package org.apache.hadoop.ozone.container.replication;

import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLException;
import org.apache.hadoop.hdds.conf.Config;
import org.apache.hadoop.hdds.conf.ConfigGroup;
import org.apache.hadoop.hdds.conf.ConfigTag;
import org.apache.hadoop.hdds.security.x509.SecurityConfig;
import org.apache.hadoop.hdds.security.x509.certificate.client.CertificateClient;
import org.apache.hadoop.hdds.tracing.GrpcServerInterceptor;
import org.apache.hadoop.ozone.container.ozoneimpl.ContainerController;
import org.apache.ratis.thirdparty.io.grpc.Server;
import org.apache.ratis.thirdparty.io.grpc.ServerInterceptor;
import org.apache.ratis.thirdparty.io.grpc.ServerInterceptors;
import org.apache.ratis.thirdparty.io.grpc.netty.GrpcSslContexts;
import org.apache.ratis.thirdparty.io.grpc.netty.NettyServerBuilder;
import org.apache.ratis.thirdparty.io.netty.handler.ssl.ClientAuth;
import org.apache.ratis.thirdparty.io.netty.handler.ssl.SslContextBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/hadoop/ozone/container/replication/ReplicationServer.class */
public class ReplicationServer {
    private static final Logger LOG = LoggerFactory.getLogger(ReplicationServer.class);
    private Server server;
    private SecurityConfig secConf;
    private CertificateClient caClient;
    private ContainerController controller;
    private int port;

    @ConfigGroup(prefix = "hdds.datanode.replication")
    /* loaded from: input_file:org/apache/hadoop/ozone/container/replication/ReplicationServer$ReplicationConfig.class */
    public static final class ReplicationConfig {

        @Config(key = "port", defaultValue = "9886", description = "Port used for the server2server replication server", tags = {ConfigTag.MANAGEMENT})
        private int port;

        public int getPort() {
            return this.port;
        }

        public ReplicationConfig setPort(int i) {
            this.port = i;
            return this;
        }
    }

    public ReplicationServer(ContainerController containerController, ReplicationConfig replicationConfig, SecurityConfig securityConfig, CertificateClient certificateClient) {
        this.secConf = securityConfig;
        this.caClient = certificateClient;
        this.controller = containerController;
        this.port = replicationConfig.getPort();
        init();
    }

    public void init() {
        NettyServerBuilder addService = NettyServerBuilder.forPort(this.port).maxInboundMessageSize(33554432).addService(ServerInterceptors.intercept(new GrpcReplicationService(new OnDemandContainerReplicationSource(this.controller)), new ServerInterceptor[]{new GrpcServerInterceptor()}));
        if (this.secConf.isSecurityEnabled()) {
            try {
                SslContextBuilder configure = GrpcSslContexts.configure(SslContextBuilder.forServer(this.caClient.getPrivateKey(), new X509Certificate[]{this.caClient.getCertificate()}), this.secConf.getGrpcSslProvider());
                configure.clientAuth(ClientAuth.REQUIRE);
                configure.trustManager(new X509Certificate[]{this.caClient.getCACertificate()});
                addService.sslContext(configure.build());
            } catch (SSLException e) {
                throw new IllegalArgumentException("Unable to setup TLS for secure datanode replication GRPC endpoint.", e);
            }
        }
        this.server = addService.build();
    }

    public void start() throws IOException {
        this.server.start();
        if (this.port == 0) {
            LOG.info("{} is started using port {}", getClass().getSimpleName(), Integer.valueOf(this.server.getPort()));
        }
        this.port = this.server.getPort();
    }

    public void stop() {
        try {
            this.server.shutdown().awaitTermination(10L, TimeUnit.SECONDS);
        } catch (InterruptedException e) {
            LOG.warn("{} couldn't be stopped gracefully", getClass().getSimpleName());
        }
    }

    public int getPort() {
        return this.port;
    }
}
