EMC recently released Isilon 7.0 “Mavericks” version of the OneFS operating system. This release has many great new features, which you can read all about here and here. One of these great new Isilon features is the ReST API, which allows programmatic access to the platform. If you are not familiar with ReST, it stands for Representational State Transfer. This is a lightweight, platform independent and stateless method of programming web services.
PowerShell allows an easy method to access the Isilon ReST API. Working with ReST is a new for me, but I thought it might be useful for some to follow along while I am learning. Also, if anyone has tips for me on this process I welcome the knowledge.
The Isilon ReST API is not enabled by default. To enable the functionality it requires changing options on the HTTP settings page in the protocols section, see below.
The HTTP interface can use active directory authentication, but in this post I will use basic authentication and show examples of reading data from the cluster. I hope to show more advanced examples as I learn.
PowerShell v3 has some great built-in functionality for working with ReST API’s. The Invoke-RestMethod cmdlet is exactly the functionality required to leverage the Isilon ReST API. The first challenges when working with the API will be related to authentication and certificates. The Isilon cluster will use a self-signed certificate by default. This results in a certificate error when connecting via HTTPS and can be seen when connecting to the Isilon cluster via a browser. The following code will allow a work around to the problem by ignoring the error.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
# Ignore SSL errors add-type @" using System.Net; using System.Security.Cryptography.X509Certificates; public class IDontCarePolicy : ICertificatePolicy { public IDontCarePolicy() {} public bool CheckValidationResult( ServicePoint sPoint, X509Certificate cert, WebRequest wRequest, int certProb) { return true; } } "@ [System.Net.ServicePointManager]::CertificatePolicy = new-object IDontCarePolicy |
In a production environment the correct way to handle this would be to install a certificate issued by a trusted certificate authority. The next step is to setup a proper HTTP header for basic authentication.
|
1 2 3 4 5 6 7 8 9 |
# Set username and password $username = '****' $upassword = '****' # Encode basic authorization header $auth = $username + ':' + $upassword $Encoded = [System.Text.Encoding]::UTF8.GetBytes($auth) $EncodedPassword = [System.Convert]::ToBase64String($Encoded) $headers = @{"Authorization"="Basic $($EncodedPassword)"} |
Once this is complete all we have to do is build the proper URL and issue the request. The code below will retrieve and display the SMB and NFS settings of the cluster.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 |
# Setup base address and objects $baseurl = 'https://192.168.1.239:8080' # Create full address of resource to be retrieved $resource = '/platform/1/protocols/smb/settings/global' $url = $baseurl + $resource # Execute request and display SMB Settings $SMBGlobal = Invoke-RestMethod -Uri $url -Headers $headers -Method Get $SMBGlobal.settings # Create full address of resource to be retrieved $resource = '/platform/1/protocols/nfs/settings/global' $url = $baseurl + $resource # Execute request and display NFS Settings $NFSGlobal = Invoke-RestMethod -Uri $url -Headers $headers -Method Get $NFSGlobal.settings |
The output from the above examples is shown below. As you can see this gives a quick concise view of the protocol settings.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
access_based_share_enum : False audit_fileshare : none audit_global_sacl : {} audit_logon : all dot_snap_accessible_child : True dot_snap_accessible_root : True dot_snap_visible_child : False dot_snap_visible_root : True enable_security_signatures : False guest_user : nobody ignore_eas : False onefs_cpu_multiplier : 1 onefs_num_workers : 0 require_security_signatures : False server_string : Isilon Server service : True srv_cpu_multiplier : 4 srv_num_workers : 0 support_netbios : False support_smb2 : True lock_protection : 2 nfsv2_enabled : True nfsv3_enabled : True nfsv4_domain : localdomain nfsv4_enabled : False rpc_maxthreads : 16 rpc_minthreads : 16 service : True |
While this is only a simple example of retrieving data from the cluster, the possibilities are endless. When considering where we are in the transformation to cloud and automation. This type of enabling technology will be the foundation of great things to come.
Stay tuned…
Regards,
Dave