Encapsulate all the neutron specific things you have to do ping a
neutron guest into a separate script. Refactor the main ping_check so
all logic is contained within it.
Change-Id: Ic79d8e3a2473b978551a5635a11dba07e1020bb2
... | ... |
@@ -182,7 +182,7 @@ IP=$(get_instance_ip $VM_UUID $PRIVATE_NETWORK_NAME) |
182 | 182 |
die_if_not_set $LINENO IP "Failure retrieving IP address" |
183 | 183 |
|
184 | 184 |
# Private IPs can be pinged in single node deployments |
185 |
-ping_check "$PRIVATE_NETWORK_NAME" $IP $BOOT_TIMEOUT |
|
185 |
+ping_check $IP $BOOT_TIMEOUT "$PRIVATE_NETWORK_NAME" |
|
186 | 186 |
|
187 | 187 |
# Clean up |
188 | 188 |
# -------- |
... | ... |
@@ -142,7 +142,7 @@ else |
142 | 142 |
die $LINENO "Failure authorizing rule in $SECGROUP" |
143 | 143 |
|
144 | 144 |
# Test we can ping our floating ip within ASSOCIATE_TIMEOUT seconds |
145 |
- ping_check "$PUBLIC_NETWORK_NAME" $FLOATING_IP $ASSOCIATE_TIMEOUT |
|
145 |
+ ping_check $FLOATING_IP $ASSOCIATE_TIMEOUT "$PUBLIC_NETWORK_NAME" |
|
146 | 146 |
|
147 | 147 |
# Revoke pinging |
148 | 148 |
euca-revoke -P icmp -s 0.0.0.0/0 -t -1:-1 $SECGROUP || \ |
... | ... |
@@ -139,7 +139,7 @@ IP=$(get_instance_ip $VM_UUID $PRIVATE_NETWORK_NAME) |
139 | 139 |
die_if_not_set $LINENO IP "Failure retrieving IP address" |
140 | 140 |
|
141 | 141 |
# Private IPs can be pinged in single node deployments |
142 |
-ping_check "$PRIVATE_NETWORK_NAME" $IP $BOOT_TIMEOUT |
|
142 |
+ping_check $IP $BOOT_TIMEOUT "$PRIVATE_NETWORK_NAME" |
|
143 | 143 |
|
144 | 144 |
# Floating IPs |
145 | 145 |
# ------------ |
... | ... |
@@ -158,7 +158,7 @@ nova add-floating-ip $VM_UUID $FLOATING_IP || \ |
158 | 158 |
die $LINENO "Failure adding floating IP $FLOATING_IP to $VM_NAME" |
159 | 159 |
|
160 | 160 |
# Test we can ping our floating IP within ASSOCIATE_TIMEOUT seconds |
161 |
-ping_check "$PUBLIC_NETWORK_NAME" $FLOATING_IP $ASSOCIATE_TIMEOUT |
|
161 |
+ping_check $FLOATING_IP $ASSOCIATE_TIMEOUT "$PUBLIC_NETWORK_NAME" |
|
162 | 162 |
|
163 | 163 |
if ! is_service_enabled neutron; then |
164 | 164 |
# Allocate an IP from second floating pool |
... | ... |
@@ -182,7 +182,7 @@ fi |
182 | 182 |
# FIXME (anthony): make xs support security groups |
183 | 183 |
if [ "$VIRT_DRIVER" != "ironic" -a "$VIRT_DRIVER" != "xenserver" -a "$VIRT_DRIVER" != "openvz" ]; then |
184 | 184 |
# Test we can aren't able to ping our floating ip within ASSOCIATE_TIMEOUT seconds |
185 |
- ping_check "$PUBLIC_NETWORK_NAME" $FLOATING_IP $ASSOCIATE_TIMEOUT Fail |
|
185 |
+ ping_check $FLOATING_IP $ASSOCIATE_TIMEOUT "$PUBLIC_NETWORK_NAME" Fail |
|
186 | 186 |
fi |
187 | 187 |
|
188 | 188 |
# Clean up |
... | ... |
@@ -143,7 +143,7 @@ IP=$(get_instance_ip $VM_UUID $PRIVATE_NETWORK_NAME) |
143 | 143 |
die_if_not_set $LINENO IP "Failure retrieving IP address" |
144 | 144 |
|
145 | 145 |
# Private IPs can be pinged in single node deployments |
146 |
-ping_check "$PRIVATE_NETWORK_NAME" $IP $BOOT_TIMEOUT |
|
146 |
+ping_check $IP $BOOT_TIMEOUT "$PRIVATE_NETWORK_NAME" |
|
147 | 147 |
|
148 | 148 |
# Volumes |
149 | 149 |
# ------- |
... | ... |
@@ -340,39 +340,42 @@ function wait_for_service { |
340 | 340 |
|
341 | 341 |
|
342 | 342 |
# ping check |
343 |
-# Uses globals ``ENABLED_SERVICES`` |
|
344 |
-# ping_check from-net ip boot-timeout expected |
|
343 |
+# Uses globals ``ENABLED_SERVICES``, ``TOP_DIR``, ``MULTI_HOST``, ``PRIVATE_NETWORK`` |
|
344 |
+# ping_check <ip> [boot-timeout] [from_net] [expected] |
|
345 | 345 |
function ping_check { |
346 |
- if is_service_enabled neutron; then |
|
347 |
- _ping_check_neutron "$1" $2 $3 $4 |
|
348 |
- return |
|
346 |
+ local ip=$1 |
|
347 |
+ local timeout=${2:-30} |
|
348 |
+ local from_net=${3:-""} |
|
349 |
+ local expected=${4:-True} |
|
350 |
+ local op="!" |
|
351 |
+ local failmsg="[Fail] Couldn't ping server" |
|
352 |
+ local ping_cmd="ping" |
|
353 |
+ |
|
354 |
+ # if we don't specify a from_net we're expecting things to work |
|
355 |
+ # fine from our local box. |
|
356 |
+ if [[ -n "$from_net" ]]; then |
|
357 |
+ if is_service_enabled neutron; then |
|
358 |
+ ping_cmd="$TOP_DIR/tools/ping_neutron.sh $from_net" |
|
359 |
+ elif [[ "$MULTI_HOST" = "True" && "$from_net" = "$PRIVATE_NETWORK_NAME" ]]; then |
|
360 |
+ # there is no way to address the multihost / private case, bail here for compatibility. |
|
361 |
+ # TODO: remove this cruft and redo code to handle this at the caller level. |
|
362 |
+ return |
|
363 |
+ fi |
|
349 | 364 |
fi |
350 |
- _ping_check_novanet "$1" $2 $3 $4 |
|
351 |
-} |
|
352 | 365 |
|
353 |
-# ping check for nova |
|
354 |
-# Uses globals ``MULTI_HOST``, ``PRIVATE_NETWORK`` |
|
355 |
-function _ping_check_novanet { |
|
356 |
- local from_net=$1 |
|
357 |
- local ip=$2 |
|
358 |
- local boot_timeout=$3 |
|
359 |
- local expected=${4:-"True"} |
|
360 |
- local check_command="" |
|
361 |
- MULTI_HOST=$(trueorfalse False MULTI_HOST) |
|
362 |
- if [[ "$MULTI_HOST" = "True" && "$from_net" = "$PRIVATE_NETWORK_NAME" ]]; then |
|
363 |
- return |
|
366 |
+ # inverse the logic if we're testing no connectivity |
|
367 |
+ if [[ "$expected" != "True" ]]; then |
|
368 |
+ op="" |
|
369 |
+ failmsg="[Fail] Could ping server" |
|
364 | 370 |
fi |
365 |
- if [[ "$expected" = "True" ]]; then |
|
366 |
- check_command="while ! ping -c1 -w1 $ip; do sleep 1; done" |
|
367 |
- else |
|
368 |
- check_command="while ping -c1 -w1 $ip; do sleep 1; done" |
|
369 |
- fi |
|
370 |
- if ! timeout $boot_timeout sh -c "$check_command"; then |
|
371 |
- if [[ "$expected" = "True" ]]; then |
|
372 |
- die $LINENO "[Fail] Couldn't ping server" |
|
373 |
- else |
|
374 |
- die $LINENO "[Fail] Could ping server" |
|
375 |
- fi |
|
371 |
+ |
|
372 |
+ # Because we've transformed this command so many times, print it |
|
373 |
+ # out at the end. |
|
374 |
+ local check_command="while $op $ping_cmd -c1 -w1 $ip; do sleep 1; done" |
|
375 |
+ echo "Checking connectivity with $check_command" |
|
376 |
+ |
|
377 |
+ if ! timeout $timeout sh -c "$check_command"; then |
|
378 |
+ die $LINENO $failmsg |
|
376 | 379 |
fi |
377 | 380 |
} |
378 | 381 |
|
... | ... |
@@ -1404,27 +1404,6 @@ function _get_probe_cmd_prefix { |
1404 | 1404 |
echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id" |
1405 | 1405 |
} |
1406 | 1406 |
|
1407 |
-function _ping_check_neutron { |
|
1408 |
- local from_net=$1 |
|
1409 |
- local ip=$2 |
|
1410 |
- local timeout_sec=$3 |
|
1411 |
- local expected=${4:-"True"} |
|
1412 |
- local check_command="" |
|
1413 |
- probe_cmd=`_get_probe_cmd_prefix $from_net` |
|
1414 |
- if [[ "$expected" = "True" ]]; then |
|
1415 |
- check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done" |
|
1416 |
- else |
|
1417 |
- check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done" |
|
1418 |
- fi |
|
1419 |
- if ! timeout $timeout_sec sh -c "$check_command"; then |
|
1420 |
- if [[ "$expected" = "True" ]]; then |
|
1421 |
- die $LINENO "[Fail] Couldn't ping server" |
|
1422 |
- else |
|
1423 |
- die $LINENO "[Fail] Could ping server" |
|
1424 |
- fi |
|
1425 |
- fi |
|
1426 |
-} |
|
1427 |
- |
|
1428 | 1407 |
# ssh check |
1429 | 1408 |
function _ssh_check_neutron { |
1430 | 1409 |
local from_net=$1 |
1431 | 1410 |
new file mode 100755 |
... | ... |
@@ -0,0 +1,65 @@ |
0 |
+#!/bin/bash |
|
1 |
+# |
|
2 |
+# Copyright 2015 Hewlett-Packard Development Company, L.P. |
|
3 |
+# |
|
4 |
+# Licensed under the Apache License, Version 2.0 (the "License"); you may |
|
5 |
+# not use this file except in compliance with the License. You may obtain |
|
6 |
+# a copy of the License at |
|
7 |
+# |
|
8 |
+# http://www.apache.org/licenses/LICENSE-2.0 |
|
9 |
+# |
|
10 |
+# Unless required by applicable law or agreed to in writing, software |
|
11 |
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
|
12 |
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
|
13 |
+# License for the specific language governing permissions and limitations |
|
14 |
+# under the License. |
|
15 |
+ |
|
16 |
+# Ping a neutron guest using a network namespace probe |
|
17 |
+ |
|
18 |
+set -o errexit |
|
19 |
+set -o pipefail |
|
20 |
+ |
|
21 |
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd) |
|
22 |
+ |
|
23 |
+# This *must* be run as the admin tenant |
|
24 |
+source $TOP_DIR/openrc admin admin |
|
25 |
+ |
|
26 |
+function usage { |
|
27 |
+ cat - <<EOF |
|
28 |
+ping_neutron.sh <net_name> [ping args] |
|
29 |
+ |
|
30 |
+This provides a wrapper to ping neutron guests that are on isolated |
|
31 |
+tenant networks that the caller can't normally reach. It does so by |
|
32 |
+creating a network namespace probe. |
|
33 |
+ |
|
34 |
+It takes arguments like ping, except the first arg must be the network |
|
35 |
+name. |
|
36 |
+ |
|
37 |
+Note: in environments with duplicate network names, the results are |
|
38 |
+non deterministic. |
|
39 |
+ |
|
40 |
+This should *really* be in the neutron cli. |
|
41 |
+ |
|
42 |
+EOF |
|
43 |
+ exit 1 |
|
44 |
+} |
|
45 |
+ |
|
46 |
+NET_NAME=$1 |
|
47 |
+ |
|
48 |
+if [[ -z "$NET_NAME" ]]; then |
|
49 |
+ echo "Error: net_name is required" |
|
50 |
+ usage |
|
51 |
+fi |
|
52 |
+ |
|
53 |
+REMANING_ARGS="${@:2}" |
|
54 |
+ |
|
55 |
+# BUG: with duplicate network names, this fails pretty hard. |
|
56 |
+NET_ID=$(neutron net-list $NET_NAME | grep "$NET_NAME" | awk '{print $2}') |
|
57 |
+PROBE_ID=$(neutron-debug probe-list -c id -c network_id | grep "$NET_ID" | awk '{print $2}' | head -n 1) |
|
58 |
+ |
|
59 |
+# This runs a command inside the specific netns |
|
60 |
+NET_NS_CMD="ip netns exec qprobe-$PROBE_ID" |
|
61 |
+ |
|
62 |
+PING_CMD="sudo $NET_NS_CMD ping $REMAING_ARGS" |
|
63 |
+echo "Running $PING_CMD" |
|
64 |
+$PING_CMD |