ce ID from metadata service"
    exit 1
fi

echo "Instance ID: $INSTANCE_ID"
echo "Cluster ID: $CLUSTER_ID"
echo "Zone: $ZONE"

# Function to get IAM token
get_iam_token() {
    local response=$(curl -s -X POST \
        "https://iam.cloud.ibm.com/identity/token" \
        -H "Content-Type: application/x-www-form-urlencoded" \
        -d "grant_type=urn:urn:ibm:params:oauth:grant-type:apikey&apikey=$API_KEY")
    
    echo "$response" | grep -o '"access_token":"[^"]*"' | cut -d'"' -f4
}

# Function to add worker to IKS cluster
add_worker_to_cluster() {
    local token=$(get_iam_token)
    
    if [ -z "$token" ]; then
        echo "Error: Could not obtain IAM token"
        return 1
    fi
    
    # Prepare worker request payload
    local payload=$(cat <<EOF
{
    "cluster_id": "$CLUSTER_ID",
    "vpc_instance_id": "$INSTANCE_ID",
    "zone": "$ZONE",
    "labels": {
        "karpenter.sh/managed": "true",
        "karpenter.ibm.sh/zone": "$ZONE",
        "karpenter.ibm.sh/region": "$REGION"
    }
}
EOF
)

    echo "Adding worker to IKS cluster..."
    local response=$(curl -s -X POST \
        "https://containers.cloud.ibm.com/global/v1/clusters/$CLUSTER_ID/workers" \
        -H "Authorization: Bearer $token" \
        -H "Content-Type: application/json" \
        -d "$payload")
    
    echo "IKS API Response: $response"
    
    # Check if request was successful
    local worker_id=$(echo "$response" | grep -o '"id":"[^"]*"' | cut -d'"' -f4)
    if [ -n "$worker_id" ]; then
        echo "Successfully added worker to cluster: $worker_id"
        return 0
    else
        echo "Error: Failed to add worker to cluster"
        echo "Response: $response"
        return 1
    fi
}

# Function to wait for worker to be ready
wait_for_worker_ready() {
    local token=$(get_iam_token)
    
    echo "Waiting for worker to be ready..."
    local max_attempts=60
    local attempt=0
    
    while [ $attempt -lt $max_attempts ]; do
        local workers_response=$(curl -s \
            "https://containers.cloud.ibm.com/global/v1/clusters/$CLUSTER_ID/workers" \
            -H "Authorization: Bearer $token")
        
        # Find our worker by instance ID
        local worker_state=$(echo "$workers_response" | jq -r ".[] | select(.id | contains(\"$INSTANCE_ID\")) | .health.state")
        
        case "$worker_state" in
            "normal")
                echo "Worker is ready!"
                return 0
                ;;
            "warning"|"critical")
                echo "Worker is in $worker_state state, continuing to wait..."
                ;;
            "")
                echo "Worker not found yet, continuing to wait..."
                ;;
            *)
                echo "Worker is in $worker_state state, continuing to wait..."
                ;;
        esac
        
        attempt=$((attempt + 1))
        echo "Attempt $attempt/$max_attempts: Worker state is $worker_state"
        sleep 30
    done
    
    echo "Warning: Worker did not become ready within expected time"
    return 1
}

# Function to install required packages
install_prerequisites() {
    echo "Installing prerequisites..."
    apt-get update
    apt-get install -y curl jq
}

# Function to setup logging
setup_logging() {
    # Create log directory
    mkdir -p /var/log/karpenter
    
    # Setup log rotation
    cat <<EOF > /etc/logrotate.d/karpenter
/var/log/karpenter/*.log {
    daily
    rotate 7
    compress
    delaycompress
    missingok
    notifempty
    create 644 root root
}
EOF
}

# Function to register with health monitoring
register_health_monitoring() {
    echo "Setting up health monitoring..."
    
    # Create health check script
    cat <<'EOF' > /usr/local/bin/worker-health-check.sh
#!/bin/bash
# Health check script for IKS worker node

CLUSTER_ID="%s"
API_KEY="${IBM_API_KEY}"

check_worker_health() {
    local token=$(curl -s -X POST \
        "https://iam.cloud.ibm.com/identity/token" \
        -H "Content-Type: application/x-www-form-urlencoded" \
        -d "grant_type=urn:urn:ibm:params:oauth:grant-type:apikey&apikey=$API_KEY" | \
        grep -o '"access_token":"[^"]*"' | cut -d'"' -f4)
    
    local instance_id=$(curl -s http://169.254.169.254/metadata/v1/instance/id)
    
    if [ -n "$token" ] && [ -n "$instance_id" ]; then
        curl -s \
            "https://containers.cloud.ibm.com/global/v1/clusters/$CLUSTER_ID/workers" \
            -H "Authorization: Bearer $token" | \
            jq -r ".[] | select(.id | contains(\"$instance_id\")) | .health.state"
    else
        echo "unknown"
    fi
}

health_state=$(check_worker_health)
echo "Worker health state: $health_state"

case "$health_state" in
    "normal")
        exit 0
        ;;
    "warning")
        exit 1
        ;;
    "critical")
        exit 2
        ;;
    *)
        exit 3
        ;;
esac
EOF

    chmod +x /usr/local/bin/worker-health-check.sh
    
    # Create systemd service for health monitoring
    cat <<EOF > /etc/systemd/system/worker-health-monitor.service
[Unit]
Description=IKS Worker Health Monitor
After=network.target

[Service]
Type=oneshot
ExecStart=/usr/local/bin/worker-health-check.sh
User=root

[Install]
WantedBy=multi-user.target
EOF

    # Create timer for regular health checks
    cat <<EOF > /etc/systemd/system/worker-health-monitor.timer
[Unit]
Description=Run IKS Worker Health Monitor every 5 minutes
Requires=worker-health-monitor.service

[Timer]
OnCalendar=*:0/5
Persistent=true

[Install]
WantedBy=timers.target
EOF

    systemctl daemon-reload
    systemctl enable worker-health-monitor.timer
    systemctl start worker-health-monitor.timer
}

# Main execution
main() {
    echo "Starting IKS API worker registration..."
    
    # Install prerequisites
    install_prerequisites
    
    # Setup logging
    setup_logging
    
    # Add worker to cluster via IKS API
    if add_worker_to_cluster; then
        echo "Worker successfully added to IKS cluster"
        
        # Wait for worker to be ready
        wait_for_worker_ready
        
        # Setup health monitoring
        register_health_monitoring
        
        echo "IKS API node registration completed successfully!"
        echo "Worker node should appear in cluster shortly"
    else
        echo "Failed to add worker to IKS cluster"
        exit 1
    fi
}

# Run custom user data first if provided
%s

# Execute main function
main 2>&1 | tee /var/log/karpenter/iks-bootstrap.log

echo "IKS bootstrap completed!"