Effective December 3, NetApp adopts Microsoft’s Business-to-Customer (B2C) identity management to simplify and provide secure access to NetApp resources.
For accounts that did not pre-register (prior to Dec 3), access to your NetApp data may take up to 1 hour as your legacy NSS ID is synchronized to the new B2C identity.
To learn more, read the FAQ and watch the video.
Need assistance? Complete this form and select “Registration Issue” as the Feedback Category.

Active IQ Unified Manager Discussions

Example WFA Workflows

John_Blackwell

Hello Everyone,

 

I am new ish to WFA and am trying to setup some workflows however all the ones I have as examples are Create not edit worklows, I am looking to do some workflows like Resize a Volume and create a new rule in an existing export policy, dont suppose anyone has anything similar I could have a look at to get an idea of how looking up exsiting values work opposed to all these create worklows I have?

 

Got some NetApp PS coming in to have a go just trying to get a jump start on it

 

Cheers

 

John

1 REPLY 1

mbeattie

Hi John,

 

There are default "certified" WFA commands in the "cm_storage" schema for creating export polices and rules. These are:

 

  • Create export policy
  • Create export rule

 

I posted some code which might be useful for you to delete export policy rules here:

 

http://community.netapp.com/t5/OnCommand-Storage-Management-Software-Discussions/OnCommand-WFA-Workflow-to-update-or-delete-export-rule-cdot/td-p/1256...

 

If you want to modify the WFA command for creating an export rule to specify additional input parameters then following code might be useful for you.

 

 

Param(
   [Parameter(Mandatory=$True, HelpMessage="The Cluster name or IP address")]
   [String]$Cluster,
   [Parameter(Mandatory=$True, HelpMessage="The Export policy name")]
   [String]$PolicyName,
   [Parameter(Mandatory=$True, HelpMessage="The Client match")]
   [String]$ClientMatch,
   [Parameter(Mandatory=$True, HelpMessage="The Vserver name")]
   [String]$VserverName, 
   [Parameter(Mandatory=$False, HelpMessage="The Rule index")]
   [Int]$RuleIndex,
   [Parameter(Mandatory=$True, HelpMessage="The Read only security flavor")]
   [String]$RoRule,
   [Parameter(Mandatory=$True, HelpMessage="The Read write security flavor")]
   [String]$RwRule, 
   [Parameter(Mandatory=$False, HelpMessage="The Protocols")]
   [String]$Protocol, 
   [Parameter(Mandatory=$False, HelpMessage="The Super user sec flavor")]
   [String]$Superuser,
   [Parameter(Mandatory=$False, HelpMessage="The User name or ID to which anonymous users are mapped")]
   [String]$AnonymousUserId,
   [Parameter(Mandatory=$False, HelpMessage="If specified, the NFS server will honor SetUID bits in SETATTR operation")]
   [Bool]$EnableSetUid,
   [Parameter(Mandatory=$False, HelpMessage="If specified, the NFS server will not allow creation of devices")]
   [Bool]$DisableSetUid,
   [Parameter(Mandatory=$False, HelpMessage="If specified, the NFS server will allow creation of devices")]
   [Bool]$EnableDev,
   [Parameter(Mandatory=$False, HelpMessage="If specified, the NFS server will not allow creation of devices")]
   [Bool]$DisableDev,
   [Parameter(Mandatory=$False, HelpMessage="Ignore or Fail unix security operations on NTFS volumes. Possible values are 'ignore', 'fail'. Default value is 'fail'")]
   [ValidateSet("ignore","fail")]
   [String]$NtfsUnixSecurityOps,  
   [Parameter(Mandatory=$False, HelpMessage="Change ownership mode. Possible values are 'restricted', 'unrestricted'. Default value is 'restricted'")]
   [ValidateSet("restricted","unrestricted")]
   [String]$ChownMode,
   [Parameter(Mandatory=$False, HelpMessage="The maximum number of ZAPI retry attempts")]
   [Int]$ZapiRetryCount
)
#'------------------------------------------------------------------------------
#'Ensure the input parameters are valid.
#'------------------------------------------------------------------------------
If($EnableSetUid -And $DisableSetUid){
   Throw "The input parameters ""EnableSetUid"" and ""DisableSetUid"" are both provided. Please provide either parameter, not both parameters"
}
If($EnableDev -And $DisableDev){
   Throw "The input parameters ""EnableDev"" and ""DisableDev"" are both provided. Please provide either parameter, not both parameters"
}
#'------------------------------------------------------------------------------
#'Connect to the cluster.
#'------------------------------------------------------------------------------
Connect-WFACluster $Cluster
#'------------------------------------------------------------------------------
#'Ensure the export policy exists.
#'------------------------------------------------------------------------------
[String]$command = "Get-NcExportPolicy -VserverContext $VserverName -Name $PolicyName "
If($ZapiRetryCount){
   [String]$command += "-ZapiRetryCount $ZapiRetryCount "
}
[String]$command += "-ErrorAction Stop"
Try{
   $policy = Invoke-Expression -Command $command -ErrorAction Stop
   Get-WFALogger -Info -Message "Executed Command`: $command"
   Get-WFALogger -Info -Message "Enumerated Export Policy ""$PolicyName"" on vserver ""$VserverName"""
}Catch{
   Get-WFALogger -Error -Message $("Failed Executing Command`: $command. Error " + $_.Exception.Message)
   Throw "Failed enumerating Export Policy ""$PolicyName"" on vserver ""$VserverName"""
}
#'------------------------------------------------------------------------------ 
#'Ensure the policy is created if it doesn't exist.
#'------------------------------------------------------------------------------
If(-Not($policy)){
   Get-WFALogger -Info -Message "Creating Export Policy ""$PolicyName"" on vserver ""$VserverName"""
   [String]$command = "New-NcExportPolicy -Name $PolicyName -VserverContext $VserverName "
   If($ZapiRetryCount){
      [String]$command += "-ZapiRetryCount $ZapiRetryCount "
   }
   [String]$command += "-ErrorAction Stop"
   Try{
      Invoke-Expression -Command $command -ErrorAction Stop
      Get-WFALogger -Info -Message "Executed Command`: $command"
      Get-WFALogger -Info -Message "Created Export Policy ""$PolicyName"" on vserver ""$VserverName"""
   }Catch{
      Get-WFALogger -Error -Message $("Failed Executing Command`: $command. Error " + $_.Exception.Message)
      Throw "Failed creating Export Policy ""$PolicyName"" on vserver ""$VserverName"""
   }
}
#'------------------------------------------------------------------------------
#'Enumerate the export policy rules to check if a rule for the client already exists.
#'------------------------------------------------------------------------------
If($policy){
   $query = Get-NcExportRule -Template
   $query.ClientMatch = $ClientMatch
   $query.PolicyName  = $PolicyName
   $query.Vserver     = $VserverName
   $query.RoRule      = $RoRule
   $query.RwRule      = $RwRule
   If($Protocol){
      $query.Protocol = $Protocol
   }
   Try{
      $exportRules = Get-NcExportRule -Query $query -ErrorAction Stop
   }Catch{
      Get-WFALogger -Error -Message $("Failed enumerating export policy rules for policy ""$PolicyName"" on vserver ""$VserverName"". Error " + $_.Exception.Message)
      Throw "Failed enumerating export policy rules for policy ""$PolicyName"" on vserver ""$VserverName"""
   }
}
#'------------------------------------------------------------------------------
#'Exit if the export policy rule already exists.
#'------------------------------------------------------------------------------
If($exportRules){
   Get-WFALogger -Info -Message "The client ""$ClientMatch"" is already exported in policy ""$PolicyName"" on vserver ""$VserverName"""
   Exit 0
}Else{
   Get-WFALogger -Info -Message "Creating export policy rule for client ""$ClientMatch"" in policy ""$PolicyName"" on vserver ""$VserverName"""
}
#'------------------------------------------------------------------------------ 
#'Set the command to create the export policy rule for the client.
#'------------------------------------------------------------------------------
[String]$command = "New-NcExportRule -Policy '$PolicyName' -ClientMatch '$ClientMatch' -ReadOnlySecurityFlavor $RoRule -ReadWriteSecurityFlavor $RwRule -VserverContext $VserverName "
If($RuleIndex){
   [String]$command += "-Index $RuleIndex "
}
If($Protocol){
   [String]$command += "-Protocol $Protocol "
}
If($Superuser){
   [String]$command += "-SuperUserSecurityFlavor $Superuser "
}
If($AnonymousUserId){
   [String]$command += "-Anon $AnonymousUserId "
}
If($EnableSetUid){
   [String]$command += "-EnableSetUid "
}
If($DisableSetUid){
   [String]$command += "-DisableSetUid "
}
If($EnableDev){
   [String]$command += "-EnableDev "
}
If($DisableDev){
   [String]$command += "-DisableDev "
}
If($NtfsUnixSecurityOps){
   [String]$command += "-NtfsUnixSecurityOps $NtfsUnixSecurityOps "
}
If($ChownMode){
   [String]$command += "-ChownMode $ChownMode "
}
If($ZapiRetryCount){
   [String]$command += "-ZapiRetryCount $ZapiRetryCount "
}
[String]$command += "-ErrorAction Stop"
#'------------------------------------------------------------------------------
#'Create the export policy rule for the client.
#'------------------------------------------------------------------------------
Try{
   Invoke-Expression -Command $command -ErrorAction Stop
   Get-WFALogger -Info -Message "Executed Command`: $command"
   Get-WFALogger -Info -Message "Created policy rule in export policy ""$PolicyName"" on vserver ""$VserverName"""
}Catch{
   Get-WFALogger -Error -Message $("Failed Executing Command`: $command. Error " + $_.Exception.Message)
   Throw "Failed creating policy rule in export policy ""$PolicyName"" on vserver ""$VserverName"""
}
#'------------------------------------------------------------------------------

/Matt

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public