Common Management Tasks with aXAPI

A10 Networks products with the Advanced Core Operating System (ACOS) technology include a comprehensive API infrastructure for system integrations and management. This API product is aXAPI, a RESTful web services-based interface providing DevOps and IT operations the capability to integrate seamlessly with existing management platforms.

aXAPI integrates with management automation systems like Ansible, Chef, Puppet and Jenkins or can be used directly with custom developed software. For more information read the article “aXAPI For Integration.”

This article will provide direct programming examples of common management tasks including:

  1. Login to systems over the network
  2. Erase and reset systems to factory defaults while logged in
  3. Backup and restore system data and images
  4. Update network parameters like IP and DNS addresses and routing
  5. Query systems status for booted and loading status

The following examples will use Linux cURL scripts for simplicity.  These working examples can then be ported to any language or management environment.

Login

The following call will authenticate with a username and password.  The API then returns data in JSON format including a token in the signature field.  This token must be passed to all proceeding API calls.


/usr/bin/curl -k -s "https://$HOSTIP/axapi/v3/auth"   \
-H "Content-Type:application/json" \
-d '{
    "credentials": {
        "username": "admin",
        "password": "a10"
    }
}' > /tmp/out.json 
sig=`cat /tmp/out.json | grep  "\signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's/
if [ ""$sig"" == """" ];
then
    echo ""ERROR - Failed to login to ACOS device - exiting""
    exit
fi

The returned token string is parsed into the $sig variable to be used in succeeding API tasks.

System Backup

A critical function to perform is a system backup.  The following example instructs the A10 system to generate a package with system image and configuration then use FTP to push the backup to a remote server.  Other protocols can be used including HTTP SCP


curl -k -s  -X POST      \
    ""https://$HOSTIP/axapi/v3/backup/system"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d ""{
        \"system\":  {
            \"remote-file\":\"ftp://backup@server.where.com/$BKPATH/$BKFILE\"
            \"password\":\"a102345\"
        }
}"" > /tmp/out.backup.json
x=`cat /tmp/out.backup.json | grep  ""\"status\": \"OK\"""`
if [ ""$x"" = """" ]
then
    echo ""System Backup failed""
    cat /tmp/out.backup.json
else
    echo ""System Backup successful [$BKPATH/$BKFILE]""
fi

Erase System

Erase sets the system configuration to a factory default state.  When re-deploying a system with an unknown state best practices dictates performing an erase.  Logs and other usage history is cleared out along with all other configurations.


echo ""Erase Configuration""
curl -k -s -X POST     \
    ""https://$HOST/axapi/v3/erase"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d '{
    ""erase"": {
        ""preserve-management"":0
        ""preserve-accounts"":1
        ""reload"":1
    }
}' > /tmp/out.json

The “preserve-managemen” is not enabled since it will be set to DHCP by default.

“Reload” is enabled which will initiate a system reload (reboot).

NOTE: If an Erase is scripted the script will need to pause and wait for the reboot to complete and the system to be ready.  Refer to the “Wait for System Ready” script below.

Restore System

The following will pull down a package backup file to the A10 system and restore the image and configurations.


curl -k -s  -X POST      \
    ""https://$HOSTIP/axapi/v3/restore"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d ""{
        \"restore\":  {
            \"remote-file\":\"ftp://root:12345@server.where.com/$BKPATH/$BKFILE\"
         }
   }"" > /tmp/out.restore.json
x=`cat /tmp/out.restore.json`
if [ ""$x"" == """" ]
then
    echo ""System Restore successful [$BKPATH/$BKFILE]""
    echo ""Need to reboot system to complete restore""
else
    echo ""ERROR - System Restore failed [$BKPATH/$BKFILE]""
    cat /tmp/out.restore.json
fi
NOTE: Be aware that if the number of interfaces do not match between the target system and the backup package file the network interfaces will have to be enabled and configured.

Reboot System

Send instruction to reboot the system.

NOTE: A system reboot is required after a restore.

curl -k -s -X POST      \
    ""https://$HOSTIP/axapi/v3/reboot"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""  \
-d ""{
        \"reboot\":  {
            \"all\":\"0\"
        }
}"" > /tmp/out.reboot.json
#x=`cat /tmp/out.reboot.json | grep  ""\"status\": \"OK\"""`
x=`cat /tmp/out.reboot.json`
if [ ""$x"" == """" ]
then
    echo ""System Reboot sucessful""
else
    echo ""System Reboot failed""
    cat /tmp/out.reboot.json
fi

Wait for System Ready

When automating management tasks which require a reboot it is necessary to query the system for boot completion and for the system to be in a ready state.  The following script would normally be run after a reboot.  Once this script completes it releases the wait states and passes control to the next command.


#/usr/bin/bash
HOST=""$1""
echo ""Remote host [$HOST]""
echo ""Polling the system for both booted and ready condition""
sleep 5
while [ 1 ]
do
    ##echo ""Login to Thunder""
    curl -k -s ""https://$HOST/axapi/v3/auth""   \
    -H ""Content-Type:application/json"" \
    -d '{
        ""credentials"": {
            ""username"": ""admin""
            ""password"": ""a10""
        }
    }' > /tmp/out.json 
    x=`cat /tmp/out.json | grep  ""\"signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's///g'`
if [ ""$x"" = """" ]
    then
        echo ""System not available - waiting...""
        sleep 10
    else
        echo ""System booted""
        break
    fi
done
while [ 1 ]
do
    ##echo ""Login to Thunder""
    curl -k -s ""https://$HOST/axapi/v3/auth""   \
    -H ""Content-Type:application/json"" \
    -d '{
        ""credentials"": {
            ""username"": ""admin""
            ""password"": ""a10""
        }
    }' > /tmp/out.json
    x=`cat /tmp/out.json | grep  ""\"signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's///g'`
    curl -k -s      \
        ""https://$HOST/axapi/v3/running-config"" \
    -H ""Authorization: A10 $x"" \
    -H ""Content-Type:application/json""   \
    -d '{
        ""running-config"": {
            ""aflex"": 0
            ""class-list"": 0 
        }
    }' > /tmp/out.json 
    out=`cat /tmp/out.json | grep  ""running-config"" `
    if [ ""$out"" = """" ]
    then
        echo ""Still loading - waiting...""
        sleep 10
    else
        echo ""System loaded""
        sleep 5
        break
    fi
done
exit

Configure DNS

The following API calls set the system DNS primary IP address and DNS suffix.


echo ""Set Primary DNS Primary IP""
curl -s -k -X POST     \
    ""https://$HOST/axapi/v3/ip/dns/primary"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d ""{
    \"primary\": 
        \"ip-v4-addr\": ""\"$DNSIP\"""
    }
}"" > /tmp/out.set_dns_primary.json
echo ""Set DNS Suffix""
curl -s -k -X POST     \
    ""https://$HOST/axapi/v3/ip/dns/suffix"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d '{
    ""suffix"": {
        ""domain-name"": ""what.com""
    }
}' > /tmp/out.set_dns_suffix.json

|

December 17, 2018

About Robert Keith

Robert has 30 years of experience in IT technology development and infrastructure management. He was the founder of several infrastructure ventures including Intellivence, MaxSP, Sentrik and most recently was the CTO of Iron Networks. As CTO of Iron Networks in San Jose, CA, he worked directly with many companies in the Silicon Valley to design and architect network, security, and cloud solutions. He worked directly with Microsoft engineering in the design of their cloud architectures including storage, Hyper-V, Systems Center and Virtual Networking. He also worked directly with Hortonworks to design a Hadoop deployment and management system using CentOS and many layered software packages. READ MORE