Get the VRRP-A Status via SNMP or aXAPI

kghkgh Member
Hello,

I would like to get the vrrp-a status from some ax devices running2.6.1-GR1-P2 . So I am able to
login to the active vrrp-a unit without trying to connect to both to get the active one. Is there a way to monitor the vrrp-a status ( active / standby ) via snmp or aXAPI? I did not find a snmp OID or the REST Api path for these values.

Kind regards
Klaus

Comments

  • danguijundanguijun Member
    edited February 2014
    Hi Klaus, you could use the “cli.show_info” Method through API pointing to one of the devices.

    This method process commands under EXEC mode.

    Example Response
    Request as:
    URL:
    https://192.168.100.44:443/services/rest/V2/?session_id=ff52ffff07ffff58ffff46ff4fffff&method=cli.show_info

    HTTP Action:
    POST

    Response Fields:
    Standard plain text CLI output

    Example:
    Process ‘show version’ and ‘help’ in aXAPI:

    HTTP POST Body:
    show ver
    help

    Considering you want to get the vrrp-a status of both devices, you could use on the HTTP POST Body the following command:

    show vrrp-a

    In case you want more details regarding the vrrp-a status between devices, you could use also:

    show vrrp-a detail

    Hope it helps

    Cheers,

    Danguijun
  • JackofallTradesJackofallTrades Member
    edited February 2014
    Below is a python script that will allow you to accomplish what you desire.

    #this package is for common API task import urllib from xml.dom import minidom class UrlBuilder: def __init__(self,domain, path, params): self.domain = domain self.path = path self.params = params def withPath(self,path): self.path = path return self def withParams(self,params): self.params = params return self def __str__(self): return 'https://' + self.domain + self.path + self.params # or return urlparse.urlunparse( ( "http", self.domain, self.path, self.params, "", "" ) def build(self): return self.__str__() class auth: @classmethod def sessionID(cls, host, username, password): services_path = "/services/rest/V2/" builder_auth_params = '' sid_url = UrlBuilder(host, services_path, builder_auth_params) method = 'authenticate' authparams = urllib.urlencode({ 'method': method, 'username': username, 'password': password }) sessionID = minidom.parse(urllib.urlopen(sid_url.__str__(), authparams)).getElementsByTagName('session_id')[0].childNodes[0].nodeValue return sessionID @classmethod def sessionClose(cls, host, sid): method = "method=session.close" response = req.get(host, method, sid) return response class path: @classmethod def v2(cls): return "/services/rest/V2/" @classmethod def sessionID(cls): return "?session_id=" class req: @classmethod def get(cls,host, method, sid): url = UrlBuilder(host, path.v2(), path.sessionID() + sid + "&" + method.__str__() + "&format=json") data = urllib.urlopen(url.__str__()).read() return data @classmethod def post(cls, host, method, sid, config): #print host, method, sid, config #exit() url = UrlBuilder(host, path.v2(), path.sessionID() + sid + "&" + method.__str__() + "&format=json") #body = urllib.urlencode(config) #print body data = urllib.urlopen(url.__str__(),config).read() return data class partition: @classmethod def active(cls, host, sid, name): data = req.get(host, 'method=system.partition.active&name='+name, sid) return data username = "admin" password = "a10" host = "172.21.21.254" ''' Separate request by \n ''' config = "show vrrp-a \n sh int br \n show session" sid = auth.sessionID(host, username, password) vrrpStatus = req.post(host, 'method=cli.show_info', sid, config) print vrrpStatus

    Output:
    show vrrp-a
    vrid default
    Unit State Weight Priority
    1 (Local) Active 65534 150
    vrid that is running: default
  • kghkgh Member
    edited February 2014
    Thanks for your feedback I will test it

    Kind regards
    Klaus
  • kghkgh Member
    edited February 2014
    Hello JackofallTrades,

    I tried to connect wiht your script. I am running ubunut 12.04 which is using openssl v1.0.1.

    I always get this error.
    [Errno socket error] [Errno 1] _ssl.c:504: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

    The A10 webserver is only supporting TLSv1.0 , but openssl is using tlsv1.2.
    When I connect with openssl s_client -tls1 host:port it is working

    I also tried it whit pyculr running against gnutls, with the error.
    I found no way to define in pycurl or urrlib the tls vesion 1.0 ?

    Here my pyculr part with all the options I tried.

    import pycurl
    from StringIO import StringIO

    response = StringIO()

    conn = pycurl.Curl()
    conn.setopt(pycurl.URL, url)
    conn.setopt(pycurl.VERBOSE,1)
    conn.setopt(pycurl.WRITEFUNCTION, response.write)
    conn.setopt(pycurl.SSL_VERIFYPEER, 0)
    conn.setopt(pycurl.SSL_VERIFYHOST, 0)
    conn.setopt(pycurl.SSLVERSION, pycurl.SSLVERSION_TLSv1)
    conn.setopt(pycurl.SSL_CIPHER_LIST,"NONE:+VERS-TLS1.0:+AES-128-CBC:+RSA:+SHA1:+COMP-NULL")
    #conn.setopt(pycurl.SSL_CIPHER_LIST, "+VERS-TLS1.0:!VERS-TLS1.1:!VERSTLS1.2")
    #conn.setopt(pycurl.SSLVERSION,pycurl.SSLVERSION_SSLv2)
    #conn.setopt(pycurl.SSLVERSION,pycurl.SSLVERSION_DEFAULT)
    try:
    conn.perform()
    xmlstring=response.getvalue()
    httperror=False
    except pycurl.error as error:
    httperror=str(error)
    xmlstring=False
    #
    return xmlstring,httperror

    Have you any idea how to define this ?

    Kind regards
    Klaus
  • kghkgh Member
    edited February 2014
    Here is the gnutls error message.

    * gnutls_handshake() failed: A TLS fatal alert has been received.
    * Closing connection #0
    Error Message: (35, 'gnutls_handshake() failed: A TLS fatal alert has been received.')
  • JackofallTradesJackofallTrades Member
    edited February 2014
    I will look into this and try to get something back by next week. On first look it seems that there might be a limitation in urllib to address this issue. It might have to do with the fact that th AX webserver may not know who to negotiate to a lower version of TSL.

    We will see.
  • kghkgh Member
    edited February 2014
    I found a solution that works for me :

    http://bugs.python.org/issue11220

    Kind regards
    Klaus
  • kghkgh Member
    edited February 2014
    With this definition it is working:

    self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file, ssl_version=ssl.PROTOCOL_TLSv1)
  • kghkgh Member
    edited February 2014
    Hello JackofallTrades,

    I hope you could help me again. Because of the SSL problem in ubunut version 12.04 I am trying to connect via urllib2. But the post seems not to work. It always send the sssion_id and the method.

    postdata="show version"
    request=urllib2.Request(url,postdata)
    #request
    response=urllib2.urlopen(request)
    #convert to string
    xmlstring=response.read()

    The "show audit" log show that the postdata is not transfered.
    axapi: [/services/rest/V2/] GET[session_id=831d4228fc3be3e922bfb8825ea324&method=cli.show_info] POST[session_id=831d4228fc3be3e922bfb8825ea324&method=cli.show_info]

    The documentation to urllib2 wants a tuple of data for a post.

    ------
    http://docspy2zh.readthedocs.org/en/latest/library/urllib2.html

    urllib2.urlopen(url[, data][, timeout])
    data may be a string specifying additional data to send to the server, or None if no such data is needed. Currently HTTP requests are the only ones that use data; the HTTP request will be a POST instead of a GET when the data parameter is provided. data should be a buffer in the standard application/x-www-form-urlencoded format. The urllib.urlencode() function takes a mapping or sequence of 2-tuples and returns a string in this format. urllib2 module sends HTTP/1.1 requests with Connection:close header included.

    ------

    What kind of tuple must be send to the axapi ?
    ???? = show version

    Kind regards
    Klaus
  • kghkgh Member
    edited February 2014
    Hello ,

    could some help me on this issue ?

    Kind regards
    Klaus
  • kghkgh Member
    edited February 2014
    Hello,

    I have tested now with wget and got the error message. Invalid username/password.

    ------
    <error code="2007" msg="Invalid username/password."
    ------

    show audit output is listing open a cli session
    ------
    Oct 12 2012 10:03:03 Session[1] closed
    Oct 12 2012 10:03:03 [bla01] axapi: [/services/rest/V2/] GET[session_id=05149c7afcf5566d8701f8d6b95bf8&method=cli.show_info&format=json] POST[session_id=05149c7afcf5566d8701f8d6b95bf8&method=cli.show_info&format=json]
    Oct 12 2012 10:03:03 A cli session[1] opened, username: bla01, remote host: 127.0.0.1
    ------

    Anything was running in this session.

    ------

    #sh admin session
    Id User Name Start Time Source IP Type Partition Authen Role Cfg
    ------------------------------------------------------------------------------------------------------------
    2 bla01 09:45:06 CEST Fri Oct 12 2012 1.1.1.1 WEBSERVICE Radius ReadWriteAdmin No

    ------

    I am running version
    64-bit Advanced Core OS (ACOS) version 2.6.1-GR1-P4, build 22 (Aug-14-2012,22:13)


    I have attached the debug output from wget.

    Is it a problem if I authenticate the user against a remote system ?

    Kind regards
    Klaus
  • JackofallTradesJackofallTrades Member
    edited February 2014
    Klaus,

    Sorry for the late reply. I can not reproduce the errors on my machine.

    Looking at the issue I can not reproduce that error. Below is the code I am using:

    import urllib import json from xml.dom import minidom class UrlBuilder: def __init__(self,domain, path, params): self.domain = domain self.path = path self.params = params def withPath(self,path): self.path = path return self def withParams(self,params): self.params = params return self def __str__(self): return 'http://' + self.domain + self.path + self.params # or return urlparse.urlunparse( ( "http", self.domain, self.path, self.params, "", "" ) def build(self): return self.__str__() class auth: @classmethod def sessionID(cls, host, username, password): services_path = "/services/rest/V2/" builder_auth_params = '' sid_url = UrlBuilder(host, services_path, builder_auth_params) method = 'authenticate' authparams = urllib.urlencode({ 'method': method, 'username': username, 'password': password }) sessionID = minidom.parse(urllib.urlopen(sid_url.__str__(), authparams)).getElementsByTagName('session_id')[0].childNodes[0].nodeValue return sessionID @classmethod def sessionClose(cls, host, sid): method = "method=session.close" response = req.getXML(host, method, sid) return response class path: @classmethod def v2(cls): return "/services/rest/V2/" @classmethod def v1dot1(cls): return "/services/rest/V1.1/" @classmethod def v1(cls): return "/services/rest/V1/" @classmethod def v1dot2(cls): return "/services/rest/V1.2/" @classmethod def sessionID(cls): return "?session_id=" class req: @classmethod def getJson(cls,host, method, sid): url = UrlBuilder(host, path.v2(), path.sessionID() + sid + "&" + method.__str__() + "&format=json") data = urllib.urlopen(url.__str__()).read() return data @classmethod def postJson(cls, host, method, sid, config): #print host, method, sid, config #exit() url = UrlBuilder(host, path.v2(), path.sessionID() + sid + "&" + method.__str__() + "&format=json") #body = urllib.urlencode(config) #print body data = urllib.urlopen(url.__str__(),config).read() return data @classmethod def getXML(cls,host, method, sid): url = UrlBuilder(host, path.v2(), path.sessionID() + sid + "&" + method.__str__() ) data = urllib.urlopen(url.__str__()).read() return data @classmethod def postXML(cls, host, method, sid, config): #print host, method, sid, config #exit() url = UrlBuilder(host, path.v2(), path.sessionID() + sid + "&" + method.__str__() ) #body = urllib.urlencode(config) #print bod data = urllib.urlopen(url.__str__(),config).read() return data class cli(object): @classmethod def show(cls, host, sid, command): method = "method=cli.show_info" data = req.postXML(host, method, sid, command) return data host = "172.21.21.254" username = 'admin' password = 'a10' commands = ["show version" ] sid = auth.sessionID(host, username, password) for cmds in commands: foo = cli.show(host, sid, cmds) print foo auth.sessionClose(host, sid)


    Output is:

    AX Series Advanced Traffic Manager AX2500 Copyright 2007-2012 by A10 Networks, Inc. All A10 Networks products are protected by one or more of the following US patents and patents pending: 7716378, 7675854, 7647635, 7552126, 20090049537, 20080229418, 20080040789, 20070283429, 20070271598, 20070180101 64-bit Advanced Core OS (ACOS) version 2.6.1-GR1-P4, build 22 (Aug-14-2012,22:13) Booted from Hard Disk primary image Serial Number: AX25051110280131 aFleX version: 2.0.0 aXAPI version: 2.0 Hard Disk primary image (default) version 2.6.1-GR1-P4, build 22 Hard Disk secondary image version 2.6.1, build 484 Compact Flash primary image (default) version 2.4.3-p4, build 17 Compact Flash secondary image version 2.4.3-p4, build 17 Last configuration saved at Oct-9-2012, 14:54 Hardware: 8 CPUs(Stepping 5), Single 74G Hard disk Memory 6123 Mbyte, Free Memory 1581 Mbyte Current time is Oct-15-2012, 16:53 The system has been up 0 day, 2 hours, 33 minutes AX2500#
  • kghkgh Member
    edited February 2014
    Hi JackofallTrades,

    I found the problem why it is not working in my installation.
    I have configured a enable-password in my system. If the enable-password is defined it is not
    working. If the enable-password is the default ( a return ) it is working. Could you please try it.
    # configure
    # (config)#enable-password WORD The password
    # Remove the password with
    # (config)#no enable-password

    Kind regards
    Klaus
Sign In or Register to comment.