Common Management Tasks with aXAPI

A10 Networks products with the Advanced Core Operating System (ACOS) technology include a comprehensive API infrastructure for system integrations and management. This API product is aXAPI, a RESTful web services-based interface providing DevOps and IT operations the capability to integrate seamlessly with existing management platforms.
aXAPI integrates with management automation systems like Ansible, Chef, Puppet and Jenkins or can be used directly with custom developed software. For more information read the article “aXAPI For Integration.”
This article will provide direct programming examples of common management tasks including:
- Login to systems over the network
- Erase and reset systems to factory defaults while logged in
- Backup and restore system data and images
- Update network parameters like IP and DNS addresses and routing
- Query systems status for booted and loading status
The following examples will use Linux cURL scripts for simplicity. These working examples can then be ported to any language or management environment.
Login
The following call will authenticate with a username and password. The API then returns data in JSON format including a token in the signature field. This token must be passed to all proceeding API calls.
/usr/bin/curl -k -s "https://$HOSTIP/axapi/v3/auth" \
-H "Content-Type:application/json" \
-d '{
"credentials": {
"username": "admin",
"password": "a10"
}
}' > /tmp/out.json
sig=`cat /tmp/out.json | grep "\signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's/
if [ ""$sig"" == """" ];
then
echo ""ERROR - Failed to login to ACOS device - exiting""
exit
fi
The returned token string is parsed into the $sig variable to be used in succeeding API tasks.
System Backup
A critical function to perform is a system backup. The following example instructs the A10 system to generate a package with system image and configuration then use FTP to push the backup to a remote server. Other protocols can be used including HTTP SCP
curl -k -s -X POST \
""https://$HOSTIP/axapi/v3/backup/system"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json"" \
-d ""{
\"system\": {
\"remote-file\":\"ftp://[email protected]/$BKPATH/$BKFILE\"
\"password\":\"a102345\"
}
}"" > /tmp/out.backup.json
x=`cat /tmp/out.backup.json | grep ""\"status\": \"OK\"""`
if [ ""$x"" = """" ]
then
echo ""System Backup failed""
cat /tmp/out.backup.json
else
echo ""System Backup successful [$BKPATH/$BKFILE]""
fi
Erase System
Erase sets the system configuration to a factory default state. When re-deploying a system with an unknown state best practices dictates performing an erase. Logs and other usage history is cleared out along with all other configurations.
echo ""Erase Configuration""
curl -k -s -X POST \
""https://$HOST/axapi/v3/erase"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json"" \
-d '{
""erase"": {
""preserve-management"":0
""preserve-accounts"":1
""reload"":1
}
}' > /tmp/out.json
The “preserve-managemen” is not enabled since it will be set to DHCP by default.
“Reload” is enabled which will initiate a system reload (reboot).
Restore System
The following will pull down a package backup file to the A10 system and restore the image and configurations.
curl -k -s -X POST \
""https://$HOSTIP/axapi/v3/restore"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json"" \
-d ""{
\"restore\": {
\"remote-file\":\"ftp://root:[email protected]/$BKPATH/$BKFILE\"
}
}"" > /tmp/out.restore.json
x=`cat /tmp/out.restore.json`
if [ ""$x"" == """" ]
then
echo ""System Restore successful [$BKPATH/$BKFILE]""
echo ""Need to reboot system to complete restore""
else
echo ""ERROR - System Restore failed [$BKPATH/$BKFILE]""
cat /tmp/out.restore.json
fi
Reboot System
Send instruction to reboot the system.
curl -k -s -X POST \
""https://$HOSTIP/axapi/v3/reboot"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json"" \
-d ""{
\"reboot\": {
\"all\":\"0\"
}
}"" > /tmp/out.reboot.json
#x=`cat /tmp/out.reboot.json | grep ""\"status\": \"OK\"""`
x=`cat /tmp/out.reboot.json`
if [ ""$x"" == """" ]
then
echo ""System Reboot sucessful""
else
echo ""System Reboot failed""
cat /tmp/out.reboot.json
fi
Wait for System Ready
When automating management tasks which require a reboot it is necessary to query the system for boot completion and for the system to be in a ready state. The following script would normally be run after a reboot. Once this script completes it releases the wait states and passes control to the next command.
#/usr/bin/bash
HOST=""$1""
echo ""Remote host [$HOST]""
echo ""Polling the system for both booted and ready condition""
sleep 5
while [ 1 ]
do
##echo ""Login to Thunder""
curl -k -s ""https://$HOST/axapi/v3/auth"" \
-H ""Content-Type:application/json"" \
-d '{
""credentials"": {
""username"": ""admin""
""password"": ""a10""
}
}' > /tmp/out.json
x=`cat /tmp/out.json | grep ""\"signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's///g'`
if [ ""$x"" = """" ]
then
echo ""System not available - waiting...""
sleep 10
else
echo ""System booted""
break
fi
done
while [ 1 ]
do
##echo ""Login to Thunder""
curl -k -s ""https://$HOST/axapi/v3/auth"" \
-H ""Content-Type:application/json"" \
-d '{
""credentials"": {
""username"": ""admin""
""password"": ""a10""
}
}' > /tmp/out.json
x=`cat /tmp/out.json | grep ""\"signature\""" | cut -f 2 -d ':' | sed 's/""//g' | sed 's///g'`
curl -k -s \
""https://$HOST/axapi/v3/running-config"" \
-H ""Authorization: A10 $x"" \
-H ""Content-Type:application/json"" \
-d '{
""running-config"": {
""aflex"": 0
""class-list"": 0
}
}' > /tmp/out.json
out=`cat /tmp/out.json | grep ""running-config"" `
if [ ""$out"" = """" ]
then
echo ""Still loading - waiting...""
sleep 10
else
echo ""System loaded""
sleep 5
break
fi
done
exit
Configure DNS
The following API calls set the system DNS primary IP address and DNS suffix.
echo ""Set Primary DNS Primary IP""
curl -s -k -X POST \
""https://$HOST/axapi/v3/ip/dns/primary"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json"" \
-d ""{
\"primary\":
\"ip-v4-addr\": ""\"$DNSIP\"""
}
}"" > /tmp/out.set_dns_primary.json
echo ""Set DNS Suffix""
curl -s -k -X POST \
""https://$HOST/axapi/v3/ip/dns/suffix"" \
-H ""Authorization: A10 $sig"" \
-H ""Content-Type:application/json"" \
-d '{
""suffix"": {
""domain-name"": ""what.com""
}
}' > /tmp/out.set_dns_suffix.json