OnCommand Storage Management Software Discussions

WFA - Add system to OCUM/DFM

Hi,

 

i'm currently building some workflows to do a complete setup for Ontap Select. Basic deployment and setup is working. But at some point i want to resue existing commands which have finders and need the new deployed system added to OCUM. How can this be done?

I tried it with:

 

um datasource add -U 'UUUUU' -P 'XXXXX' hostname

 

But then the CLI asks interactivley to accept the certificate.

 

Host xxxxxxxyou specified has identified itself with a self-signed certificate
 
          Issuing Host : XXXXXXXXXXXXX
           Validity : From Fri May 04 16:34:56 CEST 2018 To Sat May 04 16:34:56 CEST 2019
Do you want to trust this certificate? (y/n)

 

I tried some PowerShell send keys, but this was not successfull,e.g:

 

$scriptBlock = {
$wshell = New-Object -ComObject wscript.shell
um datasource add -U 'xxx' -P 'XXXX' hostname
$wshell.SendKeys('Y')
}

Invoke-Command -ComputerName ocumhost -ScriptBlock $scriptBlock

 

 

Is there a way (CLI, powershell, Rest...) to add clusters to OCUM without interaction?

We're using OCUM 7.3

13 REPLIES

Re: WFA - Add system to OCUM/DFM

Tomkai,

 

   I recall having a similar issue.  If you are usung the Invoke-NcSsh Ontap pwershell command, then I would suggest you look at the CommonParameters options.  I thikn the one you are interested in is -Confirm.  Let me know how this goes as I am also working on a workflow that needs a new volume discovered in OCUM, and then I am trying to annotate that volume.

 

 

 

Re: WFA - Add system to OCUM/DFM

@tomkai @geringer

 

Unix systems allow piping a input to a prompt. You can try below. This works in automation scripts trying a remote connection too.

 

y|um datasource add -U 'UUUUU' -P 'XXXXX' hostname

 

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: WFA - Add system to OCUM/DFM

hi,

 

Another approach would be to use -t http for the parameter in the commandline for 'um datasource add'. The downside of this is that the channel would be unencrypted.

 

um datasource add -U <username> -P <password> [ -t <protocol> ][ -p <port> ] <hostname-or-ip> ...

 

Re: WFA - Add system to OCUM/DFM

Hi,

 

There is an OCUM ZAPI named "datasource-add" which enables you to add a new datasource for connecting to a cluster and "datasource-object-discover" for cluster discovery. There is also a certified WFA command called "Refresh cluster on OnCommand Unified Manager server" written in PERL. As your coding in PowerShell you might want to download the NMSDK and use ZExplore to browse the OCUM ZAPI's in C#.

 

/Matt

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: WFA - Add system to OCUM/DFM

Hi Tom,

 

I had a quick look, i haven't had a chance to test this code yet however I think the WFA command code in PowerShell would look something like this:

 

#'------------------------------------------------------------------------------
Param(
   [Parameter(Mandatory = $True, HelpMessage = "The name or IP Address of the cluster")]
   [String]$Cluster,
   [Parameter(Mandatory = $True, HelpMessage = "The name or FQDN of the OCUM Server")]
   [String]$HostName,
   [Parameter(Mandatory=$True, HelpMessage="The username of the account used to add the cluster to OCUM")]
   [String]$AdminUserName, 
   [Parameter(Mandatory=$True, HelpMessage="The password for the account used to add the cluster to OCUM")]
   [Alias("AdminPassword_Password")]
   [String]$AdminPassword
)
#'------------------------------------------------------------------------------
#'Create a ZAPI connection to the OCUM server.
#'------------------------------------------------------------------------------
$credentials = Get-WfaCredentials $HostName
$naServer    = New-WfaZapiServer -Host $HostName -Type DFM -Credentials $credentials
#'------------------------------------------------------------------------------
If($naServer -eq -1){
   Throw "Failed creating ZAPI connection to OCUM server ""$HostName"""
}
Try{
   $naElement = New-Object NetApp.Manage.naElement("datasource-add")
   $naElement.AddNewChild("hostname-or-ip", $Cluster);
   $naElement.AddNewChild("username", $AdminUserName);
   $naElement.AddNewChild("password", $AdminPassword);
   [Xml]$output = $naServer.InvokeElem($naElement)
   Get-WFALogger -Info -Message "Added cluster ""$Cluster"" to OCUM Server ""$HostName"""
}Catch{
   Get-WFALogger -Error -Message $("Failed adding cluster ""$Cluster"" to OCUM Server ""$HostName"". Error " + $_.Exception.Message)
   Throw "Failed adding cluster ""$Cluster"" to OCUM Server ""$HostName"""
}
#'------------------------------------------------------------------------------

You would need to add the admin credentials for your OCUM server to WFA (which the command then retrieves from the cache so it can authenticate to OCUM) then attempts to invoke the "datasource-add" OCUM ZAPI. If you had standard cluster admin credentials you could also add them to the WFA crdential cache and retrive them to negate the requirement to provide them as a user input.

 

Hope this helps

 

/Matt

 

 

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: WFA - Add system to OCUM/DFM

Hi,

 

thx for all the input, i'll have a try with the OCUM ZAPI, sounds promising.

I'll post an update

Re: WFA - Add system to OCUM/DFM

Hi,

 

I had a chance to test this and got it working successfully to add your clusters as an OCUM datasource. Here is the updated code:

 

#'------------------------------------------------------------------------------
Param(
   [Parameter(Mandatory = $True, HelpMessage = "The name or IP Address of the cluster")]
   [String]$Cluster,
   [Parameter(Mandatory = $True, HelpMessage = "The name or FQDN of the OCUM Server")]
   [String]$Hostname,
   [Parameter(Mandatory=$False, HelpMessage="The username of the account used to add the cluster to OCUM")]
   [String]$AdminUserName, 
   [Alias("AdminPassword_Username")]
   [Parameter(Mandatory=$False, HelpMessage="The password for the account used to add the cluster to OCUM")]
   [Alias("AdminPassword_Password")]
   [String]$AdminPassword
)
#'------------------------------------------------------------------------------
#'Disable certificate CRL check and set TLS.
#'------------------------------------------------------------------------------
[System.Net.ServicePointManager]::CheckCertificateRevocationList = $False;
Add-Type @"
   using System;
   using System.Net;
   using System.Net.Security;
   using System.Security.Cryptography.X509Certificates;
   public class ServerCertificateValidationCallback
   {
      public static void Ignore()
      {
         ServicePointManager.ServerCertificateValidationCallback += 
         delegate
         (
            Object obj, 
            X509Certificate certificate, 
            X509Chain chain, 
            SslPolicyErrors errors
         )
      {
         return true;
      };
   }
}
"@
[ServerCertificateValidationCallback]::Ignore();
[System.Net.ServicePointManager]::SecurityProtocol = @("Tls12","Tls11","Tls","Ssl3")
#'------------------------------------------------------------------------------
#'Create a ZAPI connection to the OCUM server.
#'------------------------------------------------------------------------------
$credentials = Get-WfaCredentials $Hostname
$naServer    = New-WfaZapiServer -Host $Hostname -Type DFM -Credentials $credentials
#'------------------------------------------------------------------------------
#'Exit if the OCUM ZAPI connection failed.
#'------------------------------------------------------------------------------
If($naServer -eq -1){
   Throw "Failed creating ZAPI connection to OCUM server ""$Hostname"""
}
#'------------------------------------------------------------------------------
#'Ensure the OCUM ZAPI port defaults to 443 (if set to 8488).
#'------------------------------------------------------------------------------
If($naServer.GetType().Name -ne "NaServer"){
   Get-WFALogger -Error -Message $("The ""New-WFAZapiServer"" Function returned the object type """ + $naServer.GetType().Name + """")
   Throw "The ""New-WFAZapiServer"" Function failed"
}Else{
   Get-WFALogger -Info -Message $("Created """ + $naServer.GetType().Name + """ object")
   Get-WFALogger -Info -Message $("Port = "                          + $naServer.Port)
   Get-WFALogger -Info -Message $("ServerType = "                    + $naServer.ServerType)
   Get-WFALogger -Info -Message $("Style = "                         + $naServer.Style)
   Get-WFALogger -Info -Message $("TransportType = "                 + $naServer.TransportType)
   Get-WFALogger -Info -Message $("TimeOut = "                       + $naServer.TimeOut)
   Get-WFALogger -Info -Message $("DebugStyle = "                    + $naServer.DebugStyle)
   Get-WFALogger -Info -Message $("Snoop = "                         + $naServer.Snoop)
   Get-WFALogger -Info -Message $("ServerCertificateVerification = " + $naServer.ServerCertificateVerification)
   Get-WFALogger -Info -Message $("HostnameVerification = "          + $naServer.HostnameVerification)
   If($naServer.Port -ne 443){
      Get-WFALogger -Info -Message $("Updating port number from " + $naServer.Port + " to 443")
      $naServer.Port = 443
   }
}
#'------------------------------------------------------------------------------
#'Enumerate cluster credentials if not provided.
#'------------------------------------------------------------------------------
[Bool]$CredentialsProvided = $False
If(([String]::IsNullOrEmpty($AdminUserName)) -Or ([String]::IsNullOrEmpty($AdminPassword))){
   Get-WFALogger -Info -Message "Credentials for ""$Cluster"" were not provided. Checking WFA Credential Cache"
   Try{
      $ocumCredentials = Get-WfaCredentials $Cluster -ErrorAction Stop
   }Catch{
      Get-WFALogger -Error -Message $("Failed enumerating WFA credentials for ""$Cluster"". Error " + $_.Exception.Message)
   }
   If($ocumCredentials){
      $username = $ocumCredentials.GetNetworkCredential().Username
      $password = $ocumCredentials.GetNetworkCredential().Password
      If(([String]::IsNullOrEmpty($username)) -Or ([String]::IsNullOrEmpty($password))){
         Throw "The WFA Crednentials for ""$Cluster"" are invalid"
      }
   }Else{
      Throw "Failed enumerating WFA credentials for ""$Cluster"""
   }
}Else{
   [Bool]$CredentialsProvided = $True
}
#'------------------------------------------------------------------------------
#'Add the cluster to OCUM.
#'------------------------------------------------------------------------------
Get-WFALogger -Info -Message "Adding cluster ""$Cluster"" to OCUM Server ""$HostName"""
Try{
   $naElement = New-Object NetApp.Manage.naElement("datasource-add")
   $naElement.AddNewChild("hostname-or-ip", $Cluster);
   If($CredentialsProvided){
      $naElement.AddNewChild("username", $AdminUserName);
      $naElement.AddNewChild("password", $AdminPassword);
   }Else{
      $naElement.AddNewChild("username", $username);
      $naElement.AddNewChild("password", $password);
   }
   $results = $NaServer.InvokeElem($naElement)
   Get-WFALogger -Info -Message "Added cluster ""$Cluster"" to OCUM Server ""$HostName"""
}Catch{
   Get-WFALogger -Error -Message $("Failed adding cluster ""$Cluster"" to OCUM Server ""$HostName"". Error " + $_.Exception.Message)
   Throw "Failed adding cluster ""$Cluster"" to OCUM Server ""$HostName"""
}
#'------------------------------------------------------------------------------

Hope that helps

 

/Matt

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: WFA - Add system to OCUM/DFM

Hi Matt,

 

thx for this code. Works fine. I had nearly the same, but got stuck most propably with that certificate stuff. Now it works and i'm able to add the system to OCUM at the end of the workflow.

Do you also have an idea how can i find out if the cluster is added completly (not in discovery phase anymore)?

I tried someting with

<?xml version="1.0" encoding="UTF-8"?>
<netapp  xmlns="http://www.netapp.com/filer/admin" version="1.0">
  <cluster-iter>
    <max-records></max-records>
    <resource-filter><cluster-name>name</cluster-name></resource-filter>
    <tag></tag>
  </cluster-iter>
</netapp>

But this wont work.

 

Thankx anyway

Re: WFA - Add system to OCUM/DFM

@mbeattie @tomkai

 

$naElement = New-Object NetApp.Manage.naElement("datasource-add")

IIRC this API is not officially supported  API. Is it now?

 

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Forums