@khos2ow please rebase and re-open if still relevant

@DaanHoogland can we re-open this, attempting to revive this effort..

@skattoju3 Sure, or you may submit a new PR as this one may have a lot of conflicts.

@rhtyd: @skattoju4 has already rebased on master and fixed the conflicts on this branch, so it should be safe to reopen this one.

@khos2ow as the PR author you could reopen it yourself too, let me help reopen nonetheless.

@khos2ow @skattoju4 you need to rebase to latest master, PR says 2416 commits.

I think since I was not the person to close this, albeit being the author, I actually couldn't reopen myself. Thanks for reopening!

thanks for opening will fix the rebase..

@skattoju4 @khos2ow, please considder the PR #4904 to prevent conflicts later on.

@DaanHoogland any significant change from #4904 that we require some code change from this current PR?

#4904

never mind @pdion891 , it is a refactor of the ike vpn to allow for both v1 and v2, also it is merged and no conflicts arose here.

What is preventing this PR to be merged at this point? I know we have to write doc on how to use it.

@pdion891 there are conflicts and @rhtyd 👎'd this. nothing else ;)

Hi @rhtyd, what did you -1 in this PR ?

ok, found @rhtyd comment;

Basically we need to:

• create documentation.
• update UI fields to use existing one from the new UI.
• make sure it still work fine on latest master branch.

Would something more be missing from this PR ?

Hi @pdion891 well I requested for some changes about two years ago and then did not see any engagement:

Please adapt plugin integration to CA framework, extend/refactor the CA framework as necessary. Several explicit ui elements can be removed, for example the download ca cert button already exists.

Here's what can happen:

• I don't understand where/how this feature is used (a design doc would be great), or what benefits it brings
• Does it require a separate/new dependency (external system), then it shouldn't be the default
• It can explore as a plugin implementation to the CA framework for cert generation/management
• IKEV2 is already supported in strongswan now afaik (the PR is old needs to be updated to latest main branch)

I came here from the ML thread, I don't see any openvpn use-case (unless that's a separate PR/thing, I did not see openvpn pkg/usage/configuration in this PR or pkg installed in systemvmtemplate).

well this current PR intent is to leverage IKEv2 from current strongswan running on VR. this is not about OpenVPN.
where do we create Featurespec document nowaday, still in CloudStack wiki ?

@pdion891 ikev2 is supported now, see latest master. If you're extending certificate usage/management, I still think there's some work to be done on this old PR which is ~2yrs old. In its current state, it cannot be simply merged (see the conflict, sql upgrade path changes and rest of the code changes for example). Happy to help review, test, merge this PR if it can be revived in a state which is tested by the author(s) and reaches that point.

Ping @khos2ow is this still valid or can be closed?

Ping @khos2ow is this still valid or can be closed?

Hi @khos2ow Any update? If this is still valid, Can you fix the conflicts.

@rohityadavcloud @sureshanaparti unfortunately I'm not involved with the project and community anymore, and I'm not entirely up to date with the state of the project as of now on HEAD but I'm almost 100% sure folks at cloud.ca are still heavily relying on this feature. /cc @pdion891 @swill for clarification.

I handed off the project and this PR in particular to @skattoju4 which he rebased this PR some while ago and I think he should be able to follow up on it. I can rebase and fix the conflict as they are, but as I don't have the recent context and roadmap of the project I think it makes more sense for him to do that. Let me know either way.

Thanks @khos2ow, given the PR hasn't made any activities in 3+yrs I'm closing this. Since you're not working on CloudStack anymore, pl re-open this or raise a fresh PR @pdion891 @swill in future.