self.tab_group.kwargs['ipsecsiteconnection_id']
+        try:
+            ipsecsiteconnection = api.vpn.ipsecsiteconnection_get(request, cid)
+        except Exception:
+            ipsecsiteconnection = []
+            exceptions.handle(request,
+                _('Unable to retrieve IPSecSiteConnection details.'))
+        return {'ipsecsiteconnection': ipsecsiteconnection}
+
+
+class IPSecSiteConnectionDetailsTabs(tabs.TabGroup):
+    slug = "ipsecsiteconnectiontabs"
+    tabs = (IPSecSiteConnectionDetailsTab,)

openstack_dashboard/dashboards/project/vpn/templates/vpn/_ikepolicy_details.html

@@ -0,0 +1,39 @@
+{% load i18n sizeformat parse_date %}
+
+<div class="info row-fluid detail">
+  <hr class="header_rule">
+  <dl>
+    <dt>{% trans "ID:" %}</dt>
+    <dd>{{ ikepolicy.id }}</dd>
+
+    <dt>{% trans "Tenant ID:" %}</dt>
+    <dd>{{ ikepolicy.tenant_id }}</dd>
+
+    <dt>{% trans "Name:" %}</dt>
+    <dd>{{ ikepolicy.name }}</dd>
+
+    <dt>{% trans "Description:" %}</dt>
+    <dd>{{ ikepolicy.description }}</dd>
+
+    <dt>{% trans "Authorization algorithm:" %}</dt>
+    <dd>{{ ikepolicy.auth_algorithm }}</dd>
+
+    <dt>{% trans "Encryption algorithm:" %}</dt>
+    <dd>{{ ikepolicy.encryption_algorithm }}</dd>
+
+    <dt>{% trans "IKE version:" %}</dt>
+    <dd>{{ ikepolicy.ike_version }}</dd>
+
+    <dt>{% trans "Lifetime Units:" %}</dt>
+    <dd>{{ ikepolicy.lifetime.units }}</dd>
+
+    <dt>{% trans "Lifetime Value:" %}</dt>
+    <dd>{{ ikepolicy.lifetime.value }}</dd>
+
+    <dt>{% trans "Perfect Forward Secrecy:" %}</dt>
+    <dd>{{ ikepolicy.pfs }}</dd>
+
+    <dt>{% trans "IKE Phase1 negotiation mode:" %}</dt>
+    <dd>{{ ikepolicy.phase1_negotiation_mode }}</dd>
+  </dl>
+</div>

openstack_dashboard/dashboards/project/vpn/templates/vpn/_ipsecpolicy_details.html

@@ -0,0 +1,39 @@
+{% load i18n sizeformat parse_date %}
+
+<div class="info row-fluid detail">
+  <hr class="header_rule">
+  <dl>
+    <dt>{% trans "ID:" %}</dt>
+    <dd>{{ ipsecpolicy.id }}</dd>
+
+    <dt>{% trans "Tenant ID:" %}</dt>
+    <dd>{{ ipsecpolicy.tenant_id }}</dd>
+
+    <dt>{% trans "Name:" %}</dt>
+    <dd>{{ ipsecpolicy.name }}</dd>
+
+    <dt>{% trans "Description:" %}</dt>
+    <dd>{{ ipsecpolicy.description }}</dd>
+
+    <dt>{% trans "Authorization algorithm:" %}</dt>
+    <dd>{{ ipsecpolicy.auth_algorithm }}</dd>
+
+    <dt>{% trans "Encapsulation mode:" %}</dt>
+    <dd>{{ ipsecpolicy.encapsulation_mode }}</dd>
+
+    <dt>{% trans "Encryption algorithm:" %}</dt>
+    <dd>{{ ipsecpolicy.encryption_algorithm }}</dd>
+
+    <dt>{% trans "Lifetime Units:" %}</dt>
+    <dd>{{ ipsecpolicy.lifetime.units }}</dd>
+
+    <dt>{% trans "Lifetime Value:" %}</dt>
+    <dd>{{ ipsecpolicy.lifetime.value }}</dd>
+
+    <dt>{% trans "Perfect Forward Secrecy:" %}</dt>
+    <dd>{{ ipsecpolicy.pfs }}</dd>
+
+    <dt>{% trans "Transform Protocol:" %}</dt>
+    <dd>{{ ipsecpolicy.transform_protocol }}</dd>
+  </dl>
+</div>

openstack_dashboard/dashboards/project/vpn/templates/vpn/_ipsecsiteconnection_details.html

@@ -0,0 +1,66 @@
+{% load i18n sizeformat parse_date %}
+
+<div class="info row-fluid detail">
+  <hr class="header_rule">
+  <dl>
+    <dt>{% trans "ID:" %}</dt>
+    <dd>{{ ipsecsiteconnection.id }}</dd>
+
+    <dt>{% trans "Tenant ID:" %}</dt>
+    <dd>{{ ipsecsiteconnection.tenant_id }}</dd>
+
+    <dt>{% trans "Name:" %}</dt>
+    <dd>{{ ipsecsiteconnection.name }}</dd>
+
+    <dt>{% trans "Description:" %}</dt>
+    <dd>{{ ipsecsiteconnection.description }}</dd>
+
+    <dt>{% trans "Authorization mode:" %}</dt>
+    <dd>{{ ipsecsiteconnection.auth_mode }}</dd>
+
+    <dt>{% trans "Dead peer detection action:" %}</dt>
+    <dd>{{ ipsecsiteconnection.dpd.action }}</dd>
+
+    <dt>{% trans "Dead peer detection interval:" %}</dt>
+    <dd>{{ ipsecsiteconnection.dpd.interval }}</dd>
+
+    <dt>{% trans "Dead peer detection timeout:" %}</dt>
+    <dd>{{ ipsecsiteconnection.dpd.timeout }}</dd>
+
+    <dt>{% trans "IKEPolicy:" %}</dt>
+    <dd>{{ ipsecsiteconnection.ikepolicy_id }}</dd>
+
+    <dt>{% trans "Initiator state:" %}</dt>
+    <dd>{{ ipsecsiteconnection.initiator }}</dd>
+
+    <dt>{% trans "IPsecPolicy:" %}</dt>
+    <dd>{{ ipsecsiteconnection.ipsecpolicy_id }}</dd>
+
+    <dt>{% trans "MTU:" %}</dt>
+    <dd>{{ ipsecsiteconnection.mtu }}</dd>
+
+    <dt>{% trans "Remote peer IP Address:" %}</dt>
+    <dd>{{ ipsecsiteconnection.peer_address }}</dd>
+
+    <dt>{% trans "Remote peer subnet:" %}</dt>
+    <dd>{{ ipsecsiteconnection.peer_cidrs }}</dd>
+
+    <dt>{% trans "Remote branch router identity:" %}</dt>
+    <dd>{{ ipsecsiteconnection.peer_id }}</dd>
+
+    <dt>{% trans "Pre-Shared Key string:" %}</dt>
+    <dd>{{ ipsecsiteconnection.psk }}</dd>
+
+    <dt>{% trans "Route mode:" %}</dt>
+    <dd>{{ ipsecsiteconnection.route_mode }}</dd>
+
+    <dt>{% trans "VPNService:" %}</dt>
+    <dd>{{ ipsecsiteconnection.vpnservice_id }}</dd>
+
+    <dt>{% trans "Admin State Up:" %}</dt>
+    <dd>{{ ipsecsiteconnection.admin_state_up }}</dd>
+
+    <dt>{% trans "Status:" %}</dt>
+    <dd>{{ ipsecsiteconnection.status }}</dd>
+  </dl>
+</div>

openstack_dashboard/dashboards/project/vpn/templates/vpn/_vpnservice_details.html

@@ -0,0 +1,36 @@
+{% load i18n sizeformat parse_date %}
+
+<div class="info row-fluid detail">
+  <hr class="header_rule">
+  <dl>
+    <dt>{% trans "ID:" %}</dt>
+    <dd>{{ vpnservice.id }}</dd>
+
+    <dt>{% trans "Tenant ID:" %}</dt>
+    <dd>{{ vpnservice.tenant_id }}</dd>
+
+    <dt>{% trans "Name:" %}</dt>
+    <dd>{{ vpnservice.name }}</dd>
+
+    <dt>{% trans "Description:" %}</dt>
+    <dd>{{ vpnservice.description }}</dd>
+
+    <dt>{% trans "VPN type:" %}</dt>
+    <dd>{{ vpnservice.vpn_type }}</dd>
+
+    <dt>{% trans "Router ID:" %}</dt>
+    <dd>{{ vpnservice.router_id }}</dd>
+
+    <dt>{% trans "Subnet ID:" %}</dt>
+    <dd>{{ vpnservice.subnet_id }}</dd>
+
+    <dt>{% trans "VPNConnections:" %}</dt>
+    <dd>{{ vpnservice.vpnconnections }}</dd>
+
+    <dt>{% trans "Admin State Up:" %}</dt>
+    <dd>{{ vpnservice.admin_state_up }}</dd>
+
+    <dt>{% trans "Status:" %}</dt>
+    <dd>{{ vpnservice.status }}</dd>
+  </dl>
+</div>

openstack_dashboard/dashboards/project/vpn/templates/vpn/details_tabs.html

@@ -0,0 +1,15 @@
+{% extends 'base.html' %}
+{% load i18n %}
+{% block title %}{% trans "Virtual Private Network" %}{% endblock %}
+
+{% block page_header %}
+  {% include "horizon/common/_page_header.html" with title=_("Virtual Private Network") %}
+{% endblock page_header %}
+
+{% block main %}
+<div class="row-fluid">
+  <div class="span12">
+  {{ tab_group.render }}
+  </div>
+</div>
+{% endblock %}

openstack_dashboard/dashboards/project/vpn/templates/vpn/index.html

@@ -0,0 +1,15 @@
+{% extends 'base.html' %}
+{% load i18n %}
+{% block title %}{% trans "Virtual Private Network" %}{% endblock %}
+
+{% block page_header %}
+  {% include "horizon/common/_page_header.html" with title=_("Virtual Private Network")%}
+{% endblock page_header %}
+
+{% block main %}
+<div class="row-fluid">
+  <div class="span12">
+    {{ tab_group.render }}
+  </div>
+</div>
+{% endblock %}

openstack_dashboard/dashboards/project/vpn/tests.py

@@ -0,0 +1,316 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+from mox import IsA  # noqa
+
+from django.core.urlresolvers import reverse  # noqa
+from django.core.urlresolvers import reverse_lazy  # noqa
+from django import http
+
+from horizon.workflows import views
+
+from openstack_dashboard import api
+from openstack_dashboard.test import helpers as test
+
+from openstack_dashboard.dashboards.project.vpn import workflows
+
+
+class VPNTests(test.TestCase):
+    class AttributeDict(dict):
+        def __getattr__(self, attr):
+            return self[attr]
+
+        def __setattr__(self, attr, value):
+            self[attr] = value
+
+    DASHBOARD = 'project'
+    INDEX_URL = reverse_lazy('horizon:%s:vpn:index' % DASHBOARD)
+
+    ADDIKEPOLICY_PATH = 'horizon:%s:vpn:addikepolicy' % DASHBOARD
+    ADDIPSECPOLICY_PATH = 'horizon:%s:vpn:addipsecpolicy' % DASHBOARD
+    ADDVPNSERVICE_PATH = 'horizon:%s:vpn:addvpnservice' % DASHBOARD
+    ADDVPNCONNECTION_PATH = 'horizon:%s:vpn:addipsecsiteconnection' % DASHBOARD
+
+    IKEPOLICY_DETAIL_PATH = 'horizon:%s:vpn:ikepolicydetails' % DASHBOARD
+    IPSECPOLICY_DETAIL_PATH = 'horizon:%s:vpn:ipsecpolicydetails' % DASHBOARD
+    VPNSERVICE_DETAIL_PATH = 'horizon:%s:vpn:vpnservicedetails' % DASHBOARD
+    VPNCONNECTION_DETAIL_PATH = 'horizon:%s:vpn:ipsecsiteconnectiondetails' %\
+        DASHBOARD
+
+    def set_up_expect(self):
+        # retrieves vpnservices
+        vpnservice1, vpnservice2 = self.vpnservices.list()[:2]
+
+        api.vpn.vpnservices_get(
+            IsA(http.HttpRequest)).AndReturn(self.vpnservices.list())
+
+        api.vpn.vpnservice_get(
+            IsA(http.HttpRequest), vpnservice1.id).AndReturn(vpnservice1)
+        api.vpn.vpnservice_get(
+            IsA(http.HttpRequest), vpnservice2.id).AndReturn(vpnservice2)
+
+        # retrieves ikepolicies
+        api.vpn.ikepolicies_get(
+            IsA(http.HttpRequest)).AndReturn(self.ikepolicies.list())
+
+        ikepolicy1, ikepolicy2 = self.ikepolicies.list()[:2]
+
+        api.vpn.ikepolicy_get(
+            IsA(http.HttpRequest), ikepolicy1.id).AndReturn(ikepolicy1)
+        api.vpn.ikepolicy_get(
+            IsA(http.HttpRequest), ikepolicy2.id).AndReturn(ikepolicy2)
+
+        # retrieves ipsecpolicies
+        api.vpn.ipsecpolicies_get(
+            IsA(http.HttpRequest)).AndReturn(self.ipsecpolicies.list())
+
+        ipsecpolicy1, ipsecpolicy2 = self.ipsecpolicies.list()[:2]
+
+        api.vpn.ipsecpolicy_get(
+            IsA(http.HttpRequest), ipsecpolicy1.id).AndReturn(ipsecpolicy1)
+        api.vpn.ipsecpolicy_get(
+            IsA(http.HttpRequest), ipsecpolicy2.id).AndReturn(ipsecpolicy2)
+
+        # retrieves ipsecsiteconnections
+        api.vpn.ipsecsiteconnections_get(
+            IsA(http.HttpRequest)).AndReturn(self.ipsecsiteconnections.list())
+
+    def set_up_expect_with_exception(self):
+        api.vpn.vpnservices_get(
+            IsA(http.HttpRequest)).AndRaise(self.exceptions.neutron)
+        api.vpn.ikepolicies_get(
+            IsA(http.HttpRequest)).AndRaise(self.exceptions.neutron)
+        api.vpn.ipsecpolicies_get(
+            IsA(http.HttpRequest)).AndRaise(self.exceptions.neutron)
+        api.vpn.ipsecsiteconnections_get(
+            IsA(http.HttpRequest)).AndRaise(self.exceptions.neutron)
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get', 'ikepolicy_get',
+                                  'ipsecpolicy_get', 'vpnservice_get',
+                                  'ipsecsiteconnection_get')})
+    def test_index_vpnservices(self):
+        self.set_up_expect()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(self.INDEX_URL)
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res, 'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['table'].data),
+                         len(self.vpnservices.list()))
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get', 'ikepolicy_get',
+                                  'ipsecpolicy_get', 'vpnservice_get',
+                                  'ipsecsiteconnection_get')})
+    def test_index_ikepolicies(self):
+        self.set_up_expect()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(self.INDEX_URL + '?tab=vpntabs__ikepolicies')
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res, 'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['ikepoliciestable_table'].data),
+                         len(self.ikepolicies.list()))
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get', 'ikepolicy_get',
+                                  'ipsecpolicy_get', 'vpnservice_get',
+                                  'ipsecsiteconnection_get')})
+    def test_index_ipsecpolicies(self):
+        self.set_up_expect()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(self.INDEX_URL + '?tab=vpntabs__ipsecpolicies')
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res, 'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['ipsecpoliciestable_table'].data),
+                         len(self.ipsecpolicies.list()))
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get', 'ikepolicy_get',
+                                  'ipsecpolicy_get', 'vpnservice_get',
+                                  'ipsecsiteconnection_get')})
+    def test_index_ipsecsiteconnections(self):
+        self.set_up_expect()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(
+            self.INDEX_URL + '?tab=vpntabs__ipsecsiteconnections')
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res, 'horizon/common/_detail_table.html')
+        self.assertEqual(
+            len(res.context['ipsecsiteconnectionstable_table'].data),
+            len(self.ipsecsiteconnections.list()))
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get')})
+    def test_index_exception_vpnservices(self):
+        self.set_up_expect_with_exception()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(self.INDEX_URL)
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res,
+                                'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['table'].data), 0)
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get')})
+    def test_index_exception_ikepolicies(self):
+        self.set_up_expect_with_exception()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(self.INDEX_URL + '?tab=vpntabs__ikepolicies')
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res,
+                                'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['table'].data), 0)
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get')})
+    def test_index_exception_ipsecpolicies(self):
+        self.set_up_expect_with_exception()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(self.INDEX_URL + '?tab=vpntabs__ipsecpolicies')
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res,
+                                'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['table'].data), 0)
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get',
+                                  'ipsecsiteconnections_get')})
+    def test_index_exception_ipsecsiteconnections(self):
+        self.set_up_expect_with_exception()
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(
+            self.INDEX_URL + '?tab=vpntabs__ipsecsiteconnections')
+
+        self.assertTemplateUsed(res, '%s/vpn/index.html'
+                                % self.DASHBOARD)
+        self.assertTemplateUsed(res,
+                                'horizon/common/_detail_table.html')
+        self.assertEqual(len(res.context['table'].data), 0)
+
+    @test.create_stubs({api.neutron: ('network_list_for_tenant',
+                                      'router_list')})
+    def test_add_vpnservice_get(self):
+        subnet = self.subnets.first()
+
+        networks = [{'subnets': [subnet, ]}, ]
+
+        api.neutron.network_list_for_tenant(
+            IsA(http.HttpRequest), subnet.tenant_id).AndReturn(networks)
+
+        routers = self.routers.list()
+
+        api.neutron.router_list(
+            IsA(http.HttpRequest)).AndReturn(routers)
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(reverse(self.ADDVPNSERVICE_PATH))
+
+        workflow = res.context['workflow']
+        self.assertTemplateUsed(res, views.WorkflowView.template_name)
+        self.assertEqual(workflow.name, workflows.AddVPNService.name)
+
+        expected_objs = ['<AddVPNServiceStep: addvpnserviceaction>', ]
+        self.assertQuerysetEqual(workflow.steps, expected_objs)
+
+    def test_add_ikepolicy_get(self):
+        res = self.client.get(reverse(self.ADDIKEPOLICY_PATH))
+
+        workflow = res.context['workflow']
+        self.assertTemplateUsed(res, views.WorkflowView.template_name)
+        self.assertEqual(workflow.name, workflows.AddIKEPolicy.name)
+
+        expected_objs = ['<AddIKEPolicyStep: addikepolicyaction>', ]
+        self.assertQuerysetEqual(workflow.steps, expected_objs)
+
+    def test_add_ipsecpolicy_get(self):
+        res = self.client.get(reverse(self.ADDIPSECPOLICY_PATH))
+
+        workflow = res.context['workflow']
+        self.assertTemplateUsed(res, views.WorkflowView.template_name)
+        self.assertEqual(workflow.name, workflows.AddIPSecPolicy.name)
+
+        expected_objs = ['<AddIPSecPolicyStep: addipsecpolicyaction>', ]
+        self.assertQuerysetEqual(workflow.steps, expected_objs)
+
+    @test.create_stubs({api.vpn: ('ikepolicies_get', 'ipsecpolicies_get',
+                                  'vpnservices_get')})
+    def test_add_ipsecsiteconnection_get(self):
+        ikepolicies = self.ikepolicies.list()
+
+        api.vpn.ikepolicies_get(
+            IsA(http.HttpRequest)).AndReturn(ikepolicies)
+
+        ipsecpolicies = self.ipsecpolicies.list()
+
+        api.vpn.ipsecpolicies_get(
+            IsA(http.HttpRequest)).AndReturn(ipsecpolicies)
+
+        vpnservices = self.vpnservices.list()
+
+        api.vpn.vpnservices_get(
+            IsA(http.HttpRequest)).AndReturn(vpnservices)
+
+        self.mox.ReplayAll()
+
+        res = self.client.get(reverse(self.ADDVPNCONNECTION_PATH))
+
+        workflow = res.context['workflow']
+        self.assertTemplateUsed(res, views.WorkflowView.template_name)
+        self.assertEqual(workflow.name, workflows.AddIPSecSiteConnection.name)
+
+        expected_objs = ['<AddIPSecSiteConnectionStep: '
+                         'addipsecsiteconnectionaction>', ]
+        self.assertQuerysetEqual(workflow.steps, expected_objs)

openstack_dashboard/dashboards/project/vpn/urls.py

@@ -0,0 +1,43 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+from django.conf.urls.defaults import patterns  # noqa
+from django.conf.urls.defaults import url  # noqa
+
+from openstack_dashboard.dashboards.project.vpn import views
+
+urlpatterns = patterns('openstack_dashboard.dashboards.project.vpn.views',
+    url(r'^$', views.IndexView.as_view(), name='index'),
+    url(r'^addikepolicy$',
+        views.AddIKEPolicyView.as_view(), name='addikepolicy'),
+    url(r'^addipsecpolicy$',
+        views.AddIPSecPolicyView.as_view(), name='addipsecpolicy'),
+    url(r'^addipsecsiteconnection$',
+        views.AddIPSecSiteConnectionView.as_view(),
+        name='addipsecsiteconnection'),
+    url(r'^addvpnservice$',
+        views.AddVPNServiceView.as_view(), name='addvpnservice'),
+    url(r'^ikepolicy/(?P<ikepolicy_id>[^/]+)/$',
+        views.IKEPolicyDetailsView.as_view(), name='ikepolicydetails'),
+    url(r'^ipsecpolicy/(?P<ipsecpolicy_id>[^/]+)/$',
+        views.IPSecPolicyDetailsView.as_view(), name='ipsecpolicydetails'),
+    url(r'^vpnservice/(?P<vpnservice_id>[^/]+)/$',
+        views.VPNServiceDetailsView.as_view(), name='vpnservicedetails'),
+    url(r'^ipsecsiteconnection/(?P<ipsecsiteconnection_id>[^/]+)/$',
+        views.IPSecSiteConnectionDetailsView.as_view(),
+        name='ipsecsiteconnectiondetails'))

openstack_dashboard/dashboards/project/vpn/views.py

@@ -0,0 +1,130 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+
+from django.utils.translation import ugettext_lazy as _  # noqa
+
+from horizon import exceptions
+from horizon import tabs
+from horizon import workflows
+
+import logging
+
+from openstack_dashboard import api
+
+from openstack_dashboard.dashboards.project.vpn import tabs as vpn_tabs
+from openstack_dashboard.dashboards.project.vpn import \
+    workflows as vpn_workflow
+
+import re
+
+LOG = logging.getLogger(__name__)
+
+
+class IndexView(tabs.TabbedTableView):
+    tab_group_class = vpn_tabs.VPNTabs
+    template_name = 'project/vpn/index.html'
+
+    def post(self, request, *args, **kwargs):
+        obj_ids = request.POST.getlist('object_ids')
+        action = request.POST['action']
+        m = re.search('.delete([a-z]+)', action).group(1)
+        if obj_ids == []:
+            obj_ids.append(re.search('([0-9a-z-]+)$', action).group(1))
+        if m == 'vpnservice':
+            for obj_id in obj_ids:
+                try:
+                    api.vpn.vpnservice_delete(request, obj_id)
+                except Exception:
+                    exceptions.handle(request,
+                                      _('Unable to delete VPNService.'))
+        elif m == 'ikepolicy':
+            for obj_id in obj_ids:
+                try:
+                    api.vpn.ikepolicy_delete(request, obj_id)
+                except Exception:
+                    exceptions.handle(request,
+                                      _('Unable to delete IKEPolicy.'))
+        elif m == 'ipsecpolicy':
+            for obj_id in obj_ids:
+                try:
+                    api.vpn.ipsecpolicy_delete(request, obj_id)
+                except Exception:
+                    exceptions.handle(request,
+                                      _('Unable to delete IPSecPolicy.'))
+        elif m == 'ipsecsiteconnection':
+            for obj_id in obj_ids:
+                try:
+                    api.vpn.ipsecsiteconnection_delete(request, obj_id)
+                except Exception:
+                    exceptions.handle(request,
+                        _('Unable to delete IPSecSiteConnection.'))
+
+        return self.get(request, *args, **kwargs)
+
+
+class AddVPNServiceView(workflows.WorkflowView):
+    workflow_class = vpn_workflow.AddVPNService
+
+    def get_initial(self):
+        initial = super(AddVPNServiceView, self).get_initial()
+        return initial
+
+
+class AddIPSecSiteConnectionView(workflows.WorkflowView):
+    workflow_class = vpn_workflow.AddIPSecSiteConnection
+
+    def get_initial(self):
+        initial = super(AddIPSecSiteConnectionView, self).get_initial()
+        return initial
+
+
+class AddIKEPolicyView(workflows.WorkflowView):
+    workflow_class = vpn_workflow.AddIKEPolicy
+
+    def get_initial(self):
+        initial = super(AddIKEPolicyView, self).get_initial()
+        return initial
+
+
+class AddIPSecPolicyView(workflows.WorkflowView):
+    workflow_class = vpn_workflow.AddIPSecPolicy
+
+    def get_initial(self):
+        initial = super(AddIPSecPolicyView, self).get_initial()
+        return initial
+
+
+class IKEPolicyDetailsView(tabs.TabView):
+    tab_group_class = (vpn_tabs.IKEPolicyDetailsTabs)
+    template_name = 'project/vpn/details_tabs.html'
+
+
+class IPSecPolicyDetailsView(tabs.TabView):
+    tab_group_class = (vpn_tabs.IPSecPolicyDetailsTabs)
+    template_name = 'project/vpn/details_tabs.html'
+
+
+class VPNServiceDetailsView(tabs.TabView):
+    tab_group_class = (vpn_tabs.VPNServiceDetailsTabs)
+    template_name = 'project/vpn/details_tabs.html'
+
+
+class IPSecSiteConnectionDetailsView(tabs.TabView):
+    tab_group_class = (vpn_tabs.IPSecSiteConnectionDetailsTabs)
+    template_name = 'project/vpn/details_tabs.html'

openstack_dashboard/dashboards/project/vpn/workflows.py

@@ -0,0 +1,455 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+import logging
+
+from django.utils.translation import ugettext_lazy as _  # noqa
+
+from horizon import exceptions
+from horizon import forms
+from horizon.utils import fields
+from horizon import workflows
+
+from openstack_dashboard import api
+
+
+LOG = logging.getLogger(__name__)
+
+
+class AddVPNServiceAction(workflows.Action):
+    name = forms.CharField(max_length=80, label=_("Name"))
+    description = forms.CharField(
+        initial="", required=False,
+        max_length=80, label=_("Description"))
+    router_id = forms.ChoiceField(label=_("Router"))
+    subnet_id = forms.ChoiceField(label=_("Subnet"))
+    admin_state_up = forms.BooleanField(label=_("Admin State"),
+                                        initial=True, required=False)
+
+    def __init__(self, request, *args, **kwargs):
+        super(AddVPNServiceAction, self).__init__(request, *args, **kwargs)
+
+    def populate_subnet_id_choices(self, request, context):
+        subnet_id_choices = [('', _("Select a Subnet"))]
+        try:
+            tenant_id = request.user.tenant_id
+            networks = api.neutron.network_list_for_tenant(request, tenant_id)
+        except Exception:
+            exceptions.handle(request,
+                              _('Unable to retrieve networks list.'))
+            networks = []
+        for n in networks:
+            for s in n['subnets']:
+                subnet_id_choices.append((s.id, s.cidr))
+        self.fields['subnet_id'].choices = subnet_id_choices
+        return subnet_id_choices
+
+    def populate_router_id_choices(self, request, context):
+        router_id_choices = [('', _("Select a Router"))]
+        try:
+            routers = api.neutron.router_list(request)
+        except Exception:
+            exceptions.handle(request,
+                              _('Unable to retrieve routers list.'))
+            routers = []
+        for r in routers:
+            router_id_choices.append((r.id, r.name))
+        self.fields['router_id'].choices = router_id_choices
+        return router_id_choices
+
+    class Meta:
+        name = _("Add New VPNService")
+        permissions = ('openstack.services.network',)
+        help_text = _("Create VPNService for current tenant.\n\n"
+                      "Assign a name and description for the VPNService. "
+                      "Select a router and a subnet. "
+                      "Admin State is Up (checked) by default."
+                      )
+
+
+class AddVPNServiceStep(workflows.Step):
+    action_class = AddVPNServiceAction
+    contributes = ("name", "description", "subnet_id",
+                   "router_id", "admin_state_up")
+
+    def contribute(self, data, context):
+        context = super(AddVPNServiceStep, self).contribute(data, context)
+        if data:
+            return context
+
+
+class AddVPNService(workflows.Workflow):
+    slug = "addvpnservice"
+    name = _("Add VPNService")
+    finalize_button_name = _("Add")
+    success_message = _('Added VPNService "%s".')
+    failure_message = _('Unable to add VPNService "%s".')
+    success_url = "horizon:project:vpn:index"
+    default_steps = (AddVPNServiceStep,)
+
+    def format_status_message(self, message):
+        return message % self.context.get('name')
+
+    def handle(self, request, context):
+        try:
+            api.vpn.vpnservice_create(request, **context)
+            return True
+        except Exception:
+            return False
+
+
+class AddIKEPolicyAction(workflows.Action):
+    name = forms.CharField(max_length=80, label=_("Name"))
+    description = forms.CharField(
+        initial="", required=False,
+        max_length=80, label=_("Description"))
+    auth_algorithm = forms.ChoiceField(label=_("Authorization algorithm"))
+    encryption_algorithm = forms.ChoiceField(label=_("Encryption algorithm"))
+    ike_version = forms.ChoiceField(label=_("IKE version"))
+    lifetime_units = forms.ChoiceField(label=_("Lifetime units for IKE keys"))
+    lifetime_value = forms.IntegerField(
+        min_value=60, label=_("Lifetime value for IKE keys"),
+        initial=3600,
+        help_text=_("Equal to or more than 60"))
+    pfs = forms.ChoiceField(label=_("Perfect Forward Secrecy"))
+    phase1_negotiation_mode = forms.ChoiceField(
+        label=_("IKE Phase1 negotiation mode"))
+
+    def __init__(self, request, *args, **kwargs):
+        super(AddIKEPolicyAction, self).__init__(request, *args, **kwargs)
+
+        auth_algorithm_choices = [("sha1", "sha1")]
+        self.fields['auth_algorithm'].choices = auth_algorithm_choices
+
+        encryption_algorithm_choices = [("3des", "3des"),
+                                        ("aes-128", "aes-128"),
+                                        ("aes-192", "aes-192"),
+                                        ("aes-256", "aes-256")]
+        self.fields[
+            'encryption_algorithm'].choices = encryption_algorithm_choices
+
+        ike_version_choices = [("v1", "v1"),
+                               ("v2", "v2")]
+        self.fields['ike_version'].choices = ike_version_choices
+
+        lifetime_units_choices = [("seconds", "seconds")]
+        self.fields['lifetime_units'].choices = lifetime_units_choices
+
+        pfs_choices = [("group2", "group2"),
+                       ("group5", "group5"),
+                       ("group14", "group14")]
+        self.fields['pfs'].choices = pfs_choices
+
+        phase1_neg_mode_choices = [("main", "main")]
+        self.fields[
+            'phase1_negotiation_mode'].choices = phase1_neg_mode_choices
+
+    class Meta:
+        name = _("Add New IKEPolicy")
+        permissions = ('openstack.services.network',)
+        help_text = _("Create IKEPolicy for current tenant.\n\n"
+                      "Assign a name and description for the IKEPolicy. "
+                      )
+
+
+class AddIKEPolicyStep(workflows.Step):
+    action_class = AddIKEPolicyAction
+    contributes = ("name", "description", "auth_algorithm",
+                   "encryption_algorithm", "ike_version",
+                   "lifetime_units", "lifetime_value",
+                   "pfs", "phase1_negotiation_mode")
+
+    def contribute(self, data, context):
+        context = super(AddIKEPolicyStep, self).contribute(data, context)
+        context.update({'lifetime': {'units': data['lifetime_units'],
+                                     'value': data['lifetime_value']}})
+        context.pop('lifetime_units')
+        context.pop('lifetime_value')
+        if data:
+            return context
+
+
+class AddIKEPolicy(workflows.Workflow):
+    slug = "addikepolicy"
+    name = _("Add IKEPolicy")
+    finalize_button_name = _("Add")
+    success_message = _('Added IKEPolicy "%s".')
+    failure_message = _('Unable to add IKEPolicy "%s".')
+    success_url = "horizon:project:vpn:index"
+    default_steps = (AddIKEPolicyStep,)
+
+    def format_status_message(self, message):
+        return message % self.context.get('name')
+
+    def handle(self, request, context):
+        try:
+            api.vpn.ikepolicy_create(request, **context)
+            return True
+        except Exception:
+            return False
+
+
+class AddIPSecPolicyAction(workflows.Action):
+    name = forms.CharField(max_length=80, label=_("Name"))
+    description = forms.CharField(
+        initial="", required=False,
+        max_length=80, label=_("Description"))
+    auth_algorithm = forms.ChoiceField(label=_("Authorization algorithm"))
+    encapsulation_mode = forms.ChoiceField(label=_("Encapsulation mode"))
+    encryption_algorithm = forms.ChoiceField(label=_("Encryption algorithm"))
+    lifetime_units = forms.ChoiceField(label=_("Lifetime units"))
+    lifetime_value = forms.IntegerField(
+        min_value=60, label=_("Lifetime value for IKE keys "),
+        initial=3600,
+        help_text=_("Equal to or more than 60"))
+    pfs = forms.ChoiceField(label=_("Perfect Forward Secrecy"))
+    transform_protocol = forms.ChoiceField(label=_("Transform Protocol"))
+
+    def __init__(self, request, *args, **kwargs):
+        super(AddIPSecPolicyAction, self).__init__(request, *args, **kwargs)
+
+        auth_algorithm_choices = [("sha1", "sha1")]
+        self.fields['auth_algorithm'].choices = auth_algorithm_choices
+
+        encapsulation_mode_choices = [("tunnel", "tunnel"),
+                                      ("transport", "transport")]
+        self.fields['encapsulation_mode'].choices = encapsulation_mode_choices
+
+        encryption_algorithm_choices = [("3des", "3des"),
+                                        ("aes-128", "aes-128"),
+                                        ("aes-192", "aes-192"),
+                                        ("aes-256", "aes-256")]
+        self.fields[
+            'encryption_algorithm'].choices = encryption_algorithm_choices
+
+        lifetime_units_choices = [("seconds", "seconds")]
+        self.fields['lifetime_units'].choices = lifetime_units_choices
+
+        pfs_choices = [("group2", "group2"),
+                       ("group5", "group5"),
+                       ("group14", "group14")]
+        self.fields['pfs'].choices = pfs_choices
+
+        transform_protocol_choices = [("esp", "esp"),
+                                      ("ah", "ah"),
+                                      ("ah-esp", "ah-esp")]
+        self.fields['transform_protocol'].choices = transform_protocol_choices
+
+    class Meta:
+        name = _("Add New IPSecPolicy")
+        permissions = ('openstack.services.network',)
+        help_text = _("Create IPSecPolicy for current tenant.\n\n"
+                      "Assign a name and description for the IPSecPolicy. "
+                      )
+
+
+class AddIPSecPolicyStep(workflows.Step):
+    action_class = AddIPSecPolicyAction
+    contributes = ("name", "description", "auth_algorithm",
+                   "encapsulation_mode", "encryption_algorithm",
+                   "lifetime_units", "lifetime_value",
+                   "pfs", "transform_protocol")
+
+    def contribute(self, data, context):
+        context = super(AddIPSecPolicyStep, self).contribute(data, context)
+        context.update({'lifetime': {'units': data['lifetime_units'],
+                                     'value': data['lifetime_value']}})
+        context.pop('lifetime_units')
+        context.pop('lifetime_value')
+        if data:
+            return context
+
+
+class AddIPSecPolicy(workflows.Workflow):
+    slug = "addipsecpolicy"
+    name = _("Add IPSecPolicy")
+    finalize_button_name = _("Add")
+    success_message = _('Added IPSecPolicy "%s".')
+    failure_message = _('Unable to add IPSecPolicy "%s".')
+    success_url = "horizon:project:vpn:index"
+    default_steps = (AddIPSecPolicyStep,)
+
+    def format_status_message(self, message):
+        return message % self.context.get('name')
+
+    def handle(self, request, context):
+        try:
+            api.vpn.ipsecpolicy_create(request, **context)
+            return True
+        except Exception:
+            return False
+
+
+class AddIPSecSiteConnectionAction(workflows.Action):
+    name = forms.CharField(max_length=80, label=_("Name"))
+    description = forms.CharField(
+        initial="", required=False,
+        max_length=80, label=_("Description"))
+    dpd_action = forms.ChoiceField(label=_("Dead peer detection actions"))
+    dpd_interval = forms.IntegerField(
+        min_value=1, label=_("Dead peer detection interval"),
+        initial=30,
+        help_text=_("valid integer"))
+    dpd_timeout = forms.IntegerField(
+        min_value=1, label=_("Dead peer detection timeout"),
+        initial=120,
+        help_text=_("valid integer greater than the dpd-interval"))
+    ikepolicy_id = forms.ChoiceField(
+        label=_("IKEPolicy associated with this connection"))
+    initiator = forms.ChoiceField(label=_("Initiator state"))
+    ipsecpolicy_id = forms.ChoiceField(
+        label=_("IPsecPolicy associated with this connection"))
+    mtu = forms.IntegerField(
+        min_value=68,
+        label=_("Maximum Transmission Unit size for the connection"),
+        initial=1500,
+        help_text=_("Equal to or more than 68 if the local subnet is IPv4. "
+                    "Equal to or more than 1280 if the local subnet is IPv6."))
+    peer_address = fields.IPField(label=_("Remote peer IP Address"),
+                                  initial="172.0.0.2",
+                                  help_text=_("Remote peer IP Address for "
+                                              "the VPN Connection "
+                                              "(e.g. 172.0.0.2)"),
+                                  version=fields.IPv4 | fields.IPv6,
+                                  mask=False)
+    peer_cidrs = fields.IPField(label=_("Remote peer subnet"),
+                                initial="20.1.0.0/24",
+                                help_text=_("Remote peer subnet address "
+                                            "with mask in CIDR format "
+                                            "(e.g. 20.1.0.0/24)"),
+                                version=fields.IPv4 | fields.IPv6,
+                                mask=True)
+    peer_id = fields.IPField(label=_("Remote branch router identity"),
+                             initial="172.0.0.2",
+                             help_text=_("IP address of remote branch router "
+                                         "(e.g. 172.0.0.2)"),
+                             version=fields.IPv4 | fields.IPv6,
+                             mask=False)
+    psk = forms.CharField(max_length=80, label=_("Pre-Shared Key string"),
+                          initial="secret")
+    vpnservice_id = forms.ChoiceField(
+        label=_("VPNService instance id associated with this connection"))
+    admin_state_up = forms.BooleanField(label=_("Admin State"),
+                                        initial=True, required=False)
+
+    def __init__(self, request, *args, **kwargs):
+        super(AddIPSecSiteConnectionAction, self).__init__(
+            request, *args, **kwargs)
+
+        initiator_choices = [("bi-directional", "bi-directional"),
+                             ("response-only", "response-only")]
+        self.fields['initiator'].choices = initiator_choices
+
+    def populate_dpd_action_choices(self, request, context):
+        dpd_action_choices = [("hold", "hold"),
+                              ("clear", "clear"),
+                              ("disabled", "disabled"),
+                              ("restart", "restart"),
+                              ("restart-by-peer", "restart-by-peer")]
+        self.fields['dpd_action'].choices = dpd_action_choices
+        return dpd_action_choices
+
+    def populate_ikepolicy_id_choices(self, request, context):
+        ikepolicy_id_choices = [('', _("Select IKEPolicy"))]
+        try:
+            ikepolicies = api.vpn.ikepolicies_get(request)
+        except Exception:
+            exceptions.handle(request,
+                              _('Unable to retrieve IKEPolicies list.'))
+            ikepolicies = []
+        for p in ikepolicies:
+            ikepolicy_id_choices.append((p.id, p.name))
+        self.fields['ikepolicy_id'].choices = ikepolicy_id_choices
+        return ikepolicy_id_choices
+
+    def populate_ipsecpolicy_id_choices(self, request, context):
+        ipsecpolicy_id_choices = [('', _("Select IPSecPolicy"))]
+        try:
+            ipsecpolicies = api.vpn.ipsecpolicies_get(request)
+        except Exception:
+            exceptions.handle(request,
+                              _('Unable to retrieve IPSecPolicies list.'))
+            ipsecpolicies = []
+        for p in ipsecpolicies:
+            ipsecpolicy_id_choices.append((p.id, p.name))
+        self.fields['ipsecpolicy_id'].choices = ipsecpolicy_id_choices
+        return ipsecpolicy_id_choices
+
+    def populate_vpnservice_id_choices(self, request, context):
+        vpnservice_id_choices = [('', _("Select VPNService"))]
+        try:
+            vpnservices = api.vpn.vpnservices_get(request)
+        except Exception:
+            exceptions.handle(request,
+                              _('Unable to retrieve VPNServices list.'))
+            vpnservices = []
+        for s in vpnservices:
+            vpnservice_id_choices.append((s.id, s.name))
+        self.fields['vpnservice_id'].choices = vpnservice_id_choices
+        return vpnservice_id_choices
+
+    class Meta:
+        name = _("Add New IPSecSiteConnection")
+        permissions = ('openstack.services.network',)
+        help_text = _("Create IPSecSiteConnection for current tenant.\n\n"
+                      "Assign a name and description for the "
+                      "IPSecSiteConnection. "
+                      "Admin State is Up (checked) by default."
+                      )
+
+
+class AddIPSecSiteConnectionStep(workflows.Step):
+    action_class = AddIPSecSiteConnectionAction
+    contributes = ("name", "description",
+                   "dpd_action", "dpd_interval", "dpd_timeout",
+                   "ikepolicy_id",
+                   "initiator", "ipsecpolicy_id", "mtu", "peer_address",
+                   "peer_cidrs", "peer_id", "psk",
+                   "vpnservice_id", "admin_state_up")
+
+    def contribute(self, data, context):
+        context = super(
+            AddIPSecSiteConnectionStep, self).contribute(data, context)
+        context.update({'dpd': {'action': data['dpd_action'],
+                                'interval': data['dpd_interval'],
+                                'timeout': data['dpd_timeout']}})
+        context.pop('dpd_action')
+        context.pop('dpd_interval')
+        context.pop('dpd_timeout')
+        if data:
+            return context
+
+
+class AddIPSecSiteConnection(workflows.Workflow):
+    slug = "addipsecsiteconnection"
+    name = _("Add IPSecSiteConnection")
+    finalize_button_name = _("Add")
+    success_message = _('Added IPSecSiteConnection "%s".')
+    failure_message = _('Unable to add IPSecSiteConnection "%s".')
+    success_url = "horizon:project:vpn:index"
+    default_steps = (AddIPSecSiteConnectionStep,)
+
+    def format_status_message(self, message):
+        return message % self.context.get('name')
+
+    def handle(self, request, context):
+        try:
+            api.vpn.ipsecsiteconnection_create(request, **context)
+            return True
+        except Exception:
+            return False

openstack_dashboard/local/local_settings.py.example

@@ -155,11 +155,12 @@ OPENSTACK_HYPERVISOR_FEATURES = {
 
 # The OPENSTACK_NEUTRON_NETWORK settings can be used to enable optional
 # services provided by neutron. Options currenly available are load
-# balancer service, security groups, quotas.
+# balancer service, security groups, quotas, VPN service.
 OPENSTACK_NEUTRON_NETWORK = {
     'enable_lb': False,
     'enable_quotas': True,
     'enable_security_group': True,
+    'enable_vpn': False,
     # The profile_support option is used to detect if an external router can be
     # configured via the dashboard. When using specific plugins the
     # profile_support can be turned on if needed.

openstack_dashboard/test/api_tests/vpnaas_tests.py

@@ -0,0 +1,122 @@
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2013, Mirantis Inc
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+#
+# @author: Tatiana Mazur
+
+from openstack_dashboard import api
+from openstack_dashboard.test import helpers as test
+
+from neutronclient.v2_0 import client
+
+neutronclient = client.Client
+
+
+class VPNaasApiTests(test.APITestCase):
+    @test.create_stubs({neutronclient: ('create_vpnservice',)})
+    def test_vpnservice_create(self):
+        vpnservice1 = self.api_vpnservices.first()
+        form_data = {
+                        'name': vpnservice1['name'],
+                        'description': vpnservice1['description'],
+                        'subnet_id': vpnservice1['subnet_id'],
+                        'router_id': vpnservice1['router_id'],
+                        'admin_state_up': vpnservice1['admin_state_up']}
+
+        vpnservice = {'vpnservice': self.api_vpnservices.first()}
+        neutronclient.create_vpnservice(
+            {'vpnservice': form_data}).AndReturn(vpnservice)
+        self.mox.ReplayAll()
+
+        ret_val = api.vpn.vpnservice_create(self.request, **form_data)
+        self.assertIsInstance(ret_val, api.vpn.VPNService)
+
+    @test.create_stubs({neutronclient: ('create_ikepolicy',)})
+    def test_ikepolicy_create(self):
+        ikepolicy1 = self.api_ikepolicies.first()
+        form_data = {
+                        'name': ikepolicy1['name'],
+                        'description': ikepolicy1['description'],
+                        'auth_algorithm': ikepolicy1['auth_algorithm'],
+                        'encryption_algorithm': ikepolicy1[
+                            'encryption_algorithm'],
+                        'ike_version': ikepolicy1['ike_version'],
+                        'lifetime': ikepolicy1['lifetime'],
+                        'phase1_negotiation_mode': ikepolicy1[
+                            'phase1_negotiation_mode'],
+                        'pfs': ikepolicy1['pfs']}
+
+        ikepolicy = {'ikepolicy': self.api_ikepolicies.first()}
+        neutronclient.create_ikepolicy(
+            {'ikepolicy': form_data}).AndReturn(ikepolicy)
+        self.mox.ReplayAll()
+
+        ret_val = api.vpn.ikepolicy_create(self.request, **form_data)
+        self.assertIsInstance(ret_val, api.vpn.IKEPolicy)
+
+    @test.create_stubs({neutronclient: ('create_ipsecpolicy',)})
+    def test_ipsecpolicy_create(self):
+        ipsecpolicy1 = self.api_ipsecpolicies.first()
+        form_data = {
+                        'name': ipsecpolicy1['name'],
+                        'description': ipsecpolicy1['description'],
+                        'auth_algorithm': ipsecpolicy1['auth_algorithm'],
+                        'encryption_algorithm': ipsecpolicy1[
+                            'encryption_algorithm'],
+                        'encapsulation_mode': ipsecpolicy1[
+                            'encapsulation_mode'],
+                        'lifetime': ipsecpolicy1['lifetime'],
+                        'pfs': ipsecpolicy1['pfs'],
+                        'transform_protocol': ipsecpolicy1[
+                            'transform_protocol']}
+
+        ipsecpolicy = {'ipsecpolicy': self.api_ipsecpolicies.first()}
+        neutronclient.create_ipsecpolicy(
+            {'ipsecpolicy': form_data}).AndReturn(ipsecpolicy)
+        self.mox.ReplayAll()
+
+        ret_val = api.vpn.ipsecpolicy_create(self.request, **form_data)
+        self.assertIsInstance(ret_val, api.vpn.IPSecPolicy)
+
+    @test.create_stubs({neutronclient: ('create_ipsec_site_connection',)})
+    def test_ipsecsiteconnection_create(self):
+        ipsecsiteconnection1 = self.api_ipsecsiteconnections.first()
+        form_data = {
+                        'name': ipsecsiteconnection1['name'],
+                        'description': ipsecsiteconnection1['description'],
+                        'dpd': ipsecsiteconnection1['dpd'],
+                        'ikepolicy_id': ipsecsiteconnection1['ikepolicy_id'],
+                        'initiator': ipsecsiteconnection1['initiator'],
+                        'ipsecpolicy_id': ipsecsiteconnection1[
+                            'ipsecpolicy_id'],
+                        'mtu': ipsecsiteconnection1['mtu'],
+                        'peer_address': ipsecsiteconnection1['peer_address'],
+                        'peer_cidrs': ipsecsiteconnection1['peer_cidrs'],
+                        'peer_id': ipsecsiteconnection1['peer_id'],
+                        'psk': ipsecsiteconnection1['psk'],
+                        'vpnservice_id': ipsecsiteconnection1['vpnservice_id'],
+                        'admin_state_up': ipsecsiteconnection1[
+                            'admin_state_up']}
+
+        ipsecsiteconnection = {'ipsec_site_connection':
+                               self.api_ipsecsiteconnections.first()}
+        neutronclient.create_ipsec_site_connection(
+            {'ipsec_site_connection':
+             form_data}).AndReturn(ipsecsiteconnection)
+        self.mox.ReplayAll()
+
+        ret_val = api.vpn.ipsecsiteconnection_create(
+            self.request, **form_data)
+        self.assertIsInstance(ret_val, api.vpn.IPSecSiteConnection)

openstack_dashboard/test/settings.py

@@ -99,7 +99,8 @@ OPENSTACK_KEYSTONE_BACKEND = {
 
 OPENSTACK_NEUTRON_NETWORK = {
     'enable_lb': True,
-    'enable_quotas': False  # Enabled in specific tests only
+    'enable_quotas': False,  # Enabled in specific tests only
+    'enable_vpn': True
 }
 
 OPENSTACK_HYPERVISOR_FEATURES = {

openstack_dashboard/test/test_data/neutron_data.py

@@ -18,6 +18,7 @@ import uuid
 from openstack_dashboard.api import base
 from openstack_dashboard.api import lbaas
 from openstack_dashboard.api import neutron
+from openstack_dashboard.api import vpn
 
 from openstack_dashboard.test.test_data import utils
 
@@ -41,6 +42,10 @@ def data(TEST):
     TEST.policy_profiles = utils.TestDataContainer()
     TEST.network_profile_binding = utils.TestDataContainer()
     TEST.policy_profile_binding = utils.TestDataContainer()
+    TEST.vpnservices = utils.TestDataContainer()
+    TEST.ikepolicies = utils.TestDataContainer()
+    TEST.ipsecpolicies = utils.TestDataContainer()
+    TEST.ipsecsiteconnections = utils.TestDataContainer()
 
     # data return by neutronclient
     TEST.api_agents = utils.TestDataContainer()
@@ -60,6 +65,10 @@ def data(TEST):
     TEST.api_policy_profiles = utils.TestDataContainer()
     TEST.api_network_profile_binding = utils.TestDataContainer()
     TEST.api_policy_profile_binding = utils.TestDataContainer()
+    TEST.api_vpnservices = utils.TestDataContainer()
+    TEST.api_ikepolicies = utils.TestDataContainer()
+    TEST.api_ipsecpolicies = utils.TestDataContainer()
+    TEST.api_ipsecsiteconnections = utils.TestDataContainer()
 
     #------------------------------------------------------------
     # 1st network
@@ -560,3 +569,137 @@ def data(TEST):
                       "ports": 1}}
     TEST.api_agents.add(agent_dict)
     TEST.agents.add(neutron.Agent(agent_dict))
+
+    #------------------------------------------------------------
+    # VPNaaS
+
+    # 1st VPNService
+    vpnservice_dict = {'id': '09a26949-6231-4f72-942a-0c8c0ddd4d61',
+                       'tenant_id': '1',
+                       'name': 'cloud_vpn1',
+                       'description': 'vpn description',
+                       'subnet_id': TEST.subnets.first().id,
+                       'router_id': TEST.routers.first().id,
+                       'vpn_type': 'ipsec',
+                       'ipsecsiteconnections': [],
+                       'admin_state_up': True,
+                       'status': 'Active'}
+    TEST.api_vpnservices.add(vpnservice_dict)
+    TEST.vpnservices.add(vpn.VPNService(vpnservice_dict))
+
+    # 2nd VPNService
+    vpnservice_dict = {'id': '09a26949-6231-4f72-942a-0c8c0ddd4d62',
+                       'tenant_id': '1',
+                       'name': 'cloud_vpn2',
+                       'description': 'vpn description',
+                       'subnet_id': TEST.subnets.first().id,
+                       'router_id': TEST.routers.first().id,
+                       'vpn_type': 'ipsec',
+                       'ipsecsiteconnections': [],
+                       'admin_state_up': True,
+                       'status': 'Active'}
+    TEST.api_vpnservices.add(vpnservice_dict)
+    TEST.vpnservices.add(vpn.VPNService(vpnservice_dict))
+
+    # 1st IKEPolicy
+    ikepolicy_dict = {'id': 'a1f009b7-0ffa-43a7-ba19-dcabb0b4c981',
+                      'tenant_id': '1',
+                      'name': 'ikepolicy_1',
+                      'description': 'ikepolicy description',
+                      'auth_algorithm': 'sha1',
+                      'encryption_algorithm': 'aes-256',
+                      'ike_version': 'v1',
+                      'lifetime': {'units': 'seconds', 'value': 3600},
+                      'phase1_negotiation_mode': 'main',
+                      'pfs': 'group5'}
+    TEST.api_ikepolicies.add(ikepolicy_dict)
+    TEST.ikepolicies.add(vpn.IKEPolicy(ikepolicy_dict))
+
+    # 2nd IKEPolicy
+    ikepolicy_dict = {'id': 'a1f009b7-0ffa-43a7-ba19-dcabb0b4c982',
+                      'tenant_id': '1',
+                      'name': 'ikepolicy_2',
+                      'description': 'ikepolicy description',
+                      'auth_algorithm': 'sha1',
+                      'encryption_algorithm': 'aes-256',
+                      'ike_version': 'v1',
+                      'lifetime': {'units': 'seconds', 'value': 3600},
+                      'phase1_negotiation_mode': 'main',
+                      'pfs': 'group5'}
+    TEST.api_ikepolicies.add(ikepolicy_dict)
+    TEST.ikepolicies.add(vpn.IKEPolicy(ikepolicy_dict))
+
+    # 1st IPSecPolicy
+    ipsecpolicy_dict = {'id': '8376e1dd-2b1c-4346-b23c-6989e75ecdb8',
+                      'tenant_id': '1',
+                      'name': 'ipsecpolicy_1',
+                      'description': 'ipsecpolicy description',
+                      'auth_algorithm': 'sha1',
+                      'encapsulation_mode': 'tunnel',
+                      'encryption_algorithm': '3des',
+                      'lifetime': {'units': 'seconds', 'value': 3600},
+                      'pfs': 'group5',
+                      'transform_protocol': 'esp'}
+    TEST.api_ipsecpolicies.add(ipsecpolicy_dict)
+    TEST.ipsecpolicies.add(vpn.IPSecPolicy(ipsecpolicy_dict))
+
+    # 2nd IPSecPolicy
+    ipsecpolicy_dict = {'id': '8376e1dd-2b1c-4346-b23c-6989e75ecdb9',
+                      'tenant_id': '1',
+                      'name': 'ipsecpolicy_2',
+                      'description': 'ipsecpolicy description',
+                      'auth_algorithm': 'sha1',
+                      'encapsulation_mode': 'tunnel',
+                      'encryption_algorithm': '3des',
+                      'lifetime': {'units': 'seconds', 'value': 3600},
+                      'pfs': 'group5',
+                      'transform_protocol': 'esp'}
+    TEST.api_ipsecpolicies.add(ipsecpolicy_dict)
+    TEST.ipsecpolicies.add(vpn.IPSecPolicy(ipsecpolicy_dict))
+
+    # 1st IPSecSiteConnection
+    ipsecsiteconnection_dict = {'id': 'dd1dd3a0-f349-49be-b013-245e147763d6',
+                          'tenant_id': '1',
+                          'name': 'ipsec_connection_1',
+                          'description': 'vpn connection description',
+                          'dpd': {'action': 'hold',
+                                  'interval': 30,
+                                  'timeout': 120},
+                          'ikepolicy_id': ikepolicy_dict['id'],
+                          'initiator': 'bi-directional',
+                          'ipsecpolicy_id': ipsecpolicy_dict['id'],
+                          'mtu': '1500',
+                          'peer_address':
+                              '2607:f0d0:4545:3:200:f8ff:fe21:67cf',
+                          'peer_cidrs': '20.1.0.0/24',
+                          'peer_id': '2607:f0d0:4545:3:200:f8ff:fe21:67cf',
+                          'psk': 'secret',
+                          'vpnservice_id': vpnservice_dict['id'],
+                          'admin_state_up': True,
+                          'status': 'Active'}
+    TEST.api_ipsecsiteconnections.add(ipsecsiteconnection_dict)
+    TEST.ipsecsiteconnections.add(
+        vpn.IPSecSiteConnection(ipsecsiteconnection_dict))
+
+    # 2nd IPSecSiteConnection
+    ipsecsiteconnection_dict = {'id': 'dd1dd3a0-f349-49be-b013-245e147763d7',
+                          'tenant_id': '1',
+                          'name': 'ipsec_connection_2',
+                          'description': 'vpn connection description',
+                          'dpd': {'action': 'hold',
+                                  'interval': 30,
+                                  'timeout': 120},
+                          'ikepolicy_id': ikepolicy_dict['id'],
+                          'initiator': 'bi-directional',
+                          'ipsecpolicy_id': ipsecpolicy_dict['id'],
+                          'mtu': '1500',
+                          'peer_address': '172.0.0.2',
+                          'peer_cidrs': '20.1.0.0/24',
+                          'peer_id': '172.0.0.2',
+                          'psk': 'secret',
+                          'vpnservice_id': vpnservice_dict['id'],
+                          'admin_state_up': True,
+                          'status': 'Active'}
+    TEST.api_ipsecsiteconnections.add(ipsecsiteconnection_dict)
+    TEST.ipsecsiteconnections.add(
+        vpn.IPSecSiteConnection(ipsecsiteconnection_dict))