#!/bin/bash
#
# Copyright 2020 VEXXHOST, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
#	 http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.

NEUTRON_STATE_PATH=/var/lib/neutron
function configure_mutnauq {
	_configure_neutron_common

	kubernetes_ensure_resource secret/neutron-rabbitmq
	NEUTRON_RABBITMQ_USERNAME=$(get_data_from_secret neutron-rabbitmq openstack username)
	NEUTRON_RABBITMQ_PASSWORD=$(get_data_from_secret neutron-rabbitmq openstack password)
	iniset $NEUTRON_CONF DEFAULT transport_url "rabbit://$NEUTRON_RABBITMQ_USERNAME:$NEUTRON_RABBITMQ_PASSWORD@rabbitmq-neutron.openstack.svc.cluster.local:5672/"

	if is_service_enabled q-metering; then
		_configure_neutron_metering
	fi
	if is_service_enabled q-agt q-svc; then
		_configure_neutron_service
	fi
	if is_service_enabled q-agt; then
		_configure_neutron_plugin_agent
	fi
	if is_service_enabled q-dhcp; then
		_configure_neutron_dhcp_agent
	fi
	if is_service_enabled q-l3; then
		_configure_neutron_l3_agent
	fi
	if is_service_enabled q-meta; then
		_configure_neutron_metadata_agent
	fi

	if [[ "$Q_DVR_MODE" != "legacy" ]]; then
		_configure_dvr
	fi
	if is_service_enabled ceilometer; then
		_configure_neutron_ceilometer_notifications
	fi

	iniset $NEUTRON_CONF DEFAULT api_workers "$API_WORKERS"
	# devstack is not a tool for running uber scale OpenStack
	# clouds, therefore running without a dedicated RPC worker
	# for state reports is more than adequate.
	iniset $NEUTRON_CONF DEFAULT rpc_state_report_workers 0
}
export -f configure_mutnauq

function create_mutnauq_accounts {
	# NOTE(mnaser): We'll have to drop all uses of this at some point
	create_service_user "neutron"
}

function install_mutnauq {
	echo noop
}
export -f install_mutnauq

function init_mutnauq {
	echo noop
}
export -f init_mutnauq

function start_neutron_service_and_check {
	neutron_plugin_configure_common

	kubectl -n openstack create secret generic neutron-config \
		--from-file=/etc/neutron/neutron.conf \
		--from-file=/etc/neutron/l3_agent.ini \
		--from-file=/etc/neutron/dhcp_agent.ini \
		--from-file=/etc/neutron/metadata_agent.ini \
		--from-file=/etc/neutron/api-paste.ini \
		--from-file=/etc/neutron/policy.json
	kubectl -n openstack create secret generic neutron-ml2-config \
		--from-file=/etc/neutron/plugins/ml2/ml2_conf.ini

	kubernetes_rollout_restart daemonset/neutron
	kubernetes_rollout_status daemonset/neutron
	proxy_pass_to_kubernetes /networking neutron neutron-api

	neutron_url=$Q_PROTOCOL://${Q_HOST}/networking/
	if ! wait_for_service $SERVICE_TIMEOUT $neutron_url; then
		die $LINENO "neutron-api did not start"
	fi
}
export -f start_neutron_service_and_check

function start_mutnauq_l2_agent {
	kubernetes_rollout_restart daemonset/neutron-openvswitch-agent
	kubernetes_rollout_status daemonset/neutron-openvswitch-agent

	if is_provider_network && [[ $Q_AGENT == "openvswitch" ]]; then
		sudo ovs-vsctl --no-wait -- --may-exist add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE
		sudo ip link set $OVS_PHYSICAL_BRIDGE up
		sudo ip link set br-int up
		sudo ip link set $PUBLIC_INTERFACE up
		if is_ironic_hardware; then
			for IP in $(ip addr show dev $PUBLIC_INTERFACE | grep ' inet ' | awk '{print $2}'); do
				sudo ip addr del $IP dev $PUBLIC_INTERFACE
				sudo ip addr add $IP dev $OVS_PHYSICAL_BRIDGE
			done
			sudo ip route replace $FIXED_RANGE via $NETWORK_GATEWAY dev $OVS_PHYSICAL_BRIDGE
		fi
	fi
}
export -f start_neutron_agents

function start_mutnauq_other_agents {
	kubernetes_rollout_restart daemonset/neutron-dhcp-agent
	kubernetes_rollout_status daemonset/neutron-dhcp-agent

	kubernetes_rollout_restart daemonset/neutron-l3-agent
	kubernetes_rollout_status daemonset/neutron-l3-agent

	kubernetes_rollout_restart daemonset/neutron-metadata-agent
	kubernetes_rollout_status daemonset/neutron-metadata-agent
}
export -f start_mutnauq_other_agents

function _configure_neutron_common {
	_create_neutron_conf_dir

	# Uses oslo config generator to generate core sample configuration files
	(cd $NEUTRON_DIR && exec ./tools/generate_config_file_samples.sh)

	cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF

	Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json

	# allow neutron user to administer neutron to match neutron account
	# NOTE(amotoki): This is required for nova works correctly with neutron.
	if [ -f $NEUTRON_DIR/etc/policy.json ]; then
		cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE
		sed -i 's/"context_is_admin":  "role:admin"/"context_is_admin":  "role:admin or user_name:neutron"/g' $Q_POLICY_FILE
	else
		echo '{"context_is_admin":  "role:admin or user_name:neutron"}' > $Q_POLICY_FILE
	fi

	# Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``.
	# For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``.
	neutron_plugin_configure_common

	if [[ "$Q_PLUGIN_CONF_PATH" == '' || "$Q_PLUGIN_CONF_FILENAME" == '' || "$Q_PLUGIN_CLASS" == '' ]]; then
		die $LINENO "Neutron plugin not set.. exiting"
	fi

	# If needed, move config file from ``$NEUTRON_DIR/etc/neutron`` to ``NEUTRON_CONF_DIR``
	mkdir -p /$Q_PLUGIN_CONF_PATH
	Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME
	# NOTE(hichihara): Some neutron vendor plugins were already decomposed and
	# there is no config file in Neutron tree. They should prepare the file in each plugin.
	if [ -f "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" ]; then
		cp "$NEUTRON_DIR/$Q_PLUGIN_CONF_FILE.sample" /$Q_PLUGIN_CONF_FILE
	elif [ -f $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE ]; then
		cp $NEUTRON_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE
	fi

	kubernetes_ensure_resource secret/neutron-mysql
	NEUTRON_DATABASE_USER=$(get_data_from_secret neutron-mysql openstack USER)
	NEUTRON_DATABASE_PASSWORD=$(get_data_from_secret neutron-mysql openstack PASSWORD)
	NEUTRON_DATABASE_NAME=$(get_data_from_secret neutron-mysql openstack DATABASE)
	iniset $NEUTRON_CONF database connection "mysql+pymysql://$NEUTRON_DATABASE_USER:$NEUTRON_DATABASE_PASSWORD@neutron-mysql-master/$NEUTRON_DATABASE_NAME?charset=utf8"

	iniset $NEUTRON_CONF DEFAULT state_path $NEUTRON_STATE_PATH
	iniset $NEUTRON_CONF DEFAULT use_syslog $SYSLOG
	iniset $NEUTRON_CONF DEFAULT bind_host $Q_LISTEN_ADDRESS
	iniset $NEUTRON_CONF oslo_concurrency lock_path $NEUTRON_STATE_PATH/lock
	# NOTE(freerunner): Need to adjust Region Name for nova in multiregion installation
	iniset $NEUTRON_CONF nova region_name $REGION_NAME

	if [ "$VIRT_DRIVER" = 'fake' ]; then
		# Disable arbitrary limits
		iniset $NEUTRON_CONF quotas quota_network -1
		iniset $NEUTRON_CONF quotas quota_subnet -1
		iniset $NEUTRON_CONF quotas quota_port -1
		iniset $NEUTRON_CONF quotas quota_security_group -1
		iniset $NEUTRON_CONF quotas quota_security_group_rule -1
	fi

	# Format logging
	setup_logging $NEUTRON_CONF

	if is_service_enabled tls-proxy && [ "$NEUTRON_DEPLOY_MOD_WSGI" == "False" ]; then
		# Set the service port for a proxy to take the original
		iniset $NEUTRON_CONF DEFAULT bind_port "$Q_PORT_INT"
		iniset $NEUTRON_CONF oslo_middleware enable_proxy_headers_parsing True
	fi

	_neutron_setup_rootwrap
}
export -f _configure_neutron_common

function _configure_neutron_service {
	Q_API_PASTE_FILE=$NEUTRON_CONF_DIR/api-paste.ini
	cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE

	# Update either configuration file with plugin
	iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS

	iniset $NEUTRON_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
	iniset $NEUTRON_CONF oslo_policy policy_file $Q_POLICY_FILE
	iniset $NEUTRON_CONF DEFAULT allow_overlapping_ips $Q_ALLOW_OVERLAPPING_IP

	iniset $NEUTRON_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY

	kubernetes_ensure_resource secret/neutron-application-credential
	NEUTRON_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret neutron-application-credential openstack secret)
	NEUTRON_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret neutron-application-credential openstack id)

	iniset $NEUTRON_CONF keystone_authtoken auth_url $KEYSTONE_AUTH_URI_V3
	iniset $NEUTRON_CONF keystone_authtoken auth_type v3applicationcredential
	iniset $NEUTRON_CONF keystone_authtoken application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
	iniset $NEUTRON_CONF keystone_authtoken application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET

	# Configuration for neutron notifications to nova.
	iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_status_changes $Q_NOTIFY_NOVA_PORT_STATUS_CHANGES
	iniset $NEUTRON_CONF DEFAULT notify_nova_on_port_data_changes $Q_NOTIFY_NOVA_PORT_DATA_CHANGES

	iniset $NEUTRON_CONF nova auth_url $KEYSTONE_AUTH_URI_V3
	iniset $NEUTRON_CONF nova auth_type v3applicationcredential
	iniset $NEUTRON_CONF nova application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
	iniset $NEUTRON_CONF nova application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET

	# Configure plugin
	neutron_plugin_configure_service
}
export -f _configure_neutron_service

function _neutron_ovs_base_add_bridge {
    echo noop
}
export -f _neutron_ovs_base_add_bridge

function _neutron_ovs_base_setup_bridge {
    echo noop
}
export -f _neutron_ovs_base_setup_bridge

function _neutron_ovs_base_configure_l3_agent {
	echo noop
}
export -f _neutron_ovs_base_configure_l3_agent

function _create_nova_configs_neutron {

    local conf=${1:-$NOVA_CONF}
	kubernetes_ensure_resource secret/neutron-application-credential
	NEUTRON_APPLICATION_CREDENTIAL_SECRET=$(get_data_from_secret neutron-application-credential openstack secret)
	NEUTRON_APPLICATION_CREDENTIAL_ID=$(get_data_from_secret neutron-application-credential openstack id)

	iniset $conf neutron auth_url $KEYSTONE_AUTH_URI_V3
	iniset $conf neutron auth_type v3applicationcredential
	iniset $conf neutron application_credential_id $NEUTRON_APPLICATION_CREDENTIAL_ID
	iniset $conf neutron application_credential_secret $NEUTRON_APPLICATION_CREDENTIAL_SECRET
    iniset $conf neutron auth_strategy "$Q_AUTH_STRATEGY"

    # optionally set options in nova_conf
    neutron_plugin_create_nova_conf $conf

    if is_service_enabled q-meta; then
        iniset $conf neutron service_metadata_proxy "True"
    fi

    iniset $conf DEFAULT vif_plugging_is_fatal "$VIF_PLUGGING_IS_FATAL"
    iniset $conf DEFAULT vif_plugging_timeout "$VIF_PLUGGING_TIMEOUT"
}

function create_nova_conf_neutron {
	_create_nova_configs_neutron $NOVA_CONF
	_create_nova_configs_neutron $NOVA_CPU_CONF
}
export -f create_nova_conf_neutron


# NOTE(Alex): Change the nova metadata host
function _configure_neutron_metadata_agent {
    cp $NEUTRON_DIR/etc/metadata_agent.ini.sample $Q_META_CONF_FILE

    iniset $Q_META_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
    iniset $Q_META_CONF_FILE DEFAULT nova_metadata_host nova-metadata.openstack.svc
	iniset $Q_META_CONF_FILE DEFAULT nova_metadata_port 80
    iniset $Q_META_CONF_FILE DEFAULT metadata_workers $API_WORKERS
    iniset $Q_META_CONF_FILE AGENT root_helper "$Q_RR_COMMAND"
    if [[ "$Q_USE_ROOTWRAP_DAEMON" == "True" ]]; then
        iniset $Q_META_CONF_FILE AGENT root_helper_daemon "$Q_RR_DAEMON_COMMAND"
    fi
}
export -f _configure_neutron_metadata_agent