-
Notifications
You must be signed in to change notification settings - Fork 2
Home
This is the GoLang API wrapper for Brocade Virtual Traffic Manager (vTM).
This wrapper uses the REST API interface provided by the vTM, currently version 3.8.
There is also command line interface which can be built by running make
in the root of this repo.
Resource | Create | Read | Update | Delete |
---|---|---|---|---|
Location | Y | Y | Y | Y |
Monitor [1] | Y | Y | Y | Y |
Pool | Y | Y | Y | Y |
SSL Server Key | Y | Y | Y | Y |
Traffic IP Group | Y | Y | Y | Y |
Virtual Server | Y | Y | Y | Y |
Rule | Y | Y | Y | Y |
User Group | Y | Y | Y | Y |
[1] : Currently only HTTP monitoring is supported
import(
"github.com/sky-uk/go-brocade-vtm"
)
In order to get a client object authentication credentials needs to be provided. The REST API transport protocol is by default HTTPS and hence SSL encryption is used by default. Certificate handling behaviour can be controlled via the ignoreSSL flag. More information about the client and the Base API may be found here https://github.com/sky-uk/go-rest-api.
In order to work with locations, import the location package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/location"
)
api := location.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
locations := api.ResponseObject().(*location.Locations)
api := location.NewGet( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
location := api.ResponseObject().(*location.Location)
newLocation := location.Location{
...
}
api := location.NewCreate( name, newLocation )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
createdLocation := api.ResponseObject().(*location.Location)
updateLocation := location.Location{
...
}
api := location.NewUpdate( name, updateLocation )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
updatedLocation := api.ResponseObject().(*location.Location)
api := location.NewDelete( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Location %s deleted", name)
}
In order to work with monitors, import the monitor package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/monitor"
)
api := monitor.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
monitors := api.ResponseObject().(*monitor.MonitorsList)
api := monitor.NewGet( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
monitor := api.ResponseObject().(*monitor.Monitor)
newMonitor := monitor.Monitor{
...
}
api := monitor.NewCreate( name, newMonitor )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
monCreated := api.ResponseObject().(*monitor.Monitor)
updateMonitor := monitor.Monitor{
...
}
api := monitor.NewUpdate( name, updateMonitor )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
monUpdated := api.ResponseObject().(*monitor.Monitor)
api := monitor.NewDelete( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Monitor %s deleted", name)
}
In order to work with pools, import the pool package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/pool"
)
api := monitor.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
pools := api.ResponseObject().(*pool.LBPoolList)
api := monitor.NewGet(name)
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
pool := api.ResponseObject().(*pool.Pool)
newPool := pool.Pool{
...
}
api := pool.NewCreate( name, newPool )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
poolCreated := api..ResponseObject().(*pool.Pool)
updatePool := pool.Pool{
...
}
api := pool.NewUpdate( name, updatePool )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
poolUpdated := api.ResponseObject().(*pool.Pool)
api := pool.NewDelete( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Pool %s deleted", name)
}
In order to work with server keys, import the pool package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/sslServerKey"
)
api := monitor.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
keys := api.ResponseObject().(*sslServerKey.SSLServerKeysList)
api := sslServerKey.NewGet(name)
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
key := api.ResponseObject().(*sslServerKey.SSLServerKey)
newKey := sslServerKey.SSLServerKey{
...
}
api := sslServerKey.NewCreate( name, newKey )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
keyCreated := api.ResponseObject().(*sslServerKey.SSLServerKey)
updateKey := sslServerKey.SSLServerKey{
...
}
api := sslServerKey.NewUpdate( name, updateKey )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
keyUpdated := api.ResponseObject().(*sslServerKey.SSLServerKey)
api := sslServerKey.NewDelete( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Server key %s deleted", name)
}
In order to work with traffic IP groups, import the traffic IP package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/trafficIpGroups"
)
// to get the list of all traffic managers
api := trafficIpGroups.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
trafficIPGroups := api.ResponseObject().(*trafficIpGroups.TrafficIPGroupList)
api := trafficIpGroups.NewGet(name)
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
trafficIPGroup := api.ResponseObject().(*trafficIpGroups.TrafficIPGroup)
newTipg := trafficIpGroups.TrafficIPGroup{
...
}
api := trafficIpGroups.NewCreate( name, newTipg )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
tipgCreated := api.ResponseObject().(*trafficIpGroups.TrafficIPGroup)
updateTipg := trafficIpGroups.TrafficIPGroup{
...
}
api := trafficIpGroups.NewUpdate( name, updateTipg )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
tipgUpdated := api.ResponseObject().(*trafficIpGroups.TrafficIPGroup)
api := trafficIpGroups.NewDelete( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Traffic IP group %s deleted", name)
}
Traffic IP Group Managers are only used by Traffic IP Group to retrieve a list of Traffic Mangers when creating a Traffic IP Group.
In order to work with Traffic IP Group Managers, import the Traffic IP Group package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/traffic_ip_group_managers"
)
api := trafficIpGroupManager.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
trafficIPGroupManagers := api.ResponseObject().(*trafficIpGroupManager.TrafficManagerChildren)
In order to work with virtual servers, import the virtual server package section:
import (
"github.com/sky-uk/go-brocade-vtm/api/virtualserver"
)
api := virtualserver.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
virtualServer := api.ResponseObject().(*virtualserver.VirtualServersList)
api := virtualserver.NewGet(name)
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
virtualServer := api.ResponseObject().(*virtualserver.VirtualServer)
newVS := virtualserver.VirtualServer{
...
}
api := virtualserver.NewCreate( name, newVS )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
vsCreated := api.ResponseObject().(*virtualserver.VirtualServer)
updateVS := virtualserver.VirtualServer{
...
}
api := virtualserver.NewUpdate( name, updateVS )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
vsUpdated := api.ResponseObject().(*virtualserver.VirtualServer)
api := virtualserver.NewDelete( name )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Virtual server %s deleted", name)
}
In order to work with rules, import the rule package section:
```
import (
"github.com/sky-uk/go-brocade-vtm/api/rule"
)
```
api := rule.NewGetAll()
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
rules := api.ResponseObject().(*rule.Rules)
api := rule.NewGet(name)
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
// Returns the traffic script as a string
trafficScript := api.ResponseObject().(*[]byte)
ruleName := "my-rule"
trafficScript := []byte(`
if( string.ipmaskmatch( request.getremoteip(), "192.168.123.10" ) ){
connection.discard();
}`)
api := rule.NewCreate( ruleName, trafficScript )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
ruleName := "my-rule"
updatedTrafficScript := []byte(`
if( string.ipmaskmatch( request.getremoteip(), "192.168.123.10" ) ){
connection.discard();
}`)
api := rule.NewUpdate( ruleName, updatedTrafficScript )
err := client.Do(api)
if err != nil {
log.Fatal(err)
}
nameRuleToDelete := "my-rule"
api := rule.NewDelete( nameRuleToDelete )
err := client.Do(api)
if err != nil {
log.Fatal(err)
} else {
log.Printf("Rule %s deleted", nameRuleToDelete)
}
Run make
in the root of the repository to build the go-brocade-vtm-cli
binary. Once built the binary may be found in the root of the repository.
Set the following shell environment variables to allow the cli to make changes to a Brocade vTM. Note that the cli automatically prefixes the value of BROCADEVTM_SERVER with https://.
$ export BROCADEVTM_USERNAME=admin
$ export BROCADEVTM_PASSWORD=myPassword
$ export BROCADEVTM_SERVER=my-brocade-vtm.example.com:9070
Help for commands
$ ./go-brocade-vtm-cli -h
Help for a sub-command E.g.
$ ./go-brocade-vtm-cli virtual-server-create -h
Location is currently unavailable via the CLI. The following documentation will be for location once it is available in the CLI.
The following attributes may be specified when creating or updating a location:
- id (Optional, Default: none, the location identifier)
- latitude (Optional, Default: 0.0, the latitude of the location)
- longitude (Optional, Default: 0.0, the longitude of the location)
- name (Required, Default: none, the name of the location)
- note (Optional, Default: none, optional note for the location)
- type (Optional, Default: config, can be either config or glb)
$ ./go-brocade-vtm-cli location-create -name example-location -latitude 51.5 -longitude -0.13 -node my-location -type glb
Show all locations and their associated endpoint
$ ./go-brocade-vtm-cli location-show-all
Show a location and it's attributes
$ ./go-brocade-vtm-cli location-show -name example-location
$ ./go-brocade-vtm-cli location-create -name example-location -latitude 31.5 -longitude -10.13 -node my-new-location -type glb
$ ./go-brocade-vtm-cli location-delete -name example-location
Monitor is partially implemented. The following attributes may be specified when creating or updating a monitor:
- authentication (Optional, Default: none, basic-auth string used to authenticate when testing a service)
- delay (Optional, Default: 3, minimum seconds between calls to an endpoint)
- failures (Optional, Default: 3, number of consecutive failed calls to an endpoint)
- http-body-regex (Optional, Default: none, regular expression patter to match in the response body)
- http-host-header (Optional, Default: none, host header sent in test request)
- http-path (Optional, Default: '/', the endpoint to call)
- name (Required, Default: none, name of the monitor)
- timeout (Optional, Default: 3, maximum runtime of a call to an endpoint)
- type (Optional, Default: http, type of monitor to use when calling an endpoint)
- use-ssl (Optional, Default: false, whether the monitor should use SSL when calling the endpoint)
- verbose (Optional, Default: false, whether the monitor should emit verbose logging)
$ ./go-brocade-vtm-cli monitor-create -name example-monitor -delay 10 -failures 2 -http-path /health-check -timeout 2 -verbose -type http
Show all monitors and their associated endpoint
$ ./go-brocade-vtm-cli monitor-show-all
Show a monitor and it's attributes
$ ./go-brocade-vtm-cli monitor-show -name example-monitor
Note: if an attribute isn't specified on the command line it will revert to it's default. See above for defaults.
$ ./go-brocade-vtm-cli monitor-update -name example-monitor -delay 10 -failures 2 -http-path /my-app/health-check -timeout 2 -verbose -type http
$ ./go-brocade-vtm-cli monitor-delete -name example-monitor
Pool is partially implemented. The following attributes may be specified when creating or updating a pool:
- name (Required, Default: none, name of the pool)
- nodes (Optional, Default: none, comma separated list of nodes and their ports. E.g. node01.example.com:80,node02.example.com:80....)
- priority (Optional, Default: 10, priority assigned to all nodes)
- state (Optional, Default: active, whether a node is active in the pool or not. Applies to all nodes in the pool)
- weight (Optional, Default: 1, weighting assigned to a node in the pool. Applies equally to all nodes)
$ ./go-brocade-vtm-cli pool-create -name example-pool -nodes node01.example.com:80,node02.example.com:80
Show a list of pools and their associated HRef
$ ./go-brocade-vtm-cli pool-show-all
Show the attributes for a pool
$ ./go-brocade-vtm-cli pool-show -name example-pool
Note: if an attribute isn't specified on the command line it will revert to it's default. See above for defaults.
$ ./go-brocade-vtm-cli pool-update -name example-pool -nodes node01.example.com:80,node02.example.com:80,node03.example.com:80 -state draining
$ ./go-brocade-vtm-cli pool-delete -name example-pool
Before creating a rule a Brocade vTM Traffic Script needs to be created in a file on the local machine.
if( http.responseHeaderExists( "Keep-Alive" ) == 0) {
http.removeResponseHeader( "Keep-Alive" );
}
To create a rule ensure the traffic script is in the file /path/to/traffic_script.
$ ./go-brocade-vtm-cli rule-create -name example-rule -script /path/to/traffic_script
To list all rules and their associated HRef.
$ ./go-brocade-vtm-cli rule-show-all
To show a rule called 'example-rule'.
$ ./go-brocade-vtm-cli rule-show -name example-rule
To update a rule called 'example-rule' with the traffic script (file) /path/to/updated_traffic_script.
$ ./go-brocade-vtm-cli rule-update -name example-rule -script /path/to/updated_traffic_script
To delete a rule
$ ./go-brocade-vtm-cli rule-delete -name example-rule
Before adding a SSL Server Key to the Brocade vTM create the private key (RSA), certificate and CSR. The following assumes an appropriate OpenSSL configuration exists. The values given are just for example and not recommendations.
Create CSR and private key
$ openssl req -new -newkey rsa:4096 -nodes -keyout example.com.key -out example.com.csr -subj "/CN=example.com" -config open_ssl.cnf
Generate certificate
$ openssl req -x509 -sha256 -days 365 -key example.com.key -in example.com.csr -out example.com.crt
The following attributes are implemented for SSL Server Keys:
- name (Required, Default: none, the name of the SSL Server Key)
- note (Optional, Default: none, a note assigned to the SSL Server Key)
- certificate-file (Optional, Default: none, the path to a valid certificate file)
- csr-file (Optional, Default: none, the path to a valid CSR file)
- private-key-file (Optional, Default: none, the path to a valid private key file)
$ ./go-brocade-vtm-cli ssl-server-key-create -name example-ssl-key -note example.com -certificate-file /path/to/example.com.crt -csr-file /path/to/example.com.csr -private-key-file /path/to/example.com.key
Show a list of SSL Server Keys and their associated HRef
$ ./go-brocade-vtm-cli ssl-server-key-show-all
Show a SSL Server Key (doesn't include the private key)
$ ./go-brocade-vtm-cli ssh-server-key-show -name example-ssl-key
$ ./go-brocade-vtm-cli ssl-server-key-update -name example-ssl-key -note another-example.com -certificate-file /path/to/another-example.com.crt -csr-file /path/to/another-example.com.csr -private-key-file /path/to/another-example.com.key
$ ./go-brocade-vtm-cli ssl-server-key-delete -name example-ssl-key
The following attributes are implemented in Traffic IP Groups:
- enabled (Optional, Default: false, whether a Traffic IP Group is enabled or not)
- hash-source-port (Optional, Default: false, whether or not the source port should be taken into account when deciding which Traffic Manager should handle the request)
- listen-ip-address (Optional, Default: none, the IP address to raise on the Traffic Managers)
- mode (Optional, Default: none(CLI), should be one of singlehosted, ec2elastic, ec2vpcelastic, ec2vpcprivate, multihosted, rhi)
- multicast-ip (Optional, Default: none, a valid multicast IP when using mulitcast)
$ ./go-brocade-vtm-cli traffic-ip-group-create -name www.example.com -enabled -listen-ip-address 10.120.1.45 -mode singlehosted
Show all Traffic IP Groups and their associated HRef
$ ./go-brocade-vtm-cli traffic-ip-group-show-all
Show a Traffic IP Group and it's attributes
$ ./go-brocade-vtm-cli traffic-ip-group-show -name www.example.com
Note: if an attribute isn't specified on the command line it will revert to it's default. See above for defaults.
$ ./go-brocade-vtm-cli traffic-ip-group-update -name www.example.com -enabled -listen-ip-address 10.120.1.46 -mode singlehosted -hash-source-port
$ ./go-brocade-vtm-cli traffic-ip-group-delete -name www.example.com
*Note: Traffic IP Groups uses Traffic IP Group Managers to obtain a list of Traffic Managers. Traffic IP Group Managers isn't for direct use.
The following Virtual Server attributes have been implemented:
- name (Required, Default: none, the name of the virtual server)
- connection-timeout (Optional, Default: 40, time in seconds to wait for data from a new connection)
- enabled (Optional, Default: false, whether the virtual server is enabled or not)
- keepalive (Optional, Default: false, whether keepalive should be used with remote clients)
- keepalive-timeout (Optional, Default: 10, number of seconds an idle connection is kept alive)
- listen-on-any (Optional, Default: false, whether to listen on all IP addresses)
- listen-traffic-ip-group (Optional, Default: none, FQDN of the Traffic IP Group to listen on)
- pool (Optional, Default: none, name of the pool to associate with the virtual server)
- port (Optional, Default: 80, port to listen on)
- protocol (Optional, Default: none, can be one of client_first, dns, dns_tcp, ftp, http, https, imaps, imapv2, imapv3, imapv4, ldap, ldaps, pop3, pop3s, rtsp, server_first, siptcp, sipudp, smtp, ssl, stream, telnet, udp or udpstreaming)
$ ./go-brocade-vtm-cli virtual-server-create -name www.example.com -enabled -keepalive -keepalive-timeout 60 -listen-traffic-ip-group www.example.com -pool example-pool -port 80 -protocol http
Show all Virtual Servers and their associated HRef
$ ./go-brocade-vtm-cli virtual-server-show-all
Show a Virtual Server and it's attributes
$ ./go-brocade-vtm-cli virtual-server-show -name www.example.com
Note: if an attribute isn't specified on the command line it will revert to it's default. See above for defaults.
$ ./go-brocade-vtm-cli virtual-server-update -name www.example.com -enabled -keepalive -keepalive-timeout 90 -listen-traffic-ip-group www.example.com -pool example-pool -port 80 -protocol http
$ ./go-brocade-vtm-cli virtual-server-delete -name www.example.com