This blog is about AVI-networks, a leader in the world of load balancers that developed their Vantage platform from the ground up to be compatible with the new methods of building datacenter.
Avi Networks delivers multi-cloud application services with elastic application delivery, security, and pervasive analytics across data centers and clouds. Avi Vantage makes it easy to apply load balancing, web application firewall and service mesh to any application.
This blog will help you in getting familiar with simple API calls using curl with the help of a script developed by Metsi to facilitate authentication and structure commands to the controller.
The platform offers incredible flexibility to integrate in any cloud using automation through the API. And this API can be controlled via many different methods. To name a few:
- Web API using JSON coded data
- Python SDK
- Ansible playbooks
But this flexibility often leads to confusion about which tools fits best for the job. Should I use Ansible for a basic task? Or will this be overkill? Should I use web-API capable scripting tool such as Postman for orchestration, or does this has certain limits and will I have to switch over to another tool later on? As a result, often automation via the API is considered as cumbersome and technically challenging.
But it does not need to be. We at Metsi are there to help customers facilitate the adoption of automation and orchestration and here below is a short description of how a simple script can help facilitate day to day tasks on AVI-Networks Vantage platform.
When using the AVI Networks API everything is JSON coded. JSON is another lightweight format to store data or configuration statements in a human readable format, comparable to XML. For more info about JSON, visit: https://www.json.org/.
Using the AVI Networks API makes it very easy to get existing configuration of …, alter it and re-upload to add for instance a new pool or Virtual Service (VS). But it can be used for anything within the AVI Vantage platform that you want to add or remove. Manipulations of a Pools or VS are required most often and are a good candidate to look at automating.
Take the below example to add a pool, structured in JSON code:
In the above example, some of the basic parameters which are easily recognisable, have been highlighted. You have the load balancing algorithm, the port and two backend servers to balance. Adjusting this to fit the need of a new farm is easy. A reference of the statements that can be used, per version, can always be found at: https://avinetworks.com/docs/latest/api-guide/.
If more complex pools are required, you can first build them once using the GUI. And then collect the resulting JSON via API to re-use it over and over again, with other data.
But how to do this in practice. It is always easy if you know what you are doing, but the first time a little help might be welcome. This blog will help you get started and provides easy access to the API using basic Curl.
Reading through the documentation of AVI, getting access to the controller to be able to execute GET or POST statements will require a number of things.
- A username and password, formatted in JSON (as of version 16.2)
- The cookies returned after successful authentication
- A CSRFTOKEN to be able to POST JSON data
- A number of HTTP headers depending on the used operation (GET/POST)
To facilitate all of this, I created a scripted called aviLogin.sh so you only need to provide following data:
- Controller IP address
- AVI Version
Download the script using: git clone https://gitlab.com/metsi-technologies-public-repo/avi-networks/avilogin.git
When you run the script, it will create a simple variables file to load after which a curl can be used to control data.
Look at the below example to get the configuration statements for a pool:
$./aviLogin.sh Please provide the IP address of the AVI controller to login: 172.21.2.11 Please provide an administrator username: admin Please provide the password for this user: Please provide the API version to use [17.1.2]: 18.1.5 Will use version: 18.1.5 Log in as admin......ok ---------- Execute commands to AVI controller 172.21.2.11 using version 18.1.5: Example GET command: curl -k -K avi.get "https://172.21.2.11/api/ " Example POST command: curl -k -K avi.post -d "@<JSONFILE>" "https://172.21.2.11/api/ " Remarks: -k: to not validate HTTPS certificate (for self signed certificate usage) <JSONFILE>: replace with the filename (and path) where the JSON config is located that you want to apply When finished, Logout to the AVI controller via ./AVI_LOGOUT Enjoy!
$ . ./avi.vars
$ curl -k -K avi.get “https://172.21.2.11/api/pool?name=demo_pool&include_name ” > demo_pool.json
Don’t forget to load the variables file before using curl or you will not have access to the controller.
The example will get the pool demo_pool. This is to limit the number of outputs as we are only interested in the pool, we want to base our modifications on. The resulting file, called demo_pool.json contains the JSON code for this pool. Open this in your favourite editor that supports formatting of JSON. As an example, I use Atom with the ‘Pretty JSON’ package to convert the layout to a nicely structured and readable format.
Below is a part of the resulting file:
You will notice the JSON code starts with a results array. Remove this part at the top and the 2 brackets at the bottom to match the following:
Now we just have to clean up some references of the current pool to be able to create a new pool. Remove following statements:
And change the name to a new name like ‘test_pool’.
Look at the parameters you want to change and refer to the AVI Networks API documentation to see which parameters are mandatory.
Next, we will add our new test_pool. Keep in mind, we still have a login to the controller as long as the session idle timer is not expired (defaults to 15 minutes):
$curl -k -K avi.post -d “@demo_pool.json” “https://172.21.2.11/api/pool”
Don’t be afraid of the JSON formatted response you receive. If you prefer, you can also pipe this output to a file to be able to read it in your favourite editor.
Most important part is that your pool was created and is visible in the controller GUI.
Don’t forget to logout to avoid abuse of your authenticated session using the variables stored! Do this by running the small script that was created automatically:
If you would like this script, or have comments, do not hesitate to reach out to us here.