Config changes #47
+2,185
−2
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,239 @@ | ||
| <# | ||
| .SYNOPSIS | ||
| This sample script demonstrates the use of NetBackup Trust Management APIs. | ||
|
|
||
| .DESCRIPTION | ||
| The script can be run using NetBackup 8.2 or higher. | ||
| It updates the exclude list configuration on the specified client. The exclude list is specified within the script below. | ||
|
|
||
| .EXAMPLE | ||
| ./Config_trust_management_crud_operation.ps1 -MasterServer <masterServer> -UserName <username> -Password <password> -TrustedMasterServerName <Trusted master Server Name> [-DomainName <domainName> -DomainType <domainType>] | ||
| #> | ||
|
|
||
| #Requires -Version 4.0 | ||
|
|
||
| Param ( | ||
| [string]$MasterServer = $(Throw "Please specify the name of the NetBackup Master Server using the -MasterServer parameter."), | ||
| [string]$UserName = $(Throw "Please specify the user name using the -UserName parameter."), | ||
| [string]$Password = $(Throw "Please specify the password using the -Password parameter."), | ||
| [string]$TrustedMasterServerName = $(Throw "Please specify the name of the NetBackup remote Master Server using the -TrustedMasterServerName parameter."), | ||
| [string]$DomainName, | ||
| [string]$DomainType | ||
| ) | ||
|
|
||
|
|
||
| ############################################################### | ||
| # Setup to allow self-signed certificates and enable TLS v1.2 | ||
| ############################################################### | ||
| Function Setup() | ||
| { | ||
| # Allow self-signed certificates | ||
| if ([System.Net.ServicePointManager]::CertificatePolicy -notlike 'TrustAllCertsPolicy') | ||
| { | ||
| Add-Type -TypeDefinition @" | ||
| using System.Net; | ||
| using System.Security.Cryptography.X509Certificates; | ||
| public class TrustAllCertsPolicy : ICertificatePolicy { | ||
| public bool CheckValidationResult( | ||
| ServicePoint srvPoint, X509Certificate certificate, | ||
| WebRequest request, int certificateProblem) { | ||
| return true; | ||
| } | ||
| } | ||
| "@ | ||
| [System.Net.ServicePointManager]::CertificatePolicy = New-Object -TypeName TrustAllCertsPolicy | ||
| } | ||
|
|
||
| # Force TLS v1.2 | ||
| try { | ||
| if ([Net.ServicePointManager]::SecurityProtocol -notcontains 'Tls12') { | ||
| [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 | ||
| } | ||
| } | ||
| catch { | ||
| Write-Host "`n"$_.Exception.InnerException.Message | ||
| } | ||
| } | ||
|
|
||
| #################### | ||
| # Global Variables | ||
| #################### | ||
|
|
||
| $port = 1556 | ||
| $basepath = "https://" + $MasterServer + ":" + $port + "/netbackup" | ||
| $contentType = "application/vnd.netbackup+json;version=4.0" | ||
| $hostName = $client | ||
|
|
||
| ###################################### | ||
| # Login to the NetBackup webservices | ||
| ###################################### | ||
| Function Login() | ||
| { | ||
|
|
||
| $uri = $basepath + "/login" | ||
|
|
||
| $body = @{ | ||
| userName=$UserName | ||
| password=$Password | ||
| } | ||
| if ($DomainName -ne "") { | ||
| $body.add("domainName", $DomainName) | ||
| } | ||
| if ($DomainType -ne "") { | ||
| $body.add("domainType", $DomainType) | ||
| } | ||
| Write-Host "`nSending a POST request to login to the NetBackup webservices...`n" | ||
|
|
||
| $response = Invoke-WebRequest ` | ||
| -Uri $uri ` | ||
| -Method POST ` | ||
| -Body (ConvertTo-Json -InputObject $body) ` | ||
| -ContentType $contentType | ||
|
|
||
| if ($response.StatusCode -ne 201) | ||
| { | ||
| throw "Unable to connect to the NetBackup Master Server" | ||
| } | ||
|
|
||
| Write-Host "Login successful.`n" | ||
| $content = (ConvertFrom-Json -InputObject $response) | ||
| return $content | ||
| } | ||
| ##################################################################### | ||
| # POST NetBackup Storage server | ||
| ##################################################################### | ||
| Function CreateTrust() | ||
| { | ||
| $base_uri = $basepath + "/config/servers/trusted-master-servers" | ||
|
|
||
| $json = '{ | ||
| "data": { | ||
| "type": "trustedMasterServer", | ||
| "attributes": { | ||
| "trustedMasterServerName": "'+$TrustedMasterServerName+'", | ||
| "rootCAType": "NBCA", | ||
| "authenticationType": "CREDENTIAL", | ||
| "domainName": "DOMAIN", | ||
| "userName": "USER", | ||
| "password": "PASSWORD", | ||
| "fingerprint": "FINGERPRINT" | ||
| } | ||
| } | ||
| } | ||
| ' | ||
| $response_create_trust = Invoke-WebRequest ` | ||
| -Uri $base_uri ` | ||
| -Method POST ` | ||
| -Body ($json) ` | ||
| -ContentType $contentType ` | ||
| -Headers $headers | ||
|
|
||
| if ($response_create_trust.StatusCode -ne 201) | ||
| { | ||
| throw "Unable to create trust between master servers." | ||
| } | ||
|
|
||
| Write-Host "Trust between master servers created successfully.`n" | ||
| echo $response_create_trust | ||
| Write-Host $response_create_trust | ||
|
|
||
| $response_create_trust = (ConvertFrom-Json -InputObject $response_create_trust) | ||
| } | ||
| ##################################################################### | ||
| # GET NetBackup Trusted Master Server | ||
| ##################################################################### | ||
| Function GetTrustedMaster() | ||
| { | ||
|
|
||
| $base_uri = $basepath + "/config/servers/trusted-master-servers/" + $TrustedMasterServerName | ||
|
|
||
|
|
||
| $response_get = Invoke-WebRequest ` | ||
| -Uri $base_uri ` | ||
| -Method GET ` | ||
| -ContentType $contentType ` | ||
| -Headers $headers | ||
|
|
||
| if ($response_get.StatusCode -ne 200) | ||
| { | ||
| throw "Unable to fetch scpecified trusted master server" | ||
| } | ||
|
|
||
| Write-Host "Scpecified trusted master server fetched successfully.`n" | ||
| Write-Host $response_get | ||
|
|
||
| $response_get = (ConvertFrom-Json -InputObject $response_get) | ||
| } | ||
| ##################################################################### | ||
| # PATCH NetBackup trust between master servers | ||
| ##################################################################### | ||
| Function UpdateTrust() | ||
| { | ||
| $base_uri = $basepath + "/config/servers/trusted-master-servers/" + $TrustedMasterServerName | ||
|
|
||
| $json = '{ | ||
| "data": { | ||
| "type": "trustedMasterServer", | ||
| "attributes": { | ||
| "trustedMasterServerName": "'+$TrustedMasterServerName+'", | ||
| "rootCAType": "ECA" | ||
| } | ||
| } | ||
| } | ||
| ' | ||
|
|
||
| $response_update = Invoke-WebRequest ` | ||
| -Uri $base_uri ` | ||
| -Method PATCH ` | ||
| -Body ($json) ` | ||
| -ContentType $contentType ` | ||
| -Headers $headers | ||
|
|
||
| if ($response_update.StatusCode -ne 200) | ||
| { | ||
| throw "Unable to update trust between masters." | ||
| } | ||
|
|
||
| Write-Host "Trust between masters updated successfully.`n" | ||
| echo $response_update | ||
| Write-Host $response_update | ||
|
|
||
| $response_update = (ConvertFrom-Json -InputObject $response_update) | ||
|
|
||
| } | ||
|
|
||
|
|
||
| ##################################################################### | ||
| # Delete NetBackup Trust between master Server | ||
| ##################################################################### | ||
| Function DeleteTrust() | ||
| { | ||
| $base_uri = $basepath + "/config/servers/trusted-master-servers/" + $TrustedMasterServerName | ||
|
|
||
|
|
||
| $response_delete = Invoke-WebRequest ` | ||
| -Uri $base_uri ` | ||
| -Method DELETE ` | ||
| -ContentType $contentType ` | ||
| -Headers $headers | ||
|
|
||
| if ($response_delete.StatusCode -ne 204 ) | ||
| { | ||
| throw "Unable to delete trust between masters." | ||
| } | ||
|
|
||
| Write-Host "Trust between masters deleted successfully.`n" | ||
| Write-Host $response_delete | ||
|
|
||
| $response_delete = (ConvertFrom-Json -InputObject $response_delete) | ||
| } | ||
|
|
||
| ########################################################################### | ||
|
|
||
| Setup | ||
| $loginResponse = Login | ||
| $headers = @{"Authorization" = $loginResponse.token} | ||
| CreateTrust | ||
| GetTrustedMaster | ||
| UpdateTrust | ||
| DeleteTrust | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| import requests | ||
|
|
||
| content_type = "application/vnd.netbackup+json; version=4.0" | ||
|
|
||
|
|
||
| def perform_login(username, password, base_url, domain_name, domain_type): | ||
| url = base_url + "/login" | ||
|
|
||
| if domain_name != "" and domain_type != "": | ||
| req_body = {"userName": username, "password": password, "domainName": domain_name, "domainType": domain_type} | ||
| else: | ||
| req_body = {"userName": username, "password": password} | ||
|
|
||
| headers = {'Content-Type': content_type} | ||
|
|
||
| print("performing POST on {} for user '{}'\n".format(url, req_body['userName'])) | ||
|
|
||
| resp = requests.post(url, headers=headers, json=req_body, verify=False) | ||
|
|
||
| if resp.status_code != 201: | ||
| raise Exception('Login API failed with status code {} and {}'.format(resp.status_code, resp.json())) | ||
|
|
||
| return resp.json()['token'] | ||
|
|
||
|
|
||
| def get_trusted_master_server_by_name(jwt, base_url, trustedmasterservername): | ||
| url = base_url + "/config/servers/trusted-master-servers/" + trustedmasterservername | ||
| headers = {'Content-Type': content_type, 'Authorization': jwt} | ||
| query_params = { | ||
| # "page[limit]": 100, #This changes the default page size to 100 | ||
| # "filter": "jobType eq 'RESTORE'" #This adds a filter to only show RESTORE Jobs | ||
|
Comment on lines
+29
to
+31
There was a problem hiding this comment. Are these parameters valid for this API? If so, then I think there should be a comment explaining that the programmer can uncomment these lines to use them. If they're not valid, then just delete them instead of leaving them commented out. |
||
| } | ||
|
|
||
| print("performing GET on {}\n".format(url)) | ||
|
|
||
| resp = requests.get(url, headers=headers, params=query_params, verify=False) | ||
|
|
||
| if resp.status_code != 200: | ||
| raise Exception('GET Trusted master server with specific name failed with status code {} and {}'.format(resp.status_code, resp.json())) | ||
|
|
||
| return resp.json() | ||
|
|
||
| def delete_trust(jwt, base_url, trustedmasterservername): | ||
| url = base_url + "/config/servers/trusted-master-servers/" +trustedmasterservername | ||
| headers = {'Content-Type': content_type, 'Authorization': jwt} | ||
| query_params = { | ||
| # "page[limit]": 100, #This changes the default page size to 100 | ||
| # "filter": "jobType eq 'RESTORE'" #This adds a filter to only show RESTORE Jobs | ||
| } | ||
|
|
||
| print("performing DELETE on {}\n".format(url)) | ||
|
|
||
| resp = requests.delete(url, headers=headers, verify=False) | ||
| if resp.status_code != 204: | ||
| raise Exception('DELETE trust with specific trusted master failed with status code {} and {}'.format(resp.status_code, resp.json())) | ||
|
|
||
| print("\nThe Trust is deleted with status code: {}\n".format(resp.status_code)) | ||
|
|
||
| def create_trusted_master_server(jwt, base_url, file_name): | ||
| url = base_url + "/config/servers/trusted-master-servers" | ||
| headers = {'Content-Type': content_type, 'Authorization': jwt} | ||
|
|
||
| path = file_name | ||
|
|
||
| req_body = open(path, 'r').read() | ||
|
|
||
| print("performing POST on {}\n".format(url)) | ||
|
|
||
| resp = requests.post(url, headers=headers, data=req_body, verify=False) | ||
|
|
||
| if resp.status_code != 201: | ||
| raise Exception('Create trust between master servers API failed with status code {} and {}'.format(resp.status_code, resp.json())) | ||
|
|
||
| return resp.json() | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this and the similar code at 174 should do like is done in Delete-NB-delete-trust.ps1, which creates a hash table and then converts it to JSON with
ConvertTo-Json. It avoids the awkwardness of terminating the string literal midway through, inserting a variable (which hasn't been escaped for use as a JSON string), and then resuming the string.