package com.yahoo.vespa.hosted.node.admin.docker;

import com.yahoo.collections.Pair;
import com.yahoo.system.ProcessExecuter;
import com.yahoo.vespa.defaults.Defaults;
import com.yahoo.vespa.hosted.dockerapi.Container;
import com.yahoo.vespa.hosted.dockerapi.ContainerName;
import com.yahoo.vespa.hosted.dockerapi.Docker;
import com.yahoo.vespa.hosted.dockerapi.DockerImage;
import com.yahoo.vespa.hosted.dockerapi.DockerNetworkCreator;
import com.yahoo.vespa.hosted.dockerapi.ProcessResult;
import com.yahoo.vespa.hosted.node.admin.ContainerNodeSpec;
import com.yahoo.vespa.hosted.node.admin.util.Environment;
import com.yahoo.vespa.hosted.node.admin.util.PrefixLogger;
import java.io.IOException;
import java.net.Inet6Address;
import java.net.InetAddress;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.regex.Pattern;
import java.util.stream.Stream;

/* loaded from: input_file:com/yahoo/vespa/hosted/node/admin/docker/DockerOperationsImpl.class */
public class DockerOperationsImpl implements DockerOperations {
    private static final String MANAGER_NAME = "node-admin";
    private final Docker docker;
    private final Environment environment;
    private final ProcessExecuter processExecuter;
    public static final String NODE_PROGRAM = Defaults.getDefaults().underVespaHome("bin/vespa-nodectl");
    private static final String[] RESUME_NODE_COMMAND = {NODE_PROGRAM, "resume"};
    private static final String[] SUSPEND_NODE_COMMAND = {NODE_PROGRAM, "suspend"};
    private static final String[] RESTART_VESPA_ON_NODE_COMMAND = {NODE_PROGRAM, "restart-vespa"};
    private static final String[] STOP_NODE_COMMAND = {NODE_PROGRAM, "stop"};
    private static final Pattern VESPA_VERSION_PATTERN = Pattern.compile("^(\\S*)$", 8);
    private static final Map<String, Boolean> DIRECTORIES_TO_MOUNT = new HashMap();

    public DockerOperationsImpl(Docker docker, Environment environment, ProcessExecuter processExecuter) {
        this.docker = docker;
        this.environment = environment;
        this.processExecuter = processExecuter;
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void startContainer(ContainerName containerName, ContainerNodeSpec containerNodeSpec) {
        PrefixLogger nodeAgentLogger = PrefixLogger.getNodeAgentLogger(DockerOperationsImpl.class, containerName);
        nodeAgentLogger.info("Starting container " + containerName);
        try {
            InetAddress inetAddressForHost = this.environment.getInetAddressForHost(containerNodeSpec.hostname);
            boolean z = inetAddressForHost instanceof Inet6Address;
            Docker.CreateContainerCommand withAddCapability = this.docker.createContainerCommand(containerNodeSpec.wantedDockerImage.get(), containerName, containerNodeSpec.hostname).withManagedBy(MANAGER_NAME).withNetworkMode("vespa-macvlan").withIpAddress(inetAddressForHost).withEnvironment("CONFIG_SERVER_ADDRESS", String.join(",", this.environment.getConfigServerHosts())).withUlimit("nofile", 262144, 262144).withUlimit("nproc", 32768, 409600).withUlimit("core", -1, -1).withAddCapability("SYS_PTRACE").withAddCapability("SYS_ADMIN");
            withAddCapability.withVolume("/etc/hosts", "/etc/hosts");
            for (String str : DIRECTORIES_TO_MOUNT.keySet()) {
                withAddCapability.withVolume(this.environment.pathInHostFromPathInNode(containerName, str).toString(), str);
            }
            long doubleValue = (long) (containerNodeSpec.minMainMemoryAvailableGb.doubleValue() * 1024.0d);
            if (doubleValue > 0) {
                withAddCapability.withMemoryInMb(doubleValue);
                withAddCapability.withEnvironment("VESPA_TOTAL_MEMORY_MB", Long.toString(doubleValue));
            }
            withAddCapability.withCpuShares((int) Math.round(10.0d * containerNodeSpec.minCpuCores.doubleValue()));
            nodeAgentLogger.info("Starting new container with args: " + withAddCapability);
            withAddCapability.create();
            if (z) {
                this.docker.connectContainerToNetwork(containerName, "bridge");
                this.docker.startContainer(containerName);
                setupContainerNetworkingWithScript(containerName);
            } else {
                this.docker.startContainer(containerName);
            }
            DIRECTORIES_TO_MOUNT.entrySet().stream().filter((v0) -> {
                return v0.getValue();
            }).forEach(entry -> {
                this.docker.executeInContainerAsRoot(containerName, new String[]{"chmod", "-R", "a+w", (String) entry.getKey()});
            });
        } catch (IOException e) {
            throw new RuntimeException("Failed to create container " + containerName.asString(), e);
        }
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void removeContainer(Container container) {
        ContainerName containerName = container.name;
        PrefixLogger nodeAgentLogger = PrefixLogger.getNodeAgentLogger(DockerOperationsImpl.class, containerName);
        if (container.state.isRunning()) {
            nodeAgentLogger.info("Stopping container " + containerName.asString());
            this.docker.stopContainer(containerName);
        }
        nodeAgentLogger.info("Deleting container " + containerName.asString());
        this.docker.deleteContainer(containerName);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public Optional<Container> getContainer(ContainerName containerName) {
        return this.docker.getContainer(containerName);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void trySuspendNode(ContainerName containerName) {
        try {
            executeCommandInContainer(containerName, SUSPEND_NODE_COMMAND);
        } catch (RuntimeException e) {
            PrefixLogger.getNodeAgentLogger(DockerOperationsImpl.class, containerName).warning("Failed trying to suspend container " + containerName.asString() + "  with " + Arrays.toString(SUSPEND_NODE_COMMAND), e);
        }
    }

    private void setupContainerNetworkingWithScript(ContainerName containerName) throws IOException {
        executeCommandInNetworkNamespace(containerName, "route", "-A", "inet6", "add", "default", "gw", DockerNetworkCreator.getDefaultGatewayLinux(true).getHostAddress(), "dev", "eth1");
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public boolean pullImageAsyncIfNeeded(DockerImage dockerImage) {
        return this.docker.pullImageAsyncIfNeeded(dockerImage);
    }

    ProcessResult executeCommandInContainer(ContainerName containerName, String... strArr) {
        ProcessResult executeInContainerAsRoot = this.docker.executeInContainerAsRoot(containerName, strArr);
        if (executeInContainerAsRoot.isSuccess()) {
            return executeInContainerAsRoot;
        }
        throw new RuntimeException("Container " + containerName.asString() + ": command " + Arrays.toString(strArr) + " failed: " + executeInContainerAsRoot);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public ProcessResult executeCommandInContainerAsRoot(ContainerName containerName, Long l, String... strArr) {
        return this.docker.executeInContainerAsRoot(containerName, l, strArr);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public ProcessResult executeCommandInContainerAsRoot(ContainerName containerName, String... strArr) {
        return this.docker.executeInContainerAsRoot(containerName, strArr);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void executeCommandInNetworkNamespace(ContainerName containerName, String... strArr) {
        PrefixLogger nodeAgentLogger = PrefixLogger.getNodeAgentLogger(DockerOperationsImpl.class, containerName);
        Integer num = (Integer) this.docker.getContainer(containerName).filter(container -> {
            return container.state.isRunning();
        }).map(container2 -> {
            return Integer.valueOf(container2.pid);
        }).orElseThrow(() -> {
            return new RuntimeException("PID not found for container with name: " + containerName.asString());
        });
        String[] strArr2 = (String[]) Stream.concat(Stream.of((Object[]) new String[]{"sudo", "nsenter", String.format("--net=/host/proc/%d/ns/net", num), "--"}), Stream.of((Object[]) strArr)).toArray(i -> {
            return new String[i];
        });
        try {
            Pair exec = this.processExecuter.exec(strArr2);
            if (((Integer) exec.getFirst()).intValue() != 0) {
                String format = String.format("Failed to execute %s in network namespace for %s (PID = %d), exit code: %d, output: %s", Arrays.toString(strArr2), containerName.asString(), num, exec.getFirst(), exec.getSecond());
                nodeAgentLogger.error(format);
                throw new RuntimeException(format);
            }
        } catch (IOException e) {
            nodeAgentLogger.warning(String.format("IOException while executing %s in network namespace for %s (PID = %d)", Arrays.toString(strArr2), containerName.asString(), num), e);
            throw new RuntimeException(e);
        }
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void resumeNode(ContainerName containerName) {
        executeCommandInContainer(containerName, RESUME_NODE_COMMAND);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void restartVespaOnNode(ContainerName containerName) {
        executeCommandInContainer(containerName, RESTART_VESPA_ON_NODE_COMMAND);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void stopServicesOnNode(ContainerName containerName) {
        executeCommandInContainer(containerName, STOP_NODE_COMMAND);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public Optional<Docker.ContainerStats> getContainerStats(ContainerName containerName) {
        return this.docker.getContainerStats(containerName);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public List<Container> getAllManagedContainers() {
        return this.docker.getAllContainersManagedBy(MANAGER_NAME);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public List<ContainerName> listAllManagedContainers() {
        return this.docker.listAllContainersManagedBy(MANAGER_NAME);
    }

    @Override // com.yahoo.vespa.hosted.node.admin.docker.DockerOperations
    public void deleteUnusedDockerImages() {
        this.docker.deleteUnusedDockerImages();
    }

    static {
        DIRECTORIES_TO_MOUNT.put("/etc/yamas-agent", true);
        DIRECTORIES_TO_MOUNT.put("/etc/filebeat", true);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/daemontools_y"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/jdisc_core"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/langdetect/"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/vespa"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/yca"), true);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/yck"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/yell"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/ykeykey"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/ykeykeyd"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/yms_agent"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/ysar"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/ystatus"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("logs/zpe_policy_updater"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/cache"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/crash"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/db/jdisc"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/db/vespa"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/jdisc_container"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/jdisc_core"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/maven"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/run"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/scoreboards"), true);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/service"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/share"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/spool"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/vespa"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/yca"), true);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/ycore++"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("var/zookeeper"), false);
        DIRECTORIES_TO_MOUNT.put(Defaults.getDefaults().underVespaHome("tmp"), false);
    }
}
