@@ -182,7 +182,7 @@ IP=$(get_instance_ip $VM_UUID $PRIVATE_NETWORK_NAME)

 die_if_not_set $LINENO IP "Failure retrieving IP address"

 # Private IPs can be pinged in single node deployments

-ping_check "$PRIVATE_NETWORK_NAME" $IP $BOOT_TIMEOUT

+ping_check $IP $BOOT_TIMEOUT "$PRIVATE_NETWORK_NAME"

 # Clean up

 # --------

@@ -142,7 +142,7 @@ else

         die $LINENO "Failure authorizing rule in $SECGROUP"

     # Test we can ping our floating ip within ASSOCIATE_TIMEOUT seconds

-    ping_check "$PUBLIC_NETWORK_NAME" $FLOATING_IP $ASSOCIATE_TIMEOUT

+    ping_check $FLOATING_IP $ASSOCIATE_TIMEOUT "$PUBLIC_NETWORK_NAME"

     # Revoke pinging

     euca-revoke -P icmp -s 0.0.0.0/0 -t -1:-1 $SECGROUP || \

@@ -139,7 +139,7 @@ IP=$(get_instance_ip $VM_UUID $PRIVATE_NETWORK_NAME)

 die_if_not_set $LINENO IP "Failure retrieving IP address"

 # Private IPs can be pinged in single node deployments

-ping_check "$PRIVATE_NETWORK_NAME" $IP $BOOT_TIMEOUT

+ping_check $IP $BOOT_TIMEOUT "$PRIVATE_NETWORK_NAME"

 # Floating IPs

 # ------------

@@ -158,7 +158,7 @@ nova add-floating-ip $VM_UUID $FLOATING_IP || \

     die $LINENO "Failure adding floating IP $FLOATING_IP to $VM_NAME"

 # Test we can ping our floating IP within ASSOCIATE_TIMEOUT seconds

-ping_check "$PUBLIC_NETWORK_NAME" $FLOATING_IP $ASSOCIATE_TIMEOUT

+ping_check $FLOATING_IP $ASSOCIATE_TIMEOUT "$PUBLIC_NETWORK_NAME"

 if ! is_service_enabled neutron; then

     # Allocate an IP from second floating pool

@@ -182,7 +182,7 @@ fi

 # FIXME (anthony): make xs support security groups

 if [ "$VIRT_DRIVER" != "ironic" -a "$VIRT_DRIVER" != "xenserver" -a "$VIRT_DRIVER" != "openvz" ]; then

     # Test we can aren't able to ping our floating ip within ASSOCIATE_TIMEOUT seconds

-    ping_check "$PUBLIC_NETWORK_NAME" $FLOATING_IP $ASSOCIATE_TIMEOUT Fail

+    ping_check $FLOATING_IP $ASSOCIATE_TIMEOUT "$PUBLIC_NETWORK_NAME" Fail

 fi

 # Clean up

@@ -281,7 +281,7 @@ function ping_ip {

     local VM_NAME=$1

     local NET_NAME=$2

     IP=$(get_instance_ip $VM_NAME $NET_NAME)

-    ping_check $NET_NAME $IP $BOOT_TIMEOUT

+    ping_check $IP $BOOT_TIMEOUT $NET_NAME

 }

 function check_vm {

@@ -143,7 +143,7 @@ IP=$(get_instance_ip $VM_UUID $PRIVATE_NETWORK_NAME)

 die_if_not_set $LINENO IP "Failure retrieving IP address"

 # Private IPs can be pinged in single node deployments

-ping_check "$PRIVATE_NETWORK_NAME" $IP $BOOT_TIMEOUT

+ping_check $IP $BOOT_TIMEOUT "$PRIVATE_NETWORK_NAME"

 # Volumes

 # -------

@@ -340,39 +340,42 @@ function wait_for_service {

 # ping check

-# Uses globals ``ENABLED_SERVICES``

-# ping_check from-net ip boot-timeout expected

+# Uses globals ``ENABLED_SERVICES``, ``TOP_DIR``, ``MULTI_HOST``, ``PRIVATE_NETWORK``

+# ping_check <ip> [boot-timeout] [from_net] [expected]

 function ping_check {

-    if is_service_enabled neutron; then

-        _ping_check_neutron  "$1" $2 $3 $4

-        return

+    local ip=$1

+    local timeout=${2:-30}

+    local from_net=${3:-""}

+    local expected=${4:-True}

+    local op="!"

+    local failmsg="[Fail] Couldn't ping server"

+    local ping_cmd="ping"

+

+    # if we don't specify a from_net we're expecting things to work

+    # fine from our local box.

+    if [[ -n "$from_net" ]]; then

+        if is_service_enabled neutron; then

+            ping_cmd="$TOP_DIR/tools/ping_neutron.sh $from_net"

+        elif [[ "$MULTI_HOST" = "True" && "$from_net" = "$PRIVATE_NETWORK_NAME" ]]; then

+            # there is no way to address the multihost / private case, bail here for compatibility.

+            # TODO: remove this cruft and redo code to handle this at the caller level.

+            return

+        fi

     fi

-    _ping_check_novanet "$1" $2 $3 $4

-}

-# ping check for nova

-# Uses globals ``MULTI_HOST``, ``PRIVATE_NETWORK``

-function _ping_check_novanet {

-    local from_net=$1

-    local ip=$2

-    local boot_timeout=$3

-    local expected=${4:-"True"}

-    local check_command=""

-    MULTI_HOST=$(trueorfalse False MULTI_HOST)

-    if [[ "$MULTI_HOST" = "True" && "$from_net" = "$PRIVATE_NETWORK_NAME" ]]; then

-        return

+    # inverse the logic if we're testing no connectivity

+    if [[ "$expected" != "True" ]]; then

+        op=""

+        failmsg="[Fail] Could ping server"

     fi

-    if [[ "$expected" = "True" ]]; then

-        check_command="while ! ping -c1 -w1 $ip; do sleep 1; done"

-    else

-        check_command="while ping -c1 -w1 $ip; do sleep 1; done"

-    fi

-    if ! timeout $boot_timeout sh -c "$check_command"; then

-        if [[ "$expected" = "True" ]]; then

-            die $LINENO "[Fail] Couldn't ping server"

-        else

-            die $LINENO "[Fail] Could ping server"

-        fi

+

+    # Because we've transformed this command so many times, print it

+    # out at the end.

+    local check_command="while $op $ping_cmd -c1 -w1 $ip; do sleep 1; done"

+    echo "Checking connectivity with $check_command"

+

+    if ! timeout $timeout sh -c "$check_command"; then

+        die $LINENO $failmsg

     fi

 }

@@ -1404,27 +1404,6 @@ function _get_probe_cmd_prefix {

     echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id"

 }

-function _ping_check_neutron {

-    local from_net=$1

-    local ip=$2

-    local timeout_sec=$3

-    local expected=${4:-"True"}

-    local check_command=""

-    probe_cmd=`_get_probe_cmd_prefix $from_net`

-    if [[ "$expected" = "True" ]]; then

-        check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"

-    else

-        check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"

-    fi

-    if ! timeout $timeout_sec sh -c "$check_command"; then

-        if [[ "$expected" = "True" ]]; then

-            die $LINENO "[Fail] Couldn't ping server"

-        else

-            die $LINENO "[Fail] Could ping server"

-        fi

-    fi

-}

-

 # ssh check

 function _ssh_check_neutron {

     local from_net=$1

new file mode 100755

@@ -0,0 +1,65 @@

+#!/bin/bash

+#

+# Copyright 2015 Hewlett-Packard Development Company, L.P.

+#

+# Licensed under the Apache License, Version 2.0 (the "License"); you may

+# not use this file except in compliance with the License. You may obtain

+# a copy of the License at

+#

+#    http://www.apache.org/licenses/LICENSE-2.0

+#

+# Unless required by applicable law or agreed to in writing, software

+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT

+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the

+# License for the specific language governing permissions and limitations

+# under the License.

+

+# Ping a neutron guest using a network namespace probe

+

+set -o errexit

+set -o pipefail

+

+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)

+

+# This *must* be run as the admin tenant

+source $TOP_DIR/openrc admin admin

+

+function usage {

+    cat - <<EOF

+ping_neutron.sh <net_name> [ping args]

+

+This provides a wrapper to ping neutron guests that are on isolated

+tenant networks that the caller can't normally reach. It does so by

+creating a network namespace probe.

+

+It takes arguments like ping, except the first arg must be the network

+name.

+

+Note: in environments with duplicate network names, the results are

+non deterministic.

+

+This should *really* be in the neutron cli.

+

+EOF

+    exit 1

+}

+

+NET_NAME=$1

+

+if [[ -z "$NET_NAME" ]]; then

+    echo "Error: net_name is required"

+    usage

+fi

+

+REMANING_ARGS="${@:2}"

+

+# BUG: with duplicate network names, this fails pretty hard.

+NET_ID=$(neutron net-list $NET_NAME | grep "$NET_NAME" | awk '{print $2}')

+PROBE_ID=$(neutron-debug probe-list -c id -c network_id | grep "$NET_ID" | awk '{print $2}' | head -n 1)

+

+# This runs a command inside the specific netns

+NET_NS_CMD="ip netns exec qprobe-$PROBE_ID"

+

+PING_CMD="sudo $NET_NS_CMD ping $REMAING_ARGS"

+echo "Running $PING_CMD"

+$PING_CMD