package org.apache.brooklyn.location.jclouds;

import com.google.common.annotations.Beta;
import com.google.common.base.MoreObjects;
import com.google.common.base.Optional;
import com.google.common.base.Predicate;
import com.google.common.base.Stopwatch;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Iterables;
import com.google.common.net.HostAndPort;
import java.util.Iterator;
import java.util.Map;
import javax.annotation.Nullable;
import org.apache.brooklyn.api.entity.Entity;
import org.apache.brooklyn.api.entity.EntityInitializer;
import org.apache.brooklyn.api.entity.EntityLocal;
import org.apache.brooklyn.config.ConfigKey;
import org.apache.brooklyn.core.config.ConfigKeys;
import org.apache.brooklyn.core.entity.Attributes;
import org.apache.brooklyn.core.entity.BrooklynConfigKeys;
import org.apache.brooklyn.core.location.LocationConfigKeys;
import org.apache.brooklyn.core.mgmt.BrooklynTaskTags;
import org.apache.brooklyn.core.objs.BasicConfigurableObject;
import org.apache.brooklyn.util.core.config.ConfigBag;
import org.apache.brooklyn.util.core.task.Tasks;
import org.apache.brooklyn.util.exceptions.Exceptions;
import org.apache.brooklyn.util.net.Networking;
import org.apache.brooklyn.util.time.Duration;
import org.jclouds.compute.domain.NodeMetadata;
import org.jclouds.domain.LoginCredentials;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Beta
/* loaded from: input_file:org/apache/brooklyn/location/jclouds/DefaultConnectivityResolver.class */
public class DefaultConnectivityResolver extends BasicConfigurableObject implements ConnectivityResolver, EntityInitializer {
    private static final Logger LOG = LoggerFactory.getLogger(DefaultConnectivityResolver.class);
    public static final ConfigKey<NetworkMode> NETWORK_MODE = ConfigKeys.newConfigKey(NetworkMode.class, "mode", "Operation mode: PREFER_PUBLIC, PREFER_PRIVATE, ONLY_PUBLIC or ONLY_PRIVATE");

    @Beta
    public static final ConfigKey<Boolean> CHECK_CREDENTIALS = ConfigKeys.newBooleanConfigKey("checkCredentials", "Indicates that credentials should be tested when determining endpoint reachability.", Boolean.TRUE);
    public static final ConfigKey<Boolean> PUBLISH_NETWORKS = ConfigKeys.newBooleanConfigKey("publishNetworks", "Indicates that the customizer should publish addresses as sensors on each entity", Boolean.TRUE);

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/brooklyn/location/jclouds/DefaultConnectivityResolver$AddressResolvable.class */
    public static class AddressResolvable implements Predicate<String> {
        private AddressResolvable() {
        }

        public boolean apply(@Nullable String str) {
            return DefaultConnectivityResolver.isAddressResolvable(str);
        }
    }

    /* loaded from: input_file:org/apache/brooklyn/location/jclouds/DefaultConnectivityResolver$NetworkMode.class */
    public enum NetworkMode {
        PREFER_PUBLIC,
        PREFER_PRIVATE,
        ONLY_PUBLIC,
        ONLY_PRIVATE
    }

    public DefaultConnectivityResolver() {
        this((Map<?, ?>) ImmutableMap.of());
    }

    public DefaultConnectivityResolver(Map<?, ?> map) {
        this(ConfigBag.newInstance(map));
    }

    public DefaultConnectivityResolver(ConfigBag configBag) {
        for (Map.Entry entry : configBag.getAllConfig().entrySet()) {
            config().set(ConfigKeys.newConfigKey(Object.class, (String) entry.getKey()), entry.getValue());
        }
    }

    public void apply(EntityLocal entityLocal) {
        String name = JcloudsLocationConfig.CONNECTIVITY_RESOLVER.getName();
        entityLocal.config().set(BrooklynConfigKeys.PROVISIONING_PROPERTIES.subKey(name), this);
        LOG.debug("{} set itself as the {} on {}", new Object[]{this, name, entityLocal});
    }

    @Override // org.apache.brooklyn.location.jclouds.ConnectivityResolver
    public ManagementAddressResolveResult resolve(JcloudsLocation jcloudsLocation, NodeMetadata nodeMetadata, ConfigBag configBag, ConnectivityResolverOptions connectivityResolverOptions) {
        LOG.debug("{} resolving management parameters for {}, node={}, config={}, options={}", new Object[]{this, jcloudsLocation, nodeMetadata, configBag, connectivityResolverOptions});
        Stopwatch createStarted = Stopwatch.createStarted();
        Entity contextEntity = getContextEntity(configBag);
        if (shouldPublishNetworks() && !connectivityResolverOptions.isRebinding() && contextEntity != null) {
            publishNetworks(nodeMetadata, contextEntity);
        }
        HostAndPort hostAndPort = null;
        LoginCredentials loginCredentials = null;
        Iterable<HostAndPort> managementCandidates = getManagementCandidates(jcloudsLocation, nodeMetadata, configBag, connectivityResolverOptions);
        Iterable<LoginCredentials> credentialCandidates = getCredentialCandidates(jcloudsLocation, nodeMetadata, connectivityResolverOptions, configBag);
        if (shouldCheckCredentials() && connectivityResolverOptions.pollForReachableAddresses()) {
            for (HostAndPort hostAndPort2 : managementCandidates) {
                Iterator<LoginCredentials> it = credentialCandidates.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    LoginCredentials next = it.next();
                    LOG.trace("Testing host={} with credential={}", hostAndPort2, next);
                    if (checkCredential(jcloudsLocation, hostAndPort2, next, configBag, connectivityResolverOptions.isWindows())) {
                        hostAndPort = hostAndPort2;
                        loginCredentials = next;
                        break;
                    }
                }
                if (hostAndPort != null) {
                    break;
                }
            }
        } else if (shouldCheckCredentials()) {
            LOG.debug("{} set on {} but pollForFirstReachableAddress={}", new Object[]{CHECK_CREDENTIALS.getName(), this, Boolean.valueOf(connectivityResolverOptions.pollForReachableAddresses())});
        }
        if (hostAndPort == null) {
            LOG.trace("Choosing first management candidate given node={} and mode={}", nodeMetadata, getNetworkMode());
            hostAndPort = (HostAndPort) Iterables.getFirst(managementCandidates, (Object) null);
        }
        if (hostAndPort == null) {
            LOG.trace("Choosing first address of node={} in mode={}", nodeMetadata, getNetworkMode());
            Iterator<String> it2 = getResolvableAddressesWithMode(nodeMetadata).iterator();
            if (it2.hasNext()) {
                HostAndPort.fromHost(it2.next());
            }
        }
        if (hostAndPort == null) {
            throw new IllegalStateException("jclouds did not return any IP addresses matching " + getNetworkMode() + " in " + jcloudsLocation);
        }
        if (loginCredentials == null) {
            loginCredentials = (LoginCredentials) Iterables.getFirst(credentialCandidates, (Object) null);
            if (loginCredentials == null) {
                throw new IllegalStateException("No credentials configured for " + jcloudsLocation);
            }
        }
        if (contextEntity != null) {
            contextEntity.sensors().set(Attributes.ADDRESS, hostAndPort.getHostText());
        }
        if (!isNetworkModeSet() && !connectivityResolverOptions.isWindows()) {
            boolean equals = Boolean.TRUE.equals(configBag.get(JcloudsLocationConfig.LOOKUP_AWS_HOSTNAME));
            String str = (String) configBag.get(JcloudsLocationConfig.CLOUD_PROVIDER);
            if (str == null) {
                str = jcloudsLocation.getProvider();
            }
            if (connectivityResolverOptions.waitForConnectable() && "aws-ec2".equals(str) && equals) {
                try {
                    LOG.debug("Resolving AWS hostname of {}", jcloudsLocation);
                    String hostnameAws = jcloudsLocation.getHostnameAws(hostAndPort, loginCredentials, configBag);
                    hostAndPort = HostAndPort.fromParts(hostnameAws, hostAndPort.getPort());
                    LOG.debug("Resolved AWS hostname of {}: {}", jcloudsLocation, hostnameAws);
                } catch (Exception e) {
                    LOG.debug("Failed to resolve AWS hostname of " + jcloudsLocation, e);
                }
            }
        }
        ManagementAddressResolveResult managementAddressResolveResult = new ManagementAddressResolveResult(hostAndPort, loginCredentials);
        LOG.debug("{} resolved management parameters for {} in {}: {}", new Object[]{this, jcloudsLocation, Duration.of(createStarted), managementAddressResolveResult});
        return managementAddressResolveResult;
    }

    private boolean shouldPublishNetworks() {
        return Boolean.TRUE.equals(config().get(PUBLISH_NETWORKS));
    }

    void publishNetworks(NodeMetadata nodeMetadata, Entity entity) {
        entity.sensors().set(PRIVATE_ADDRESSES, ImmutableSet.copyOf(nodeMetadata.getPrivateAddresses()));
        entity.sensors().set(PUBLIC_ADDRESSES, ImmutableSet.copyOf(nodeMetadata.getPublicAddresses()));
    }

    protected Iterable<HostAndPort> getManagementCandidates(JcloudsLocation jcloudsLocation, NodeMetadata nodeMetadata, ConfigBag configBag, ConnectivityResolverOptions connectivityResolverOptions) {
        Optional<HostAndPort> portForwardSshOverride = connectivityResolverOptions.portForwardSshOverride();
        if (portForwardSshOverride.isPresent()) {
            HostAndPort fromParts = HostAndPort.fromParts(((HostAndPort) portForwardSshOverride.get()).getHostText(), ((HostAndPort) portForwardSshOverride.get()).hasPort() ? ((HostAndPort) portForwardSshOverride.get()).getPort() : connectivityResolverOptions.defaultLoginPort());
            switch (getNetworkMode()) {
                case ONLY_PRIVATE:
                    LOG.info("Ignoring mode {} in favour of port forwarding override for management candidates of {}: {}", new Object[]{NetworkMode.ONLY_PRIVATE.name(), jcloudsLocation, fromParts});
                    break;
                default:
                    LOG.debug("Using host and port override for management candidates of {}: {}", jcloudsLocation, fromParts);
                    break;
            }
            return ImmutableList.of(fromParts);
        }
        if (connectivityResolverOptions.pollForReachableAddresses() && connectivityResolverOptions.reachableAddressPredicate() != null) {
            LOG.debug("Using reachable addresses for management candidates of {}", jcloudsLocation);
            try {
                return getReachableAddresses(nodeMetadata, connectivityResolverOptions.reachableAddressPredicate(), connectivityResolverOptions.reachableAddressTimeout());
            } catch (RuntimeException e) {
                if (connectivityResolverOptions.propagatePollForReachableFailure()) {
                    throw Exceptions.propagate(e);
                }
                LOG.warn("No reachable address ({}/{}); falling back to any advertised address; may cause future failures", jcloudsLocation.getCreationString(configBag), nodeMetadata);
            }
        } else if (connectivityResolverOptions.pollForReachableAddresses()) {
            throw new IllegalStateException(this + " was configured to expect " + nodeMetadata + " to be reachable and to poll for its reachable addresses but the predicate to determine reachability was null");
        }
        Iterable<String> resolvableAddressesWithMode = getResolvableAddressesWithMode(nodeMetadata);
        LOG.debug("Using first resolvable address in {} for management candidates of {}", Iterables.toString(resolvableAddressesWithMode), jcloudsLocation);
        for (String str : resolvableAddressesWithMode) {
            if (isAddressResolvable(str)) {
                return ImmutableList.of(HostAndPort.fromParts(str, connectivityResolverOptions.defaultLoginPort()));
            }
            LOG.debug("Unresolvable address: " + str);
        }
        LOG.warn("No resolvable address in {} ({}/{}); using first; may cause future failures", new Object[]{resolvableAddressesWithMode, jcloudsLocation.getCreationString(configBag), nodeMetadata});
        String str2 = (String) Iterables.getFirst(resolvableAddressesWithMode, (Object) null);
        return str2 != null ? ImmutableList.of(HostAndPort.fromParts(str2, connectivityResolverOptions.defaultLoginPort())) : ImmutableList.of();
    }

    protected Iterable<HostAndPort> getReachableAddresses(NodeMetadata nodeMetadata, Predicate<? super HostAndPort> predicate, Duration duration) {
        if (duration == null) {
            duration = Duration.FIVE_MINUTES;
        }
        return JcloudsUtil.getReachableAddresses(getResolvableAddressesWithMode(nodeMetadata), nodeMetadata.getLoginPort(), duration, predicate);
    }

    protected Iterable<String> getResolvableAddressesWithMode(NodeMetadata nodeMetadata) {
        Iterable concat;
        switch (getNetworkMode()) {
            case ONLY_PRIVATE:
                concat = nodeMetadata.getPrivateAddresses();
                break;
            case ONLY_PUBLIC:
                concat = nodeMetadata.getPublicAddresses();
                break;
            case PREFER_PRIVATE:
                concat = Iterables.concat(nodeMetadata.getPrivateAddresses(), nodeMetadata.getPublicAddresses());
                break;
            case PREFER_PUBLIC:
            default:
                concat = Iterables.concat(nodeMetadata.getPublicAddresses(), nodeMetadata.getPrivateAddresses());
                break;
        }
        return FluentIterable.from(concat).filter(new AddressResolvable());
    }

    protected static boolean isAddressResolvable(String str) {
        try {
            Networking.getInetAddressWithFixedName(str);
            return true;
        } catch (RuntimeException e) {
            Exceptions.propagateIfFatal(e);
            return false;
        }
    }

    protected boolean shouldCheckCredentials() {
        return Boolean.TRUE.equals(config().get(CHECK_CREDENTIALS));
    }

    protected boolean checkCredential(JcloudsLocation jcloudsLocation, HostAndPort hostAndPort, LoginCredentials loginCredentials, ConfigBag configBag, boolean z) {
        try {
            if (z) {
                jcloudsLocation.waitForWinRmAvailable(loginCredentials, hostAndPort, configBag);
                return true;
            }
            jcloudsLocation.waitForSshable(hostAndPort, ImmutableList.of(loginCredentials), configBag);
            return true;
        } catch (IllegalStateException e) {
            return false;
        }
    }

    protected Iterable<LoginCredentials> getCredentialCandidates(JcloudsLocation jcloudsLocation, NodeMetadata nodeMetadata, ConnectivityResolverOptions connectivityResolverOptions, ConfigBag configBag) {
        LoginCredentials loginCredentials = null;
        if (connectivityResolverOptions.skipJcloudsSshing() && connectivityResolverOptions.waitForConnectable()) {
            return (connectivityResolverOptions.isWindows() && connectivityResolverOptions.initialCredentials().isPresent()) ? ImmutableList.of(connectivityResolverOptions.initialCredentials().get()) : jcloudsLocation.generateCredentials(nodeMetadata.getCredentials(), (String) configBag.get(JcloudsLocationConfig.LOGIN_USER));
        }
        LoginCredentials loginCredentials2 = (LoginCredentials) configBag.get(JcloudsLocationConfig.CUSTOM_CREDENTIALS);
        if (loginCredentials2 != null) {
            loginCredentials = loginCredentials2;
            LOG.debug("Using username {}, from custom credentials, on node {}. User was previously {}", new Object[]{loginCredentials2.getUser(), nodeMetadata, configBag.put(JcloudsLocationConfig.USER, loginCredentials2.getUser())});
            if (loginCredentials2.getOptionalPassword().isPresent()) {
                configBag.put(JcloudsLocationConfig.PASSWORD, loginCredentials2.getOptionalPassword().get());
            }
            if (loginCredentials2.getOptionalPrivateKey().isPresent()) {
                configBag.put(JcloudsLocationConfig.PRIVATE_KEY_DATA, loginCredentials2.getOptionalPrivateKey().get());
            }
        }
        if ((loginCredentials == null || (!loginCredentials.getOptionalPassword().isPresent() && !loginCredentials.getOptionalPrivateKey().isPresent())) && connectivityResolverOptions.initialCredentials().isPresent()) {
            if (loginCredentials != null) {
                LOG.debug("Custom credential from {} is missing both password and private key; extracting them from the VM: {}", JcloudsLocationConfig.CUSTOM_CREDENTIALS.getName(), loginCredentials);
            }
            loginCredentials = jcloudsLocation.extractVmCredentials(configBag, nodeMetadata, (LoginCredentials) connectivityResolverOptions.initialCredentials().get());
        }
        if (loginCredentials == null) {
            loginCredentials = nodeMetadata.getCredentials();
        }
        return loginCredentials != null ? ImmutableList.of(loginCredentials) : ImmutableList.of();
    }

    protected Entity getContextEntity(ConfigBag configBag) {
        Object obj = configBag.get(LocationConfigKeys.CALLER_CONTEXT);
        if (obj instanceof Entity) {
            return (Entity) obj;
        }
        Entity contextEntity = BrooklynTaskTags.getContextEntity(Tasks.current());
        if (contextEntity != null) {
            return contextEntity;
        }
        LOG.warn("No context entity found in config or current task");
        return null;
    }

    protected NetworkMode getNetworkMode() {
        NetworkMode networkMode = (NetworkMode) config().get(NETWORK_MODE);
        return networkMode != null ? networkMode : NetworkMode.PREFER_PUBLIC;
    }

    private boolean isNetworkModeSet() {
        return config().get(NETWORK_MODE) != null;
    }

    public String toString() {
        return MoreObjects.toStringHelper(this).add("mode", getNetworkMode()).toString();
    }
}
