#!/bin/bash

# Copyright 2018 VMware, Inc.
#
# All Rights Reserved
#
#    Licensed under the Apache License, Version 2.0 (the "License"); you may
#    not use this file except in compliance with the License. You may obtain
#    a copy of the License at
#
#         http://www.apache.org/licenses/LICENSE-2.0
#
#    Unless required by applicable law or agreed to in writing, software
#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
#    License for the specific language governing permissions and limitations
#    under the License.


# Neutron VMware NSX Policy plugin
# --------------------------------

# Save trace setting
NSX_XTRACE=$(set +o | grep xtrace)
set +o xtrace

dir=${GITDIR['vmware-nsx']}/devstack
source $dir/lib/nsx_common
source $dir/lib/nsx_v3_p_common

function _ovsdb_connection {
    managers=(${NSX_POLICY//,/ })
    _ovsdb_connection_common ${managers[0]}
}

function setup_integration_bridge {
    die_if_not_set $LINENO NSX_POLICY "NSX_POLICY has not been set!"
    setup_integration_bridge_common
}

function neutron_plugin_configure_common {
    neutron_plugin_configure_common_v3 "vmware_nsxp"
}

function neutron_plugin_configure_service {
    nsxp_configure_service nsx_p
    iniset /$Q_PLUGIN_CONF_FILE DEFAULT nsx_extension_drivers vmware_nsxp_dns
}

function nsxp_configure_service {
    install_neutron_projects
    _nsxp_ini_set default_overlay_tz $DEFAULT_OVERLAY_TZ_UUID
    _nsxp_ini_set default_vlan_tz $DEFAULT_VLAN_TZ_UUID
    if [[ "$DEFAULT_TIER0_ROUTER_UUID" != "" ]]; then
        _nsxp_ini_set default_tier0_router $DEFAULT_TIER0_ROUTER_UUID
        Q_L3_ENABLED=True
        Q_L3_ROUTER_PER_TENANT=True
    fi
    # NSX_POLICY must be a comma separated string
    if [[ "$NSX_POLICIES" != "" ]]; then
        _nsxp_ini_set nsx_api_managers $NSX_POLICIES
    elif [[ "$NSX_POLICY" != "" ]]; then
        _nsxp_ini_set nsx_api_managers $NSX_POLICY
    else
        if [[ $1 == "nsx_p" ]]; then
            die $LINENO "The VMware nsx-p plugin needs at least one NSX policy manager."
        fi
    fi
    if [[ "$NSX_L2GW_DRIVER" != "" ]]; then
        iniset /$Q_PLUGIN_CONF_FILE DEFAULT nsx_l2gw_driver $NSX_L2GW_DRIVER
    fi

    _nsxp_ini_set native_metadata_route $NATIVE_METADATA_ROUTE
    _nsxp_ini_set dhcp_profile $DHCP_PROFILE_UUID
    _nsxp_ini_set metadata_proxy $METADATA_PROXY_UUID
    iniset $NEUTRON_CONF DEFAULT dhcp_agent_notification False

    _nsxp_ini_set nsx_api_user $NSX_USER
    _nsxp_ini_set nsx_api_password $NSX_PASSWORD
    _nsxp_ini_set retries $NSX_RETRIES
    _nsxp_ini_set insecure $NSX_INSECURE
    _nsxp_ini_set ca_file $NSX_CA_FILE

    if [[ "$NSX_USE_CLIENT_CERT_AUTH" == "True" ]]; then
        _nsxp_ini_set nsx_use_client_auth "True"
        _nsxp_ini_set nsx_client_cert_file "$CLIENT_CERT_FILE"
        _nsxp_ini_set nsx_client_cert_storage "nsx-db"
        _nsxp_ini_set nsx_client_cert_pk_password "openstack"
    fi
}

function init_vmware_nsx_p {
    # Generate client certificate
    if [[ "$NSX_USE_CLIENT_CERT_AUTH" == "True" ]]; then
        nsxadmin -o generate -r certificate
    fi
    if ! is_set NSX_GATEWAY_NETWORK_INTERFACE; then
        echo "NSX_GATEWAY_NETWORK_INTERFACE not set not configuring routes"
        return
    fi

    if ! is_set NSX_GATEWAY_NETWORK_CIDR; then
        NSX_GATEWAY_NETWORK_CIDR=$PUBLIC_NETWORK_GATEWAY/${FLOATING_RANGE#*/}
        echo "The IP address to set on $PUBLIC_BRIDGE was not specified. "
        echo "Defaulting to $NSX_GATEWAY_NETWORK_CIDR"
    fi
    # Make sure the interface is up, but not configured
    sudo ip link set $NSX_GATEWAY_NETWORK_INTERFACE up
    # Save and then flush the IP addresses on the interface
    addresses=$(ip addr show dev $NSX_GATEWAY_NETWORK_INTERFACE | grep inet | awk {'print $2'})
    sudo ip addr flush $NSX_GATEWAY_NETWORK_INTERFACE
    # Use the PUBLIC Bridge to route traffic to the NSX gateway
    get_bridge_up
}

function stop_vmware_nsx_p {
    # Clean client certificate if exists
    nsxadmin -o clean -r certificate

    if ! is_set NSX_GATEWAY_NETWORK_INTERFACE; then
        echo "NSX_GATEWAY_NETWORK_INTERFACE was not configured."
        return
    fi

    set_nsx_gateway_network_cidr
}

# Restore xtrace
$NSX_XTRACE
