#!/bin/bash
NEW_BASE="$BASE/new"
DISKIMAGE_CREATE_DIR=$NEW_BASE/group-based-policy/gbpservice/contrib/nfp/tools/image_builder/

function prepare_nfp_image_builder {
    #setup_develop $NFPSERVICE_DIR
    sudo -H -E pip install -r $DISKIMAGE_CREATE_DIR/requirements.txt
    sudo apt-get install -y --force-yes qemu-utils
}

function create_nfp_image {
    TOP_DIR=$1
    sudo python -c\
 'from gbpservice.contrib.nfp.tools.image_builder import disk_image_create as DIB;\
 DIB.cur_dir = "'$DISKIMAGE_CREATE_DIR'";\
 DIB.conf["ubuntu_release"] = {"release": "wily"};\
 DIB.conf["dib"] = {"image_size": 3, "elements": ["nfp-reference-configurator", "dhcp-all-interfaces", "devuser"], "offline": True, "cache_dir": "'$HOME'/.cache/image-create"};\
 DIB.dib()'
    BUILT_IMAGE_PATH=$(cat $DISKIMAGE_CREATE_DIR/output/last_built_image_path)
    upload_image file://$BUILT_IMAGE_PATH

    openstack --os-cloud=devstack-admin flavor create --ram 512 --disk 3 --vcpus 1 m1.nfp-tiny
}

function assign_user_role_credential {
    openstack --os-cloud=devstack-admin role add --project service --user nova service
    openstack --os-cloud=devstack-admin role add --project service --user neutron admin
}

function namespace_delete {
    TOP_DIR=$1
    source $TOP_DIR/openrc neutron service
    #Deletion namespace
    NFP_P=`sudo ip netns | grep "nfp-proxy"`
    if [ ${#NFP_P} -ne 0 ]; then
        sudo ip netns delete nfp-proxy
        echo "namespace removed"
    fi

    #Delete veth peer
    PEER=`ip a | grep pt1`
    if [ ${#PEER} -ne 0 ]; then
        echo "veth peer removed"
        sudo ip link delete pt1
    fi

    #pt1 port removing from ovs
    PORT=`sudo ovs-vsctl show | grep "pt1"`
    if [ ${#PORT} -ne 0 ]; then
        sudo ovs-vsctl del-port br-int pt1
        echo "ovs port ptr1 is removed"
    fi

    echo "nfp-proxy cleaning success.... "
}

function namespace_create {
    TOP_DIR=$1
    #doing it in namespace_delete, so no need to do it again
    #source $1/openrc neutron service
    SERVICE_MGMT_NET="l2p_svc_management_ptg"
    cidr="/24"
    echo "Creating new namespace nfp-proxy...."

    #new namespace with name proxy
    NFP_P=`sudo ip netns add nfp-proxy`
    if [ ${#NFP_P} -eq 0 ]; then
        echo "New namepace nfp-proxt create"
    else
        echo "nfp-proxy creation failed"
        exit 0
    fi

    #Create veth peer
    PEER=`sudo ip link add pt0 type veth peer name pt1`
    if [ ${#PEER} -eq 0 ]; then
        echo "New veth pair created"
    else
        echo "veth pair creation failed"
        exit 0
    fi
    sleep 1

    #move one side of veth into namesape
    sudo ip link set pt0 netns nfp-proxy

    #create new neutron port in service mgmt network
    new_ip=`neutron port-create --name nfp-proxy_port $SERVICE_MGMT_NET | grep "fixed_ips" | awk '{print $7}' | sed 's/^\"\(.*\)\"}$/\1/'`
    if [ ${#new_ip} -lt 5 ]; then
        echo "new_ip =$new_ip"
        echo "Neutron port creation failed (check source) "
        exit 0
    else
        echo "New Neutron Port Created on Service management network with ip =$new_ip"
    fi
    new_ip_cidr+="$new_ip/24"
    sleep 2

    #get the ip address of new port eg : 11.0.0.6 and asign to namespace
    sudo ip netns exec nfp-proxy ip addr add $new_ip_cidr dev pt0

    #move other side of veth into ovs : br-int
    sudo ovs-vsctl add-port br-int pt1

    #get id of service management network
    smn_id=`neutron net-list | grep "$SERVICE_MGMT_NET" | awk '{print $2}'`

    #get the dhcp namespace of service management network
    nm_space=`sudo ip netns | grep "$smn_id"`

    #get port id from router nampace
    port=`sudo ip netns exec $nm_space ip a | grep "tap" | tail -n 1 | awk '{print $7}'`

    #get tag_id  form port in ovs-bridge
    tag_id=`sudo ovs-vsctl list port $port | grep "tag" | tail -n 1 | awk '{print $3}'`

    sudo ovs-vsctl set port pt1 tag=$tag_id

    #up the both ports
    sudo ip netns exec nfp-proxy ip link set pt0 up
    sudo ip netns exec nfp-proxy ip link set lo up
    sudo ip link set pt1 up

    PING=`sudo ip netns exec nfp-proxy ping $2 -q -c 2 > /dev/null`
    if [ ${#PING} -eq 0 ]
    then
        echo "nfp-proxy namespcace creation success and reaching to $2"
    else
        echo "Fails reaching to $2"
    fi

    sudo ip netns exec nfp-proxy /usr/bin/nfp_proxy --config-file=/etc/nfp.ini
}

function create_nfp_gbp_resources {
   TOP_DIR=$1
   source $TOP_DIR/openrc neutron service
   IMAGE_PATH=$(cat $DISKIMAGE_CREATE_DIR/output/last_built_image_path)
   IMAGE_NAME=`basename "$IMAGE_PATH"`
   IMAGE_NAME_FLAT="${IMAGE_NAME%.*}"
   FLAVOR=m1.nfp-tiny

   gbp network-service-policy-create --network-service-params type=ip_pool,name=vip_ip,value=nat_pool svc_mgmt_fip_policy
   gbp service-profile-create --servicetype LOADBALANCERV2 --insertion-mode l3 --shared True --service-flavor service_vendor=haproxy,device_type=None --vendor NFP base_mode_lb
   gbp service-profile-create --servicetype FIREWALL --insertion-mode l3 --shared True --service-flavor service_vendor=vyos,device_type=None --vendor NFP base_mode_fw
   gbp service-profile-create --servicetype FIREWALL --insertion-mode l3 --shared True --service-flavor service_vendor=nfp,device_type=nova,image_name=$IMAGE_NAME_FLAT,flavor=$FLAVOR --vendor NFP base_mode_fw_vm

   gbp l3policy-create --ip-version 4 --ip-pool 172.16.0.0/16 --subnet-prefix-length 20 --proxy-ip-pool=172.17.0.0/16 service_management

   gbp l2policy-create --l3-policy service_management svc_management_ptg

   gbp group-create svc_management_ptg --service_management True --l2-policy svc_management_ptg

}

function delete_nfp_gbp_resources {
   TOP_DIR=$1
   source $TOP_DIR/openrc neutron service

   neutron port-delete nfp-proxy_port

   gbp ptg-show svc_management_ptg -f value -c policy_targets
   gbp ptg-show svc_management_ptg -f value -c policy_targets | xargs -I {} gbp pt-show {}
   nova list

   gbp group-delete svc_management_ptg
   gbp service-profile-delete base_mode_fw_vm
   gbp service-profile-delete base_mode_fw
   gbp service-profile-delete base_mode_lb
   gbp network-service-policy-delete svc_mgmt_fip_policy
}

function get_router_namespace {
    TOP_DIR=$1
    source $TOP_DIR/openrc neutron service

    GROUP="svc_management_ptg"
    echo "GroupName: $GROUP"

    l2p_id=`gbp ptg-show svc_management_ptg | grep l2_policy_id | awk '{print $4}'`
    l3p_id=`gbp l2p-show $l2p_id | grep l3_policy_id | awk '{print $4}'`
    RouterId=`gbp l3p-show $l3p_id | grep routers | awk '{print $4}'`
}

function copy_nfp_files_and_start_process {
    TOP_DIR=$1
    cd $NEW_BASE/group-based-policy/gbpservice/nfp
    sudo cp -r  bin/nfp /usr/bin/
    sudo chmod +x /usr/bin/nfp
    sudo rm -rf /etc/nfp.ini
    sudo cp -r  bin/nfp.ini /etc/
    sudo cp -r  bin/nfp_proxy /usr/bin/

    configurator_ip=127.0.0.1
    configurator_port=8080
    echo "Configuring nfp.ini .... with nfp_controller_ip as $configurator_ip"
    sudo sed -i "s/nfp_controller_ip=*.*/nfp_controller_ip=$configurator_ip/g" /etc/nfp.ini
    sudo sed -i "s/nfp_controller_port= *.*/nfp_controller_port=$configurator_port/g" /etc/nfp.ini

    source $TOP_DIR/inc/ini-config

    admin_user=`iniget /etc/neutron/neutron.conf keystone_authtoken username`
    admin_password=`iniget /etc/neutron/neutron.conf keystone_authtoken password`
    admin_tenant_name=`iniget /etc/neutron/neutron.conf keystone_authtoken project_name`
    auth_uri=`iniget /etc/neutron/neutron.conf keystone_authtoken auth_uri`
    auth_protocol=$(echo $auth_uri | tr ':/' ' ' | awk '{print $1}')
    auth_host=$(echo $auth_uri | tr ':/' ' ' | awk '{print $2}')
    #auth_port=$(echo $auth_uri | tr ':/' ' ' | awk '{print $3}')
    #auth_version=$(echo $auth_uri | tr ':/' ' ' | awk '{print $4}')
    #auth_version=${auth_version:-v2.0}
    auth_port=5000
    auth_version=v2.0
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken admin_user $admin_user
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken admin_password $admin_password
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken admin_tenant_name $admin_tenant_name
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken auth_protocol $auth_protocol
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken auth_host $auth_host
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken auth_port $auth_port
    iniset -sudo /etc/nfp.ini nfp_keystone_authtoken auth_version $auth_version

    ipnetns_router=`sudo ip netns |grep $RouterId`

    source $TOP_DIR/functions-common

    echo "Starting orchestrator  >>>> under screen named : orchestrator"
    run_process orchestrator "sudo /usr/bin/nfp  --module orchestrator --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini --config-file /etc/nfp.ini --log-file $DEST/logs/nfp_orchestrator.log"
    sleep 1

    echo "Starting proxy_agent  >>>> under screen named : proxy_agent"
    run_process proxy_agent "sudo /usr/bin/nfp --module proxy_agent --config-file /etc/nfp.ini --log-file $DEST/logs/nfp_proxy_agent.log"
    sleep 1

    echo "Starting proxy server under Namespace : nfp-proxy namespace >>>> under screen named : proxy"
    run_process proxy "source $NEW_BASE/devstack/lib/nfp;namespace_delete $TOP_DIR;namespace_create $TOP_DIR $configurator_ip"
    sleep 10

    cd pecan/api
    sudo python setup.py develop
    sudo mkdir -p /var/log/nfp
    sudo touch /var/log/nfp/nfp_pecan.log
    echo "Starting base_configurator  >>>> under screen named : base_configurator"
    run_process base_configurator "cd $NEW_BASE/group-based-policy/gbpservice/nfp/pecan/api;sudo ip netns exec nfp-proxy pecan configurator_decider config.py --mode base"
    sleep 1

    echo "Running gbp-db-manage"

    source $TOP_DIR/openrc neutron service

    gbp-db-manage --config-file /etc/neutron/neutron.conf upgrade head
    sleep 2
    echo "Configuration success ... "
}


function restart_devstack_screen_processes {
    SCREEN_NAME=stack
    SERVICE_DIR=$DEST/status/$SCREEN_NAME
    bin=/usr/local/bin
    proc_screen_name=$1
    sandbox=$2
    proc_name=$3
    param=$4
    extra_param=$5

    cmd=$bin/$proc_name\ $param\ $extra_param
    cmd="$(echo -e "${cmd}" | sed -e 's/[[:space:]]*$//')"
    
    if [[ ! -z "${sandbox// }" ]]; then
        cmd=$sandbox\ \'$cmd\'
    fi

    # stop the process
    screen -S $SCREEN_NAME -p $proc_screen_name -X kill
    sleep 4

    # start the process
    screen -S $SCREEN_NAME -X screen -t $proc_screen_name
    screen -S $SCREEN_NAME -p $proc_screen_name -X stuff "$cmd \
        & echo \$! >$SERVICE_DIR/${proc_screen_name}.pid; fg || \
        echo \"$proc_screen_name failed to start\" \
        | tee \"$SERVICE_DIR/${proc_screen_name}.failure\"\n"
    sleep 5
}

function restart_neutron_server {
    proc=q-svc
    proc_name=neutron-server
    sandbox=
    param="--config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini"
    extra_param="--log-file /opt/stack/new/logs/q-svc.log"
    restart_devstack_screen_processes "$proc" "$sandbox" "$proc_name" "$param" "$extra_param"
}

function configure_lbaas {
    echo "Configuring NFP Loadbalancer plugin driver"
    LBAAS_SERVICE_PROVIDER=LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
    sudo\
 sed\
 -i\
 '/^service_provider.*:default/'\
's'/\
':default'/\
'\n'\
"service_provider = $LBAAS_SERVICE_PROVIDER"/\
 /etc/neutron/neutron_lbaas.conf

    echo "Configuring ineterface driver"
    iniset -sudo /etc/neutron/neutron_lbaas.conf DEFAULT interface_driver openvswitch
    echo "whereis neutron-lbaasv2-agent: " `whereis neutron-lbaasv2-agent`
    TOP_DIR=$1
    source $TOP_DIR/functions-common
    echo "Starting Lbaasv2 Agent"
    run_process q-lbaasv2-agent "sudo neutron-lbaasv2-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/neutron_lbaas.conf"

    restart_neutron_server
}

function nfp_setup {
    prepare_nfp_image_builder
    create_nfp_image $1
    assign_user_role_credential $1
    create_nfp_gbp_resources $1
    get_router_namespace $1
    configure_lbaas $1
    copy_nfp_files_and_start_process $1
}