---
- name: Cleanup neutron router and dhcp interfaces
  shell: |
    ovs-vsctl list interface | awk '/name[ ]*: qr-|ha-|qg-|rfp-/ { print $3 }' | xargs -n1 ovs-vsctl del-port

    # dhcp tap ports cannot be easily distinguished from ovsfw ports, so we
    # list them from within the qdhcp namespaces
    for netns in `ip netns  | awk '{ print $1 }' | grep qdhcp-`; do
      for dhcp_port in `ip netns exec $netns ip -o link show | awk -F': ' '{print $2}' | grep tap`; do
        ovs-vsctl del-port $dhcp_port
      done
    done

- name: Cleanup neutron trunk subports
  shell: |
    ovs-vsctl list interface | awk '/name[ ]*: sp[it]-/ { print $3 }' | xargs -n1 ovs-vsctl del-port

- name: Clean neutron datapath security groups from iptables
  shell: |
    iptables-save > /tmp/iptables-before-cleanup
    cat /tmp/iptables-before-cleanup | grep -v neutron-openvswi | \
        grep -v neutron-filter > /tmp/iptables-after-cleanup

    if ! cmp /tmp/iptables-before-cleanup /tmp/iptables-after-cleanup
    then
      cat /tmp/iptables-after-cleanup | iptables-restore
      echo "Security groups cleaned"
    fi
  register: out
  changed_when: "'Security groups cleaned' in out.stdout"

- name: Cleanup neutron datapath resources
  become: yes
  shell: |
    for container in $(podman ps -a --format {% raw %}"{{.ID}}"{% endraw %} --filter "name=(neutron-(dibbler|dnsmasq|haproxy|keepalived)-.*|dhcp_dnsmasq|dhcp_haproxy|l3_keepalived|l3_haproxy|l3_dibbler|l3_radvd)"); do
        echo "Cleaning up side-car container $container"
        podman stop $container
        podman rm -f $container
    done

    # cleanup Neutron ml2/ovs namespaces
    for netns in $(ip netns | awk '/^(snat|fip|qdhcp|qrouter)-/{ print $1 }'); do
        echo "Cleaning up namespace $netns"
        ip netns delete $netns
    done