package com.yahoo.vespa.hosted.node.admin.maintenance;

import com.yahoo.collections.Pair;
import com.yahoo.config.provision.NodeType;
import com.yahoo.io.IOUtils;
import com.yahoo.log.LogLevel;
import com.yahoo.system.ProcessExecuter;
import com.yahoo.vespa.defaults.Defaults;
import com.yahoo.vespa.hosted.dockerapi.Container;
import com.yahoo.vespa.hosted.node.admin.component.Environment;
import com.yahoo.vespa.hosted.node.admin.configserver.noderepository.NodeSpec;
import com.yahoo.vespa.hosted.node.admin.docker.DockerNetworking;
import com.yahoo.vespa.hosted.node.admin.docker.DockerOperations;
import com.yahoo.vespa.hosted.node.admin.logging.FilebeatConfigProvider;
import com.yahoo.vespa.hosted.node.admin.maintenance.coredump.CoredumpHandler;
import com.yahoo.vespa.hosted.node.admin.nodeagent.NodeAgentContext;
import com.yahoo.vespa.hosted.node.admin.task.util.file.FileFinder;
import com.yahoo.vespa.hosted.node.admin.task.util.file.IOExceptionUtil;
import com.yahoo.vespa.hosted.node.admin.task.util.file.UnixPath;
import com.yahoo.vespa.hosted.node.admin.util.SecretAgentCheckConfig;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.attribute.PosixFilePermissions;
import java.time.Duration;
import java.time.Instant;
import java.time.ZoneOffset;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import java.util.stream.Stream;

/* loaded from: input_file:com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainer.class */
public class StorageMaintainer {
    private static final Logger logger = Logger.getLogger(StorageMaintainer.class.getName());
    private static final DateTimeFormatter DATE_TIME_FORMATTER = DateTimeFormatter.ofPattern("yyyyMMddHHmmss").withZone(ZoneOffset.UTC);
    private final DockerOperations dockerOperations;
    private final ProcessExecuter processExecuter;
    private final Environment environment;
    private final CoredumpHandler coredumpHandler;
    private final Path archiveContainerStoragePath;

    public StorageMaintainer(DockerOperations dockerOperations, ProcessExecuter processExecuter, Environment environment, CoredumpHandler coredumpHandler, Path path) {
        this.dockerOperations = dockerOperations;
        this.processExecuter = processExecuter;
        this.environment = environment;
        this.coredumpHandler = coredumpHandler;
        this.archiveContainerStoragePath = path;
    }

    public void writeMetricsConfig(NodeAgentContext nodeAgentContext, NodeSpec nodeSpec) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("host-life", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_host_life"), new String[0])));
        arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("ntp", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_ntp"), new String[0])));
        arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("system-coredumps-processing", 300, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_coredumps"), "--application", "system-coredumps-processing", "--lastmin", "129600", "--crit", "1", "--coredir", nodeAgentContext.pathInNodeUnderVespaHome("var/crash/processing").toString())));
        arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("athenz-certificate-expiry", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec64/yms/yms_check_athenz_certs"), "--threshold", "20").withRunAsUser("root")));
        if (nodeAgentContext.nodeType() != NodeType.config) {
            arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("vespa-health", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_vespa_health"), "all")));
            arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("vespa", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_vespa"), "all")));
        }
        if (nodeAgentContext.nodeType() == NodeType.config) {
            arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("configserver", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_ymonsb2"), "-zero", "configserver")));
            arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("zkbackupage", 300, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yamas2/yms_check_file_age.py"), "-f", nodeAgentContext.pathInNodeUnderVespaHome("var/vespa-hosted/zkbackup.stat").toString(), "-m", "150", "-a", "config-zkbackupage")));
        }
        if (nodeAgentContext.nodeType() == NodeType.proxy) {
            arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("routing-configage", 60, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yamas2/yms_check_file_age.py"), "-f", nodeAgentContext.pathInNodeUnderVespaHome("var/vespa-hosted/routing/nginx.conf").toString(), "-m", "90", "-a", "routing-configage")));
            arrayList.add(annotatedCheck(nodeSpec, new SecretAgentCheckConfig("ssl-status", 300, nodeAgentContext.pathInNodeUnderVespaHome("libexec/yms/yms_check_ssl_status"), "-e", "localhost", "-p", "4443", "-t", "30")));
        }
        Path pathOnHostFromPathInNode = nodeAgentContext.pathOnHostFromPathInNode("/etc/yamas-agent");
        IOExceptionUtil.ifExists(() -> {
            return Files.setPosixFilePermissions(pathOnHostFromPathInNode, PosixFilePermissions.fromString("rw-r--r--"));
        });
        arrayList.forEach(secretAgentCheckConfig -> {
            IOExceptionUtil.uncheck(() -> {
                secretAgentCheckConfig.writeTo(pathOnHostFromPathInNode);
            });
        });
        this.dockerOperations.executeCommandInContainerAsRoot(nodeAgentContext, "service", "yamas-agent", "restart");
    }

    private SecretAgentCheckConfig annotatedCheck(NodeSpec nodeSpec, SecretAgentCheckConfig secretAgentCheckConfig) {
        secretAgentCheckConfig.withTag("namespace", "Vespa").withTag("role", SecretAgentCheckConfig.nodeTypeToRole(nodeSpec.getNodeType())).withTag("flavor", nodeSpec.getFlavor()).withTag("canonicalFlavor", nodeSpec.getCanonicalFlavor()).withTag("state", nodeSpec.getState().toString()).withTag("zone", this.environment.getZone()).withTag("parentHostname", this.environment.getParentHostHostname());
        nodeSpec.getOwner().ifPresent(owner -> {
            secretAgentCheckConfig.withTag("tenantName", owner.getTenant()).withTag("app", owner.getApplication() + "." + owner.getInstance()).withTag("applicationName", owner.getApplication()).withTag("instanceName", owner.getInstance()).withTag("applicationId", owner.getTenant() + "." + owner.getApplication() + "." + owner.getInstance());
        });
        nodeSpec.getMembership().ifPresent(membership -> {
            secretAgentCheckConfig.withTag("clustertype", membership.getClusterType()).withTag("clusterid", membership.getClusterId());
        });
        nodeSpec.getVespaVersion().ifPresent(str -> {
            secretAgentCheckConfig.withTag("vespaVersion", str);
        });
        return secretAgentCheckConfig;
    }

    public void writeFilebeatConfig(NodeAgentContext nodeAgentContext, NodeSpec nodeSpec) {
        try {
            Optional<String> config = new FilebeatConfigProvider(this.environment).getConfig(nodeAgentContext, nodeSpec);
            if (config.isPresent()) {
                Files.write(nodeAgentContext.pathOnHostFromPathInNode("/etc/filebeat/filebeat.yml"), config.get().getBytes(), new OpenOption[0]);
                nodeAgentContext.log(logger, "Wrote filebeat config");
            }
        } catch (Throwable th) {
            nodeAgentContext.log(logger, LogLevel.ERROR, "Failed writing filebeat config", th);
        }
    }

    public Optional<Long> getDiskUsageFor(NodeAgentContext nodeAgentContext) {
        Path pathOnHostFromPathInNode = nodeAgentContext.pathOnHostFromPathInNode("/");
        try {
            return Optional.of(Long.valueOf(getDiskUsedInBytes(pathOnHostFromPathInNode)));
        } catch (Throwable th) {
            nodeAgentContext.log(logger, LogLevel.WARNING, "Problems during disk usage calculations in " + pathOnHostFromPathInNode.toAbsolutePath(), th);
            return Optional.empty();
        }
    }

    long getDiskUsedInBytes(Path path) throws IOException, InterruptedException {
        if (!Files.exists(path, new LinkOption[0])) {
            return 0L;
        }
        Process start = new ProcessBuilder(new String[0]).command("du", "-xsk", path.toString()).start();
        if (!start.waitFor(60L, TimeUnit.SECONDS)) {
            start.destroy();
            start.waitFor();
            throw new RuntimeException("Disk usage command timed out, aborting.");
        }
        String readAll = IOUtils.readAll(new InputStreamReader(start.getInputStream()));
        String[] split = readAll.split("\t");
        if (split.length != 2) {
            throw new RuntimeException("Result from disk usage command not as expected: " + readAll);
        }
        return Long.valueOf(split[0]).longValue() * 1024;
    }

    public void removeOldFilesFromNode(NodeAgentContext nodeAgentContext) {
        for (Path path : new Path[]{nodeAgentContext.pathInNodeUnderVespaHome("logs/elasticsearch2"), nodeAgentContext.pathInNodeUnderVespaHome("logs/logstash2"), nodeAgentContext.pathInNodeUnderVespaHome("logs/daemontools_y"), nodeAgentContext.pathInNodeUnderVespaHome("logs/nginx"), nodeAgentContext.pathInNodeUnderVespaHome("logs/vespa")}) {
            FileFinder.files(nodeAgentContext.pathOnHostFromPathInNode(path)).match(FileFinder.olderThan(Duration.ofDays(3L)).and(FileFinder.nameMatches(Pattern.compile(".*\\.log.+")))).maxDepth(1).deleteRecursively();
        }
        FileFinder.files(nodeAgentContext.pathOnHostFromPathInNode(nodeAgentContext.pathInNodeUnderVespaHome("logs/vespa/qrs"))).match(FileFinder.olderThan(Duration.ofDays(3L))).deleteRecursively();
        FileFinder.files(nodeAgentContext.pathOnHostFromPathInNode(nodeAgentContext.pathInNodeUnderVespaHome("logs/vespa/logarchive"))).match(FileFinder.olderThan(Duration.ofDays(31L))).deleteRecursively();
        FileFinder.directories(nodeAgentContext.pathOnHostFromPathInNode(nodeAgentContext.pathInNodeUnderVespaHome("var/db/vespa/filedistribution"))).match(FileFinder.olderThan(Duration.ofDays(31L))).deleteRecursively();
    }

    public void handleCoreDumpsForContainer(NodeAgentContext nodeAgentContext, NodeSpec nodeSpec, Optional<Container> optional) {
        this.coredumpHandler.converge(nodeAgentContext, getCoredumpNodeAttributes(nodeSpec, optional));
    }

    private Map<String, Object> getCoredumpNodeAttributes(NodeSpec nodeSpec, Optional<Container> optional) {
        HashMap hashMap = new HashMap();
        hashMap.put("hostname", nodeSpec.getHostname());
        hashMap.put("parent_hostname", this.environment.getParentHostHostname());
        hashMap.put("region", this.environment.getRegion());
        hashMap.put("environment", this.environment.getEnvironment());
        hashMap.put("flavor", nodeSpec.getFlavor());
        hashMap.put("kernel_version", System.getProperty("os.version"));
        optional.map(container -> {
            return container.image;
        }).ifPresent(dockerImage -> {
            hashMap.put("docker_image", dockerImage.asString());
        });
        nodeSpec.getVespaVersion().ifPresent(str -> {
            hashMap.put("vespa_version", str);
        });
        nodeSpec.getOwner().ifPresent(owner -> {
            hashMap.put("tenant", owner.getTenant());
            hashMap.put("application", owner.getApplication());
            hashMap.put("instance", owner.getInstance());
        });
        return Collections.unmodifiableMap(hashMap);
    }

    public void archiveNodeStorage(NodeAgentContext nodeAgentContext) {
        Path pathInNodeUnderVespaHome = nodeAgentContext.pathInNodeUnderVespaHome("logs");
        Path pathOnHostFromPathInNode = nodeAgentContext.pathOnHostFromPathInNode(pathInNodeUnderVespaHome);
        Path resolve = this.archiveContainerStoragePath.resolve(nodeAgentContext.containerName().asString() + "_" + DATE_TIME_FORMATTER.format(Instant.now()) + pathInNodeUnderVespaHome);
        new UnixPath(resolve).createParents();
        new UnixPath(pathOnHostFromPathInNode).moveIfExists(resolve);
        new UnixPath(nodeAgentContext.pathOnHostFromPathInNode("/")).deleteRecursively();
    }

    public String getHardwareDivergence(NodeSpec nodeSpec) {
        ArrayList arrayList = new ArrayList(Arrays.asList("specification", "--disk", Double.toString(nodeSpec.getMinDiskAvailableGb()), "--memory", Double.toString(nodeSpec.getMinMainMemoryAvailableGb()), "--cpu_cores", Double.toString(nodeSpec.getMinCpuCores()), "--is_ssd", Boolean.toString(nodeSpec.isFastDisk()), "--bandwidth", Double.toString(nodeSpec.getBandwidth()), "--ips", String.join(",", nodeSpec.getIpAddresses())));
        if (this.environment.getDockerNetworking() == DockerNetworking.HOST_NETWORK) {
            arrayList.add("--skip-reverse-lookup");
        }
        nodeSpec.getHardwareDivergence().ifPresent(str -> {
            arrayList.add("--divergence");
            arrayList.add(str);
        });
        return executeMaintainer("com.yahoo.vespa.hosted.node.verification.Main", (String[]) arrayList.toArray(new String[0]));
    }

    private String executeMaintainer(String str, String... strArr) {
        String[] strArr2 = (String[]) Stream.concat(Stream.of((Object[]) new String[]{"sudo", "VESPA_HOSTNAME=" + Defaults.getDefaults().vespaHostname(), "VESPA_HOME=" + Defaults.getDefaults().vespaHome(), Defaults.getDefaults().underVespaHome("libexec/vespa/node-admin/maintenance.sh"), str}), Stream.of((Object[]) strArr)).toArray(i -> {
            return new String[i];
        });
        try {
            Pair exec = this.processExecuter.exec(strArr2);
            if (((Integer) exec.getFirst()).intValue() != 0) {
                throw new RuntimeException(String.format("Maintainer failed to execute command: %s, Exit code: %d, Stdout/stderr: %s", Arrays.toString(strArr2), exec.getFirst(), exec.getSecond()));
            }
            return ((String) exec.getSecond()).trim();
        } catch (IOException e) {
            throw new RuntimeException("Failed to execute maintainer", e);
        }
    }
}
