package com.cloudsoftcorp.monterey.amazon.deploymentservice;

import com.amazonaws.auth.AWSCredentials;
import com.amazonaws.services.ec2.AmazonEC2;
import com.amazonaws.services.ec2.AmazonEC2Client;
import com.amazonaws.services.ec2.model.Image;
import com.amazonaws.services.ec2.model.Instance;
import com.amazonaws.services.ec2.model.Region;
import com.cloudsoftcorp.monterey.amazon.AwsUtils;
import com.cloudsoftcorp.monterey.amazon.checks.MachineIsReachableCheck;
import com.cloudsoftcorp.monterey.amazon.checks.PollingCheck;
import com.cloudsoftcorp.monterey.clouds.CloudAccount;
import com.cloudsoftcorp.monterey.clouds.CloudEnvironment;
import com.cloudsoftcorp.monterey.clouds.DeploymentService;
import com.cloudsoftcorp.monterey.clouds.MontereyNetworkSummaryImpl;
import com.cloudsoftcorp.monterey.clouds.NetworkId;
import com.cloudsoftcorp.monterey.clouds.basic.DeploymentUtils;
import com.cloudsoftcorp.monterey.clouds.dto.ProvisioningConfigDto;
import com.cloudsoftcorp.monterey.clouds.mementos.CloudNetworkCustomMemento;
import com.cloudsoftcorp.monterey.control.basic.CloudsoftSystemProperties;
import com.cloudsoftcorp.monterey.location.api.MontereyLocation;
import com.cloudsoftcorp.monterey.network.control.plane.web.PingWebProxy;
import com.cloudsoftcorp.monterey.provisioning.basic.SshableMachine;
import com.cloudsoftcorp.util.Loggers;
import com.cloudsoftcorp.util.exception.RuntimeWrappedException;
import com.cloudsoftcorp.util.web.client.CredentialsConfig;
import com.cloudsoftcorp.util.web.server.WebConfig;
import java.io.File;
import java.io.IOException;
import java.net.URL;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.TimeUnit;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:com/cloudsoftcorp/monterey/amazon/deploymentservice/AmazonDeploymentService.class */
public class AmazonDeploymentService implements DeploymentService {
    private static final Logger LOG = Loggers.getLogger(AmazonDeploymentService.class);
    private static final int MANAGEMENT_NODE_START_TIMEOUT = 300000;

    private AmazonEC2Client newEc2Client(String str, AWSCredentials aWSCredentials) {
        AmazonEC2Client amazonEC2Client = new AmazonEC2Client(aWSCredentials);
        amazonEC2Client.setEndpoint(AwsUtils.findRegion(amazonEC2Client, str).getEndpoint());
        return amazonEC2Client;
    }

    public boolean hasSpareCapacity() {
        return true;
    }

    public ProvisioningConfigDto getProvisioningConfig(CloudAccount cloudAccount) {
        return new ProvisioningConfigDto(new AmazonAccountConfig(cloudAccount.getCloudAccountMemento().getProviderProperties()).generateResourceProvisionerConf());
    }

    public CloudNetworkCustomMemento newNetwork(MontereyLocation montereyLocation, CloudAccount cloudAccount, CloudEnvironment cloudEnvironment) {
        String providerLocationId = montereyLocation.getProviderLocationId();
        AmazonAccountConfig amazonAccountConfig = new AmazonAccountConfig(cloudAccount.getCloudAccountMemento().getProviderProperties());
        AmazonEC2Client newEc2Client = newEc2Client(providerLocationId, amazonAccountConfig.getAwsCredentials());
        List webCredentials = cloudEnvironment.getCloudEnvironmentMemento().getWebCredentials();
        File encryptedWebUsersConfFile = DeploymentUtils.toEncryptedWebUsersConfFile(webCredentials);
        CredentialsConfig findWebApiAdminCredential = DeploymentUtils.findWebApiAdminCredential(webCredentials);
        NetworkId newId = NetworkId.Factory.newId();
        Region findRegion = AwsUtils.findRegion(newEc2Client, montereyLocation.getProviderLocationId());
        Image findDesiredImage = AwsUtils.findDesiredImage(newEc2Client, findRegion, amazonAccountConfig.getMontereyImageName(), amazonAccountConfig.getMontereyImageVersion(), amazonAccountConfig.getMontereyImageOwner());
        if (findDesiredImage == null) {
            throw new IllegalStateException("Image not found in region " + findRegion + " with name '" + amazonAccountConfig.getMontereyImageName() + "', version " + amazonAccountConfig.getMontereyImageVersion().toFullString());
        }
        Instance runInstance = AwsUtils.runInstance(newEc2Client, findDesiredImage.getImageId(), amazonAccountConfig.getKeypairsForRegions().get(providerLocationId), amazonAccountConfig.getInstanceType(), new String(Base64.encodeBase64(("export AWS_ACCESS_KEY_ID=" + amazonAccountConfig.getAwsCredentials().getAWSAccessKeyId() + "\nexport AWS_SECRET_ACCESS_KEY=" + amazonAccountConfig.getAwsCredentials().getAWSSecretKey() + "\n").getBytes())), AwsUtils.createTags(newId.getId(), AwsUtils.NodeType.MANAGEMENT_NODE, AwsUtils.getVersion(findDesiredImage)), amazonAccountConfig.getSecurityGroup());
        try {
            SshableMachine sshableMachine = new SshableMachine(runInstance.getPublicDnsName(), "root", amazonAccountConfig.getSshKeyFilesForRegions().get(montereyLocation.getProviderLocationId()), SshableMachine.HostKeyChecking.NO, 0);
            if (!new PollingCheck(new MachineIsReachableCheck(sshableMachine), TimeUnit.SECONDS.toMillis(600L), TimeUnit.SECONDS.toMillis(5L)).startPolling()) {
                throw new IllegalStateException("Instance not reachable over SSH within 10mins: machine=" + sshableMachine + "; instanceId=" + runInstance.getInstanceId());
            }
            sshableMachine.executeSshAndLog(Arrays.asList("curl http://169.254.169.254/latest/user-data >> /root/.bash_profile"));
            sshableMachine.executeScp(encryptedWebUsersConfFile.getPath(), "/home/monterey/monterey-management-node/conf/web-users.conf");
            WebConfig webConfig = new WebConfig(true, amazonAccountConfig.getMontereyWebApiPort(), amazonAccountConfig.getMontereyWebApiProtocol(), (String) null);
            webConfig.setSslKeystore("/home/monterey/monterey-management-node/conf/keystore");
            webConfig.setSslKeystorePassword(amazonAccountConfig.getMontereyWebApiSslKeystorePassword());
            webConfig.setSslKeyPassword(amazonAccountConfig.getMontereyWebApiSslKeyPassword());
            File webConfFile = DeploymentUtils.toWebConfFile(webConfig);
            if (amazonAccountConfig.getLoggingFileOverride() != null) {
                sshableMachine.executeScp(amazonAccountConfig.getLoggingFileOverride().getPath(), "/home/monterey/monterey-management-node/conf/logging.properties");
                sshableMachine.executeScp(amazonAccountConfig.getLoggingFileOverride().getPath(), "/home/monterey/monterey-management-node/conf/customized-network-node-logging.properties");
            }
            sshableMachine.executeScp(webConfFile.getPath(), "/home/monterey/monterey-management-node/conf/web.conf");
            if (amazonAccountConfig.getMontereyWebApiProtocol().equals("https")) {
                sshableMachine.executeScp(amazonAccountConfig.getMontereyWebApiSslKeystore().getPath(), "/home/monterey/monterey-management-node/conf/keystore");
            }
            sshableMachine.executeSshAndLog(Arrays.asList("source /root/.bash_profile;/home/monterey/monterey-management-node/scripts/osgi-management-node-start.sh -address " + runInstance.getPublicDnsName() + " -port " + amazonAccountConfig.getMontereyNodePort() + " -networkId " + newId.getId() + " -key " + newId.getId() + " -webConfig /home/monterey/monterey-management-node/conf/web.conf >/home/monterey/monterey-management-node/log/remote-launch.log &"));
            MontereyNetworkSummaryImpl montereyNetworkSummaryImpl = new MontereyNetworkSummaryImpl(newId, new URL(amazonAccountConfig.getMontereyWebApiProtocol() + "://" + runInstance.getPublicDnsName() + ":" + amazonAccountConfig.getMontereyWebApiPort()), findWebApiAdminCredential);
            AmazonCustomNetworkMemento amazonCustomNetworkMemento = new AmazonCustomNetworkMemento(montereyNetworkSummaryImpl, runInstance.getPublicDnsName(), findRegion.getRegionName(), runInstance.getInstanceId());
            if (!new PingWebProxy(montereyNetworkSummaryImpl.getManagementUrl().toString(), montereyNetworkSummaryImpl.getWebApiAdminCredentials(), amazonAccountConfig.getMontereyWebApiSslKeystore() != null ? amazonAccountConfig.getMontereyWebApiSslKeystore().getPath() : null, amazonAccountConfig.getMontereyWebApiSslKeystorePassword()).waitForReachable(MANAGEMENT_NODE_START_TIMEOUT)) {
                throw new IllegalStateException("Management plane not reachable via web-api within 5mins: url=" + montereyNetworkSummaryImpl.getManagementUrl());
            }
            LOG.info("Created new monterey network: " + montereyNetworkSummaryImpl);
            return amazonCustomNetworkMemento;
        } catch (Exception e) {
            if (CloudsoftSystemProperties.DEBUG.isEnabled()) {
                LOG.log(Level.WARNING, "Error creating monterey network; leaving failed instance " + runInstance.getInstanceId() + " " + runInstance.getPublicDnsName() + " in state " + runInstance.getState(), (Throwable) e);
            } else {
                LOG.log(Level.WARNING, "Error creating monterey network; terminating failed instance " + runInstance.getInstanceId() + " " + runInstance.getPublicDnsName() + " in state " + runInstance.getState(), (Throwable) e);
                AwsUtils.terminateInstance((AmazonEC2) newEc2Client, runInstance);
            }
            throw new RuntimeWrappedException("Error creating monterey network in " + montereyLocation.getId(), e);
        }
    }

    public void shutdownNetwork(CloudNetworkCustomMemento cloudNetworkCustomMemento, CloudAccount cloudAccount) throws IOException {
        LOG.info("Shutting down monterey network " + cloudNetworkCustomMemento.getNetworkSummary().getNetworkId());
        AmazonCustomNetworkMemento amazonCustomNetworkMemento = (AmazonCustomNetworkMemento) cloudNetworkCustomMemento;
        AwsUtils.terminateInstance(newEc2Client(amazonCustomNetworkMemento.region, new AmazonAccountConfig(cloudAccount.getCloudAccountMemento().getProviderProperties()).getAwsCredentials()), amazonCustomNetworkMemento.instanceId);
    }
}
