Common Management Tasks with aXAPI

A10 Networks products with the Advanced Core Operating System (ACOS) technology include a comprehensive API infrastructure for system integrations and management. This API product is aXAPI, a RESTful web services-based interface providing DevOps and IT operations the capability to integrate seamlessly with existing management platforms.

aXAPI integrates with management automation systems like Ansible, Chef, Puppet and Jenkins or can be used directly with custom developed software. For more information read the article “aXAPI For Integration.”

This article will provide direct programming examples of common management tasks including:

1. Login to systems over the network
2. Erase and reset systems to factory defaults while logged in
3. Backup and restore system data and images
4. Update network parameters like IP and DNS addresses and routing
5. Query systems status for booted and loading status

The following examples will use Linux cURL scripts for simplicity.  These working examples can then be ported to any language or management environment.

Login

The following call will authenticate with a username and password.  The API then returns data in JSON format including a token in the signature field.  This token must be passed to all proceeding API calls.

/usr/bin/curl -k -s "https://$HOSTIP/axapi/v3/auth"   \
-H "Content-Type:application/json" \
-d '{
    "credentials": {
        "username": "admin",
        "password": "a10"
    }
}' > /tmp/out.json 
sig=`cat /tmp/out.json | grep  "\signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's/
if [ ""$sig"" == """" ];
then
    echo ""ERROR - Failed to login to ACOS device - exiting""
    exit
fi

The returned token string is parsed into the $sig variable to be used in succeeding API tasks.

System Backup

A critical function to perform is a system backup.  The following example instructs the A10 system to generate a package with system image and configuration then use FTP to push the backup to a remote server.  Other protocols can be used including HTTP SCP

curl -k -s  -X POST      \
    ""https://$HOSTIP/axapi/v3/backup/system"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d ""{
        \"system\":  {
            \"remote-file\":\"ftp://[email protected]/$BKPATH/$BKFILE\"
            \"password\":\"a102345\"
        }
}"" > /tmp/out.backup.json
x=`cat /tmp/out.backup.json | grep  ""\"status\": \"OK\"""`
if [ ""$x"" = """" ]
then
    echo ""System Backup failed""
    cat /tmp/out.backup.json
else
    echo ""System Backup successful [$BKPATH/$BKFILE]""
fi

Erase System

Erase sets the system configuration to a factory default state.  When re-deploying a system with an unknown state best practices dictates performing an erase.  Logs and other usage history is cleared out along with all other configurations.

echo ""Erase Configuration""
curl -k -s -X POST     \
    ""https://$HOST/axapi/v3/erase"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d '{
    ""erase"": {
        ""preserve-management"":0
        ""preserve-accounts"":1
        ""reload"":1
    }
}' > /tmp/out.json

The "preserve-managemen" is not enabled since it will be set to DHCP by default.

"Reload" is enabled which will initiate a system reload (reboot).

Restore System

The following will pull down a package backup file to the A10 system and restore the image and configurations.

curl -k -s  -X POST      \
    ""https://$HOSTIP/axapi/v3/restore"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d ""{
        \"restore\":  {
            \"remote-file\":\"ftp://root:[email protected]/$BKPATH/$BKFILE\"
         }
   }"" > /tmp/out.restore.json
x=`cat /tmp/out.restore.json`
if [ ""$x"" == """" ]
then
    echo ""System Restore successful [$BKPATH/$BKFILE]""
    echo ""Need to reboot system to complete restore""
else
    echo ""ERROR - System Restore failed [$BKPATH/$BKFILE]""
    cat /tmp/out.restore.json
fi

Reboot System

Send instruction to reboot the system.

curl -k -s -X POST      \
    ""https://$HOSTIP/axapi/v3/reboot"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""  \
-d ""{
        \"reboot\":  {
            \"all\":\"0\"
        }
}"" > /tmp/out.reboot.json
#x=`cat /tmp/out.reboot.json | grep  ""\"status\": \"OK\"""`
x=`cat /tmp/out.reboot.json`
if [ ""$x"" == """" ]
then
    echo ""System Reboot sucessful""
else
    echo ""System Reboot failed""
    cat /tmp/out.reboot.json
fi

Wait for System Ready

When automating management tasks which require a reboot it is necessary to query the system for boot completion and for the system to be in a ready state.  The following script would normally be run after a reboot.  Once this script completes it releases the wait states and passes control to the next command.

#/usr/bin/bash
HOST=""$1""
echo ""Remote host [$HOST]""
echo ""Polling the system for both booted and ready condition""
sleep 5
while [ 1 ]
do
    ##echo ""Login to Thunder""
    curl -k -s ""https://$HOST/axapi/v3/auth""   \
    -H ""Content-Type:application/json"" \
    -d '{
        ""credentials"": {
            ""username"": ""admin""
            ""password"": ""a10""
        }
    }' > /tmp/out.json 
    x=`cat /tmp/out.json | grep  ""\"signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's///g'`
if [ ""$x"" = """" ]
    then
        echo ""System not available - waiting...""
        sleep 10
    else
        echo ""System booted""
        break
    fi
done
while [ 1 ]
do
    ##echo ""Login to Thunder""
    curl -k -s ""https://$HOST/axapi/v3/auth""   \
    -H ""Content-Type:application/json"" \
    -d '{
        ""credentials"": {
            ""username"": ""admin""
            ""password"": ""a10""
        }
    }' > /tmp/out.json
    x=`cat /tmp/out.json | grep  ""\"signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's///g'`
    curl -k -s      \
        ""https://$HOST/axapi/v3/running-config"" \
    -H ""Authorization: A10 $x"" \
    -H ""Content-Type:application/json""   \
    -d '{
        ""running-config"": {
            ""aflex"": 0
            ""class-list"": 0 
        }
    }' > /tmp/out.json 
    out=`cat /tmp/out.json | grep  ""running-config"" `
    if [ ""$out"" = """" ]
    then
        echo ""Still loading - waiting...""
        sleep 10
    else
        echo ""System loaded""
        sleep 5
        break
    fi
done
exit

Configure DNS

The following API calls set the system DNS primary IP address and DNS suffix.

echo ""Set Primary DNS Primary IP""
curl -s -k -X POST     \
    ""https://$HOST/axapi/v3/ip/dns/primary"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d ""{
    \"primary\": 
        \"ip-v4-addr\": ""\"$DNSIP\"""
    }
}"" > /tmp/out.set_dns_primary.json
echo ""Set DNS Suffix""
curl -s -k -X POST     \
    ""https://$HOST/axapi/v3/ip/dns/suffix"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json""   \
-d '{
    ""suffix"": {
        ""domain-name"": ""what.com""
    }
}' > /tmp/out.set_dns_suffix.json

Related Resources

• aXAPI REST-based Application Programming Interface Integration
• aXAPI Python SDK Examples
• Context-Aware DDoS Protection with aXAPI
• aXAPI cli.deploy and cli.show_info with Python

Share this post:

Share on X (Twitter)Share on FacebookShare on LinkedInShare on Email

Categories:

Network Management Technical Articles

---

Previous Post

Managing Network Devices with SSH Scripts

Next Post

Installing Ansible Modules for A10 Networks

---

A10 Staff

|

December 17, 2018