CORD-1849 Split XOS code out of OLT and VTN repos

Change-Id: I1511907372fba0bdb02e8603d916876b9d6ae180
diff --git a/xos/README.md b/xos/README.md
new file mode 100644
index 0000000..c974a1f
--- /dev/null
+++ b/xos/README.md
@@ -0,0 +1,30 @@
+# VTN development notes #
+
+## Public Address ServiceInstances ##
+
+Hardcoded dependencies to `VRouterTenant` have been eliminated. It's now assumed that any ServiceInstance that has `public_ip` and `public_mac` fields provides the addressing functionality that VRouterTenant used to provide. 
+
+## Determining Additional Address Pairs ##
+
+The VTN synchronizer will compute additional addresses attached to a port based on the following criteria:
+
+1) If an instance has an `vm_vrouter_tag` or `vm_public_service_instance` tag attached to it, and that tag points to a ServiceInstance that has `public_ip` and `public_mac` fields, then that address pair will be added to the ports for any access networks on that instance. (TODO: replace tag with link?)
+
+`vm_vrouter_tag` is deprecated in favor of the service-neutron name `vm_public_service_instance`. 
+
+2) If there exists a tenant associated with an instance, and that tenant has a `SerivceInstanceLink` to a ServiceInstance that has `public_ip` and `public_mac` fields, then that address pair will be added to the ports for any access networks on that instance.
+
+## Determining vlan_id ##
+
+A port will be given a `vlan_id` if there exists a `vlan_id` or `s_tag` tag associated with the instance, and that port is an access network.
+
+`s_tag` is deprecated in favor of the service-neutral name `vlan_id`. 
+
+## Determining access networks ##
+
+A network is an access network (i.e. supports vlan_id and address_pairs) if it's VTN kind is in the 
+set `["VSG", ]`. (TODO: Find a better way to mark address networks)
+
+## Determining Public Gateways ##
+
+The VTN synchronizer determines public gateways by examining `AddressPool` objects. Each `AddressPool` has a `gateway_ip` and `gateway_mac` field. 
\ No newline at end of file
diff --git a/xos/attic/header.py b/xos/attic/header.py
new file mode 100644
index 0000000..803d477
--- /dev/null
+++ b/xos/attic/header.py
@@ -0,0 +1,30 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+from django.db import models
+from django.db.models import *
+from core.models import Service
+from core.models.xosbase import StrippedCharField
+import os
+from django.db import models, transaction
+from django.forms.models import model_to_dict
+import traceback
+from xos.exceptions import *
+
+class ConfigurationError(Exception):
+    pass
+
+VTN_KIND = "VTN"
diff --git a/xos/header.py b/xos/header.py
new file mode 100644
index 0000000..803d477
--- /dev/null
+++ b/xos/header.py
@@ -0,0 +1,30 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+from django.db import models
+from django.db.models import *
+from core.models import Service
+from core.models.xosbase import StrippedCharField
+import os
+from django.db import models, transaction
+from django.forms.models import model_to_dict
+import traceback
+from xos.exceptions import *
+
+class ConfigurationError(Exception):
+    pass
+
+VTN_KIND = "VTN"
diff --git a/xos/synchronizer/Dockerfile.synchronizer b/xos/synchronizer/Dockerfile.synchronizer
new file mode 100644
index 0000000..9de9142
--- /dev/null
+++ b/xos/synchronizer/Dockerfile.synchronizer
@@ -0,0 +1,57 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+# xosproject/vtn-synchronizer
+FROM xosproject/xos-synchronizer-base:candidate
+
+COPY . /opt/xos/synchronizers/vtn
+
+COPY __init__.py /opt/xos/services/__init__.py
+
+ENTRYPOINT []
+
+WORKDIR "/opt/xos/synchronizers/vtn"
+
+# Label image
+ARG org_label_schema_schema_version=1.0
+ARG org_label_schema_name=vtn-synchronizer
+ARG org_label_schema_version=unknown
+ARG org_label_schema_vcs_url=unknown
+ARG org_label_schema_vcs_ref=unknown
+ARG org_label_schema_build_date=unknown
+ARG org_opencord_vcs_commit_date=unknown
+ARG org_opencord_component_chameleon_version=unknown
+ARG org_opencord_component_chameleon_vcs_url=unknown
+ARG org_opencord_component_chameleon_vcs_ref=unknown
+ARG org_opencord_component_xos_version=unknown
+ARG org_opencord_component_xos_vcs_url=unknown
+ARG org_opencord_component_xos_vcs_ref=unknown
+
+LABEL org.label-schema.schema-version=$org_label_schema_schema_version \
+      org.label-schema.name=$org_label_schema_name \
+      org.label-schema.version=$org_label_schema_version \
+      org.label-schema.vcs-url=$org_label_schema_vcs_url \
+      org.label-schema.vcs-ref=$org_label_schema_vcs_ref \
+      org.label-schema.build-date=$org_label_schema_build_date \
+      org.opencord.vcs-commit-date=$org_opencord_vcs_commit_date \
+      org.opencord.component.chameleon.version=$org_opencord_component_chameleon_version \
+      org.opencord.component.chameleon.vcs-url=$org_opencord_component_chameleon_vcs_url \
+      org.opencord.component.chameleon.vcs-ref=$org_opencord_component_chameleon_vcs_ref \
+      org.opencord.component.xos.version=$org_opencord_component_xos_version \
+      org.opencord.component.xos.vcs-url=$org_opencord_component_xos_vcs_url \
+      org.opencord.component.xos.vcs-ref=$org_opencord_component_xos_vcs_ref
+
+CMD bash -c "cd /opt/xos/synchronizers/vtn; ./run-from-api.sh"
diff --git a/xos/synchronizer/__init__.py b/xos/synchronizer/__init__.py
new file mode 100644
index 0000000..d4e8062
--- /dev/null
+++ b/xos/synchronizer/__init__.py
@@ -0,0 +1,16 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
diff --git a/xos/synchronizer/model-deps b/xos/synchronizer/model-deps
new file mode 100644
index 0000000..0967ef4
--- /dev/null
+++ b/xos/synchronizer/model-deps
@@ -0,0 +1 @@
+{}
diff --git a/xos/synchronizer/run-from-api.sh b/xos/synchronizer/run-from-api.sh
new file mode 100755
index 0000000..70ea7eb
--- /dev/null
+++ b/xos/synchronizer/run-from-api.sh
@@ -0,0 +1,17 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+python vtn-synchronizer.py
diff --git a/xos/synchronizer/steps/sync_onos_netcfg.py b/xos/synchronizer/steps/sync_onos_netcfg.py
new file mode 100644
index 0000000..67dc878
--- /dev/null
+++ b/xos/synchronizer/steps/sync_onos_netcfg.py
@@ -0,0 +1,202 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+import os
+import requests
+import socket
+import sys
+import base64
+import json
+from synchronizers.new_base.syncstep import SyncStep
+from synchronizers.new_base.modelaccessor import *
+from xos.logger import Logger, logging
+
+logger = Logger(level=logging.INFO)
+
+class SyncONOSNetcfg(SyncStep):
+    provides=[VTNService]
+    observes=VTNService
+    watches=[ModelLink(Node,via='node'), ModelLink(AddressPool,via='addresspool')]
+    requested_interval=0
+
+    def __init__(self, **args):
+        SyncStep.__init__(self, **args)
+
+    def handle_watched_object(self, o):
+        logger.info("handle_watched_object is invoked for object %s" % (str(o)),extra=o.tologdict())
+        if (type(o) is Node): # For Node add/delete/modify
+            self.call()
+        if (type(o) is AddressPool): # For public gateways
+            self.call()
+
+    def get_node_tag(self, node, tagname):
+        tags = Tag.objects.filter(content_type=model_accessor.get_content_type_id(node),
+                                  object_id=node.id,
+                                  name=tagname)
+        return tags[0].value
+
+    def get_service_instances_who_want_config(self):
+        service_instances = []
+        # attribute is comma-separated list
+        for ta in ServiceInstanceAttribute.objects.filter(name="autogenerate"):
+            if ta.value:
+                for config in ta.value.split(','):
+                    if config == "vtn-network-cfg":
+                        service_instances.append(ta.service_instance)
+        return service_instances
+
+    def save_service_instance_attribute(self, service_instance, name, value):
+        tas = ServiceInstanceAttribute.objects.filter(service_instance_id=service_instance.id, name=name)
+        if tas:
+            ta = tas[0]
+            if ta.value != value:
+                logger.info("updating %s with attribute" % name)
+                ta.value = value
+                ta.save()
+        else:
+            logger.info("saving autogenerated config %s" % name)
+            ta = model_accessor.create_obj(ServiceInstanceAttribute, service_instance=service_instance, name=name, value=value)
+            ta.save()
+
+    # This function currently assumes a single Deployment and Site
+    def get_onos_netcfg(self, vtn):
+        privateGatewayMac = vtn.privateGatewayMac
+        localManagementIp = vtn.localManagementIp
+        ovsdbPort = vtn.ovsdbPort
+        sshPort = vtn.sshPort
+        sshUser = vtn.sshUser
+        sshKeyFile = vtn.sshKeyFile
+        mgmtSubnetBits = vtn.mgmtSubnetBits
+        xosEndpoint = vtn.xosEndpoint
+        xosUser = vtn.xosUser
+        xosPassword = vtn.xosPassword
+
+        controllerPort = vtn.controllerPort
+        if ":" in controllerPort:
+            (c_hostname, c_port) = controllerPort.split(":",1)
+            controllerPort = socket.gethostbyname(c_hostname) + ":" + c_port
+        else:
+            controllerPort = ":" + controllerPort
+
+        data = {
+            "apps" : {
+                "org.opencord.vtn" : {
+                    "cordvtn" : {
+                        "privateGatewayMac" : privateGatewayMac,
+                        "localManagementIp": localManagementIp,
+                        "ovsdbPort": ovsdbPort,
+                        "ssh": {
+                            "sshPort": sshPort,
+                            "sshUser": sshUser,
+                            "sshKeyFile": sshKeyFile
+                        },
+                        "xos": {
+                            "endpoint": xosEndpoint,
+                            "user": xosUser,
+                            "password": xosPassword
+                        },
+                        "publicGateways": [],
+                        "nodes" : [],
+                        "controllers": [controllerPort]
+                    }
+                }
+            }
+        }
+
+        # Generate apps->org.opencord.vtn->cordvtn->openstack
+        controllers = Controller.objects.all()
+        if controllers:
+            controller = controllers[0]
+            keystone_server = controller.auth_url
+            user_name = controller.admin_user
+            tenant_name = controller.admin_tenant
+            password = controller.admin_password
+            openstack = {
+                "endpoint": keystone_server,
+                "tenant": tenant_name,
+                "user": user_name,
+                "password": password
+            }
+            data["apps"]["org.opencord.vtn"]["cordvtn"]["openstack"] = openstack
+
+        # Generate apps->org.opencord.vtn->cordvtn->nodes
+        nodes = Node.objects.all()
+        for node in nodes:
+            try:
+                nodeip = socket.gethostbyname(node.name)
+            except socket.gaierror:
+                logger.warn("unable to resolve hostname %s: node will not be added to config"
+                            % node.name)
+                continue
+
+            try:
+                bridgeId = self.get_node_tag(node, "bridgeId")
+                dataPlaneIntf = self.get_node_tag(node, "dataPlaneIntf")
+                dataPlaneIp = self.get_node_tag(node, "dataPlaneIp")
+            except:
+                logger.error("not adding node %s to the VTN configuration" % node.name)
+                continue
+
+            node_dict = {
+                "hostname": node.name,
+                "hostManagementIp": "%s/%s" % (nodeip, mgmtSubnetBits),
+                "bridgeId": bridgeId,
+                "dataPlaneIntf": dataPlaneIntf,
+                "dataPlaneIp": dataPlaneIp
+            }
+
+            # this one is optional
+            try:
+                node_dict["hostManagementIface"] = self.get_node_tag(node, "hostManagementIface")
+            except IndexError:
+                pass
+
+            data["apps"]["org.opencord.vtn"]["cordvtn"]["nodes"].append(node_dict)
+
+        # Generate apps->org.onosproject.cordvtn->cordvtn->publicGateways
+        # Pull the gateway information from Address Pool objects
+        for ap in AddressPool.objects.all():
+            if (not ap.gateway_ip) or (not ap.gateway_mac):
+                logger.info("Gateway_ip or gateway_mac is blank for addresspool %s. Skipping." % ap)
+                continue
+
+            gateway_dict = {
+                "gatewayIp": ap.gateway_ip,
+                "gatewayMac": ap.gateway_mac
+            }
+            data["apps"]["org.opencord.vtn"]["cordvtn"]["publicGateways"].append(gateway_dict)
+
+        if not AddressPool.objects.all().exists():
+            logger.info("No Address Pools present, not adding publicGateways to config")
+
+        return json.dumps(data, indent=4, sort_keys=True)
+
+    # TODO: Does this step execute every 5 seconds regardless of whether objects have changed?
+    #       If so, what purpose does using watchers serve?
+
+    def call(self, **args):
+        vtn_service = VTNService.objects.all()
+        if not vtn_service:
+            raise Exception("No VTN Service")
+
+        vtn_service = vtn_service[0]
+
+        # Check for autogenerate attribute
+        netcfg = self.get_onos_netcfg(vtn_service)
+
+        service_instances = self.get_service_instances_who_want_config()
+        for service_instance in service_instances:
+            self.save_service_instance_attribute(service_instance, "rest_onos/v1/network/configuration/", netcfg)
diff --git a/xos/synchronizer/steps/sync_vtn_service.py b/xos/synchronizer/steps/sync_vtn_service.py
new file mode 100644
index 0000000..e4d4b4f
--- /dev/null
+++ b/xos/synchronizer/steps/sync_vtn_service.py
@@ -0,0 +1,227 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+import os
+import requests
+import socket
+import sys
+import base64
+from synchronizers.vtn.vtnnetport import VTNNetwork, VTNPort
+from synchronizers.new_base.syncstep import SyncStep
+from synchronizers.new_base.modelaccessor import *
+from xos.logger import Logger, logging
+from requests.auth import HTTPBasicAuth
+
+logger = Logger(level=logging.INFO)
+
+# XXX should save and load this
+glo_saved_networks = {}
+glo_saved_ports = {}
+
+class SyncVTNService(SyncStep):
+    provides=[Service]
+    observes=Service
+    requested_interval=0
+
+    def __init__(self, **args):
+        SyncStep.__init__(self, **args)
+
+    def get_vtn_onos_app(self, vtn_service):
+        links = vtn_service.subscribed_links.all()
+        for link in links:
+            # We're looking for an ONOS App. It's the only ServiceInstance that VTN can be implemented on.
+            if link.provider_service_instance.leaf_model_name != "ONOSApp":
+                continue
+
+            # TODO: Rather than checking model name, check for the right interface
+            # NOTE: Deferred until new Tosca engine is in place.
+
+            #if not link.provider_service_interface:
+            #    logger.warning("Link %s does not have a provider_service_interface. Skipping" % link)
+            #    continue
+            #
+            #if link.provider_service_interface.interface_type.name != "onos_app_interface":
+            #    logger.warning("Link %s provider_service_interface type is not equal to onos_app_interface" % link)
+            #    continue
+
+            # cast from ServiceInstance to ONOSApp
+            app = link.provider_service_instance.leaf_model
+            return app
+
+        raise Exception("No ServiceInstanceLink from VTN Service to VTN ONOS App")
+
+    def get_vtn_endpoint(self, vtn_service):
+        """ Get connection info for the ONOS that is hosting the VTN ONOS App.
+
+            returns (hostname, port, auth)
+        """
+        app = self.get_vtn_onos_app(vtn_service)
+        # cast from Service to ONOSService
+        onos = app.owner.leaf_model
+        if not (onos.rest_hostname):
+            raise Exception("onos.rest_hostname is not set")
+        if not (onos.rest_port):
+            raise Exception("onos.rest_port is not set")
+        if not (onos.rest_password):
+            raise Exception("onos.rest_password is not set")
+        if not (onos.rest_username):
+            raise Exception("onos.rest_username is not set")
+        auth = HTTPBasicAuth(onos.rest_username, onos.rest_password)
+        return (onos.rest_hostname, onos.rest_port, auth)
+
+    def get_method(self, auth, url, id):
+        url_with_id = "%s/%s" % (url, id)
+        r = requests.get(url_with_id, auth=auth)
+        if (r.status_code==200):
+            method="PUT"
+            url = url_with_id
+            req_func = requests.put
+            exists=True
+        else:
+            method="POST"
+            req_func = requests.post
+            exists=False
+        return (exists, url, method, req_func)
+
+    def sync_service_networks(self, vtn_service):
+        (onos_hostname, onos_port, onos_auth) = self.get_vtn_endpoint(vtn_service)
+
+        valid_ids = []
+        for network in Network.objects.all():
+            network = VTNNetwork(network)
+
+            if not network.id:
+                continue
+
+            if (network.type=="PRIVATE") and (not network.providerNetworks):
+                logger.info("Skipping network %s because it has no relevant state" % network.id)
+                continue
+
+            valid_ids.append(network.id)
+
+            if (glo_saved_networks.get(network.id, None) != network.to_dict()):
+                (exists, url, method, req_func) = self.get_method(onos_auth, "http://%s:%d/onos/cordvtn/serviceNetworks" % (onos_hostname, onos_port), network.id)
+
+                logger.info("%sing VTN API for network %s" % (method, network.id))
+
+                logger.info("URL: %s" % url)
+
+                # clean the providerNetworks list
+                providerNetworks = [{"id": x["id"], "bidirectional": x["bidirectional"]} for x in network.providerNetworks]
+
+                data = {"ServiceNetwork": {"id": network.id,
+                        "type": network.type,
+                        "providerNetworks": providerNetworks} }
+                logger.info("DATA: %s" % str(data))
+
+                r=req_func(url, json=data, auth=onos_auth )
+                if (r.status_code in [200,201]):
+                    glo_saved_networks[network.id] = network.to_dict()
+                else:
+                    logger.error("Received error from vtn service (%d)" % r.status_code)
+
+
+        for network_id in glo_saved_networks.keys():
+            if network_id not in valid_ids:
+                logger.info("DELETEing VTN API for network %s" % network_id)
+
+                url = "http://%s:%d/onos/cordvtn/serviceNetworks/%s" % (onos_hostname, onos_port, network_id)
+                logger.info("URL: %s" % url)
+
+                r = requests.delete(url, auth=onos_auth )
+                if (r.status_code in [200,204]):
+                    del glo_saved_networks[network_id]
+                else:
+                    logger.error("Received error from vtn service (%d)" % r.status_code)
+
+    def sync_service_ports(self, vtn_service):
+        (onos_hostname, onos_port, onos_auth) = self.get_vtn_endpoint(vtn_service)
+
+        valid_ids = []
+        for port in Port.objects.all():
+            port = VTNPort(port)
+
+            if not port.id:
+                continue
+
+            if (not port.vlan_id) and (not port.floating_address_pairs):
+                logger.info("Skipping port %s because it has no relevant state" % port.id)
+                continue
+
+            valid_ids.append(port.id)
+
+            if (glo_saved_ports.get(port.id, None) != port.to_dict()):
+                (exists, url, method, req_func) = self.get_method(onos_auth, "http://%s:%d/onos/cordvtn/servicePorts" % (onos_hostname, onos_port), port.id)
+
+                logger.info("%sing VTN API for port %s" % (method, port.id))
+
+                logger.info("URL: %s" % url)
+
+                data = {"ServicePort": {"id": port.id,
+                        "vlan_id": port.vlan_id,
+                        "floating_address_pairs": port.floating_address_pairs} }
+                logger.info("DATA: %s" % str(data))
+
+                r=req_func(url, json=data, auth=onos_auth )
+                if (r.status_code in [200,201]):
+                    glo_saved_ports[port.id] = port.to_dict()
+                else:
+                    logger.error("Received error from vtn service (%d)" % r.status_code)
+
+        for port_id in glo_saved_ports.keys():
+            if port_id not in valid_ids:
+                logger.info("DELETEing VTN API for port %s" % port_id)
+
+                url = "http://%s:%d/onos/cordvtn/servicePorts/%s" % (onos_hostname, onos_port, port_id)
+                logger.info("URL: %s" % url)
+
+                r = requests.delete(url, auth=onos_auth )
+                if (r.status_code in [200,204]):
+                    del glo_saved_ports[port_id]
+                else:
+                    logger.error("Received error from vtn service (%d)" % r.status_code)
+
+    def call(self, **args):
+        global glo_saved_networks
+        global glo_saved_ports
+
+        vtn_service = VTNService.objects.all()
+        if not vtn_service:
+            raise Exception("No VTN Service")
+
+        vtn_service = vtn_service[0]
+
+        # TODO: We should check get_vtn_onos_app() and make sure that it has been synced, and that any necessary
+        #       attributes (netcfg, etc) is filled out.
+
+        if (vtn_service.resync):
+            # If the VTN app requested a full resync, clear our saved network
+            # so we will resync everything, then reset the 'resync' flag
+            glo_saved_networks = {}
+            glo_saved_ports = {}
+
+            vtn_service.resync = False
+            vtn_service.save()
+
+        if vtn_service.vtnAPIVersion>=2:
+            # version 2 means use new API
+            logger.info("Using New API")
+            self.sync_service_networks(vtn_service)
+            self.sync_service_ports(vtn_service)
+        else:
+            raise Exception("VTN API Version 1 is no longer supported by VTN Synchronizer")
+
+
diff --git a/xos/synchronizer/vtn-synchronizer.py b/xos/synchronizer/vtn-synchronizer.py
new file mode 100755
index 0000000..b5944a8
--- /dev/null
+++ b/xos/synchronizer/vtn-synchronizer.py
@@ -0,0 +1,35 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+#!/usr/bin/env python
+
+# This imports and runs ../../xos-observer.py
+
+import importlib
+import os
+import sys
+from xosconfig import Config
+
+config_file = os.path.abspath(os.path.dirname(os.path.realpath(__file__)) + '/vtn_config.yaml')
+Config.init(config_file, 'synchronizer-config-schema.yaml')
+
+sys.path.append('/opt/xos')
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "xos.settings")
+
+mod = importlib.import_module("synchronizers.new_base.xos-synchronizer")
+mod.main()
+
diff --git a/xos/synchronizer/vtn_config.yaml b/xos/synchronizer/vtn_config.yaml
new file mode 100644
index 0000000..5a799de
--- /dev/null
+++ b/xos/synchronizer/vtn_config.yaml
@@ -0,0 +1,23 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+name: vtn-synchronizer
+accessor:
+  username: xosadmin@opencord.org
+  password: "@/opt/xos/services/vtn/credentials/xosadmin@opencord.org"
+dependency_graph: "/opt/xos/synchronizers/vtn/model-deps"
+steps_dir: "/opt/xos/synchronizers/vtn/steps"
+sys_dir: "/opt/xos/synchronizers/vtn/sys"
\ No newline at end of file
diff --git a/xos/synchronizer/vtnnetport.py b/xos/synchronizer/vtnnetport.py
new file mode 100644
index 0000000..eaa037f
--- /dev/null
+++ b/xos/synchronizer/vtnnetport.py
@@ -0,0 +1,299 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+from synchronizers.new_base.modelaccessor import *
+in_synchronizer = True
+
+class VTNNetwork(object):
+    def __init__(self, xos_network=None):
+        self.xos_network = xos_network
+
+    def get_controller_network(self):
+        for cn in self.xos_network.controllernetworks.all():
+            # TODO: find the right one
+            return cn
+        return None
+
+    def get_cn_field(self, fieldname):
+        cn=self.get_controller_network()
+        if not cn:
+            return None
+        return getattr(cn, fieldname)
+
+    @property
+    def id(self):
+        return self.get_cn_field("net_id")
+
+    @property
+    def name(self):
+        return self.xos_network.name
+
+    @property
+    def subnet(self):
+        return self.get_cn_field("subnet")
+
+    @property
+    def gateway(self):
+        return self.get_cn_field("gateway")
+
+    @property
+    def segmentation_id(self):
+        return self.get_cn_field("segmentation_id")
+
+    @property
+    def type(self):
+        return self.xos_network.template.vtn_kind
+
+    @property
+    def providerNetworks(self):
+        slice = self.xos_network.owner
+        service = slice.service
+        if not service:
+            return []
+
+        nets=[]
+        for dep in service.subscribed_dependencies.all():
+            if dep.provider_service:
+                bidirectional = dep.connect_method!="private-unidirectional"
+                for net in dep.provider_service.get_composable_networks():
+                    if not net.controllernetworks.exists():
+                        continue
+
+                    cn = net.controllernetworks.all()[0]
+
+                    if not cn.net_id:
+                        continue
+
+                    nets.append({"id": cn.net_id,
+                                 "name": net.name,
+                                 "bidirectional": bidirectional})
+        return nets
+
+    @property
+    def subscriberNetworks(self):
+        slice = self.xos_network.owner
+        service = slice.service
+        if not service:
+            return []
+
+        nets=[]
+        for dep in service.provided_dependencies.all():
+            if dep.subscriber_service:
+                bidirectional = dep.connect_method!="private-unidirectional"
+                for net in dep.subscriber_service.get_composable_networks():
+                    if not net.controllernetworks.exists():
+                        continue
+
+                    cn = net.controllernetworks.all()[0]
+
+                    if not cn.net_id:
+                        continue
+
+                    nets.append({"id": cn.net_id,
+                                 "name": net.name,
+                                 "bidirectional": bidirectional})
+        return nets
+
+    @property
+    def ownerSliceName(self):
+        if self.xos_network.owner:
+            return self.xos_network.owner.name
+        return None
+
+    @property
+    def ownerServiceName(self):
+        if self.xos_network.owner and self.xos_network.owner.service:
+            return self.xos_network.owner.service.name
+        return None
+
+    def to_dict(self):
+        return {"id": self.id,
+                "name": self.name,
+                "subnet": self.subnet,
+                "gateway": self.gateway,
+                "segmentation_id": self.segmentation_id,
+                "type": self.type,
+                "providerNetworks": self.providerNetworks,
+                "subscriberNetworks": self.subscriberNetworks,
+                "ownerSliceName": self.ownerSliceName,
+                "ownerServiceName": self.ownerServiceName}
+
+    def __eq__(self, other):
+        return self.to_dict() == other.to_dict()
+
+class VTNPort(object):
+    def __init__(self, xos_port=None):
+        self.xos_port = xos_port
+
+    def get_controller_network(self):
+        for cn in self.xos_port.network.controllernetworks.all():
+            # TODO: find the right one
+            return cn
+        return None
+
+    def is_access_network(self):
+        """ Determines whether this port is attached to an access network. Currently we do this by examining the
+            network template's vtn_kind field. See if there is a better way...
+        """
+        return self.xos_port.network.template.vtn_kind in ["VSG", ]
+
+    def get_vm_addresses(self):
+        if not self.is_access_network():
+            # If not an access network, do not apply any addresses
+            return []
+
+        if not self.xos_port.instance:
+            return []
+
+        # See if the Instance has any public address (aka "VrouterTenant) service instances associated with it.
+        # If so, then add each of those to the set of address pairs.
+
+        # TODO: Perhaps this should be implemented as a link instead of a tag...
+
+        tags = Tag.objects.filter(name="vm_public_service_instance", object_id=self.xos_port.instance.id,
+                                            content_type=self.xos_port.instance.self_content_type_id)
+
+        if not tags:
+            # DEPRECATED
+            # Historically, VSG instances are tagged with "vm_vrouter_tenant" instead of "vm_public_service_instance"
+            tags = Tag.objects.filter(name="vm_vrouter_tenant", object_id=self.xos_port.instance.id,
+                                                content_type=self.xos_port.instance.self_content_type_id)
+
+        address_pairs = []
+        for tag in tags:
+            si = ServiceInstance.objects.get(id = int(tag.value))
+
+            # cast from Tenant to descendant class (VRouterTenant, etc)
+            si = si.leaf_model
+
+            if (not hasattr(si, "public_ip")) or (not hasattr(si, "public_mac")):
+                raise Exception("Object %s does not have public_ip and/or public_mac fields" % si)
+            address_pairs.append({"ip_address": si.public_ip,
+                                  "mac_address": si.public_mac})
+
+        return address_pairs
+
+    def get_container_addresses(self):
+        if not self.is_access_network():
+            # If not an access network, do not apply any addresses
+            return []
+
+        if not self.xos_port.instance:
+            return []
+
+        addrs = []
+        for si in ServiceInstance.objects.all():
+            # cast from tenant to its descendant class (VSGTenant, etc)
+            si = si.leaf_model
+
+            if not hasattr(si, "instance_id"):
+                # ignore ServiceInstance that don't have instances
+                continue
+
+            if si.instance_id != self.xos_port.instance.id:
+                # ignore ServiceInstances that don't relate to our instance
+                continue
+
+            # Check to see if there is a link public address (aka VRouterTenant)
+            links = si.subscribed_links.all()
+            for link in links:
+                # cast from ServiceInstance to descendant class (VRouterTenant, etc)
+                pubaddr_si = link.provider_service_instance.leaf_model
+                if hasattr(pubaddr_si, "public_ip") and hasattr(pubaddr_si, "public_mac"):
+                    addrs.append({"ip_address": pubaddr_si.public_ip,
+                                  "mac_address": pubaddr_si.public_mac})
+        return addrs
+
+    @property
+    def vlan_id(self):
+        """ Return the vlan_id associated with this instance. This assumes the instance was tagged with either a
+            vlan_id or s_tag tag.
+        """
+
+        if not self.is_access_network():
+            # If not an access network, do not apply any tags
+            return []
+
+        if not self.xos_port.instance:
+            return None
+
+        tags = Tag.objects.filter(content_type=model_accessor.get_content_type_id(self.xos_port.instance),
+                                  object_id=self.xos_port.instance.id,
+                                  name="vlan_id")
+
+        if not tags:
+            # DEPRECATED
+            # Historically, VSG instances are tagged with "s_tag" instead of "vlan_id"
+            tags = Tag.objects.filter(content_type=model_accessor.get_content_type_id(self.xos_port.instance),
+                                      object_id=self.xos_port.instance.id,
+                                      name="s_tag")
+
+        if not tags:
+            return None
+
+        return tags[0].value
+
+    @property
+    def floating_address_pairs(self):
+        # Floating_address_pairs is the set of WAN addresses that should be
+        # applied to this port.
+
+        # We only want to apply these addresses to an "access" network.
+
+
+        address_pairs = self.get_vm_addresses() + self.get_container_addresses()
+
+        return address_pairs
+
+    @property
+    def id(self):
+        return self.xos_port.port_id
+
+    @property
+    def name(self):
+        return "port-%s" % self.xos_port.id
+
+    @property
+    def network_id(self):
+        cn = self.get_controller_network()
+        if not cn:
+            return None
+        return cn.net_id
+
+    @property
+    def network_name(self):
+        return self.xos_port.network.name
+
+    @property
+    def mac_address(self):
+        return self.xos_port.mac
+
+    @property
+    def ip_address(self):
+        return self.xos_port.ip
+
+    def to_dict(self):
+        return {"id": self.id,
+                "name": self.name,
+                "network_id": self.network_id,
+                "mac_address": self.mac_address,
+                "ip_address": self.ip_address,
+                "floating_address_pairs": self.floating_address_pairs,
+                "vlan_id": self.vlan_id}
+
+    def __eq__(self, other):
+        return self.to_dict() == other.to_dict()
+
diff --git a/xos/templates/vtnadmin.html b/xos/templates/vtnadmin.html
new file mode 100644
index 0000000..d9a5d75
--- /dev/null
+++ b/xos/templates/vtnadmin.html
@@ -0,0 +1,23 @@
+
+<!--
+Copyright 2017-present Open Networking Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+
+
+<div class = "row text-center">
+    <div class="col-xs-12">
+        <a href="/admin/vtn/vnrtenant/">vTN Tenants</a>
+    </div>
+</div>
diff --git a/xos/tosca/resources/vtnservice.py b/xos/tosca/resources/vtnservice.py
new file mode 100644
index 0000000..7c57f09
--- /dev/null
+++ b/xos/tosca/resources/vtnservice.py
@@ -0,0 +1,23 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+from services.vtn.models import VTNService
+from service import XOSService
+
+class XOSVTNService(XOSService):
+    provides = "tosca.nodes.VTNService"
+    xos_model = VTNService
+    copyin_props = ["view_url", "icon_url", "enabled", "published", "public_key", "versionNumber", 'privateGatewayMac', 'localManagementIp', 'ovsdbPort', 'sshPort', 'sshUser', 'sshKeyFile', 'mgmtSubnetBits', 'xosEndpoint', 'xosUser', 'xosPassword', 'vtnAPIVersion', 'controllerPort']
diff --git a/xos/vtn-onboard.yaml b/xos/vtn-onboard.yaml
new file mode 100644
index 0000000..9cf0fea
--- /dev/null
+++ b/xos/vtn-onboard.yaml
@@ -0,0 +1,37 @@
+
+# Copyright 2017-present Open Networking Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+tosca_definitions_version: tosca_simple_yaml_1_0
+
+description: Onboard the exampleservice
+
+imports:
+   - custom_types/xos.yaml
+
+topology_template:
+  node_templates:
+    servicecontroller#vtn:
+      type: tosca.nodes.ServiceController
+      properties:
+          base_url: file:///opt/xos_services/vtn/xos/
+          # The following will concatenate with base_url automatically, if
+          # base_url is non-null.
+          xproto: ./
+          admin_template: templates/vtnadmin.html
+          tosca_resource: tosca/resources/vtnservice.py
+          #private_key: file:///opt/xos/key_import/vsg_rsa
+          #public_key: file:///opt/xos/key_import/vsg_rsa.pub
+
diff --git a/xos/vtn.xproto b/xos/vtn.xproto
new file mode 100644
index 0000000..6be82da
--- /dev/null
+++ b/xos/vtn.xproto
@@ -0,0 +1,20 @@
+option kind = "VTN";
+option name = "vtn";
+
+message VTNService (Service){
+     option verbose_name = "VTN Service";
+     
+     required string privateGatewayMac = 1 [default = "00:00:00:00:00:01", max_length = 30, content_type = "stripped", blank = False, null = False, db_index = False];
+     required string localManagementIp = 2 [default = "172.27.0.1/24", max_length = 30, content_type = "stripped", blank = False, null = False, db_index = False];
+     required int32 ovsdbPort = 3 [default = 6641, null = False, db_index = False, blank = False];
+     required int32 sshPort = 4 [default = 22, null = False, db_index = False, blank = False];
+     required string sshUser = 5 [default = "root", max_length = 30, content_type = "stripped", blank = False, null = False, db_index = False];
+     required string sshKeyFile = 6 [default = "/root/node_key", max_length = 1024, content_type = "stripped", blank = False, null = False, db_index = False];
+     required int32 mgmtSubnetBits = 7 [default = 24, null = False, db_index = False, blank = False];
+     required string xosEndpoint = 8 [default = "http://xos/", max_length = 1024, content_type = "stripped", blank = False, null = False, db_index = False];
+     required string xosUser = 9 [default = "padmin@vicci.org", max_length = 255, content_type = "stripped", blank = False, null = False, db_index = False];
+     required string xosPassword = 10 [default = "letmein", max_length = 255, content_type = "stripped", blank = False, null = False, db_index = False];
+     required int32 vtnAPIVersion = 11 [default = 1, null = False, db_index = False, blank = False];
+     required string controllerPort = 12 [default = "onos-cord:6653", max_length = 255, content_type = "stripped", blank = False, null = False, db_index = False];
+     required bool resync = 13 [default = False, null = False, db_index = False, blank = False];
+}