[prev in list] [next in list] [prev in thread] [next in thread]
List: toasters
Subject: RE: NetApp API authentication
From: "Payne, Richard" <richard.payne () amd ! com>
Date: 2016-03-01 13:46:33
Message-ID: DM2PR12MB0555F9122B0BCD43AC268AF5F7BB0 () DM2PR12MB0555 ! namprd12 ! prod ! outlook ! com
[Download RAW message or body]
Here are the directions I used:
https://community.netapp.com/t5/Software-Development-Kit-SDK-and-API-Discus=
sions/Using-5-1-NM-SDK-with-Certificate-based-authentication-against-cluste=
r-mode-8-2/m-p/7714/highlight/true#M76
It says 5.1 and 8.2 but I've used it with SDK up to 5.4 and Cmode up to 8.3=
.1.
--rdp
From: Weber, Mark A [mailto:mark-a-weber@uiowa.edu]
Sent: Monday, February 29, 2016 7:04 PM
To: bparent@ucsd.edu; Payne, Richard
Cc: toasters@teaparty.net
Subject: Re: NetApp API authentication
If I remember correctly, the harvest docs walk through setting it up
mark
------ Original message------
From: Brian Parent
Date: Mon, Feb 29, 2016 5:46 PM
To: Payne, Richard;
Cc: toasters@teaparty.net<mailto:toasters@teaparty.net>;
Subject:Re: NetApp API authentication
Is there a handy cook book on how to set up certificate based authenticatio=
n
on CDOT 8.x, specifically for use with the SDK APIs?
I'm looking at the help doc for Session Managemet APIs for Perl,
(in netapp-manageability-sdk-5.4P1/doc/WebHelp/index.htm), but
it doesn't explain the steps sufficiently for me.
Re:
> From: "Payne, Richard" <richard.payne@amd.com<mailto:richard.payne@amd.co=
m>>
> Date: Wed, 18 Mar 2015 15:40:47 +0000
> Subject: RE: NetApp API authentication
> To: Edward Rolison <ed.rolison@gmail.com<mailto:ed.rolison@gmail.com>>, "=
toasters@teaparty.net<mailto:toasters@teaparty.net>"
> <toasters@teaparty.net<mailto:toasters@teaparty.net>>
>
> 7mode or Cmode?
>
> For 7Mode I've used, hosts_equiv authentication (which arguably could be =
better/worse than username/password).
>
> For Cmode I've setup certificate based authentication.
>
> I make use of the Perl APIs, but started with them and never looked at ju=
st using LWP & XML Parser so I can't comment on that part.
>
> --rdp
>
> From: toasters-bounces@teaparty.net<mailto:toasters-bounces@teaparty.net>=
[mailto:toasters-bounces@teaparty.net] On Behalf Of Edward Rolison
> Sent: Wednesday, March 18, 2015 11:34 AM
> To: toasters@teaparty.net<mailto:toasters@teaparty.net>
> Subject: NetApp API authentication
>
> Having started to review some of our filer automation scripts, I'm starti=
ng to look in a bit more detail at the API.
>
> My first conclusion is - the perl SDK doesn't actually seem to do anythin=
g much - it seems to be a reimplementation of LWP and and XML Parser.
>
> Given I have LWP and XML::Twig installed, and am making API calls just fi=
ne, is there anything I'm missing here?
>
> Aside from that though - authentication types.
>
> I currently use ssh public-private key pairs, in a trusted account on a m=
anagement station to enable 'doing stuff' with filers. It _looks_ like my o=
nly option with the API is to create a designated service account, and assi=
gn permissions... and then embed a username and password in a script somewh=
ere.
> That just doesn't sit well with me - I like what ssh-agent will do in 'un=
locking' key files, and I don't like embedding (potentially privileged) use=
rnames and passwords ... anywhere.
>
> Does anyone have a better solution than a couple of designated API users =
(privileged and read only) with a file somewhere embedding their username a=
nd password?
>
> Does anyone have a better approach?
> _______________________________________________
> Toasters mailing list
> Toasters@teaparty.net<mailto:Toasters@teaparty.net>
> http://www.teaparty.net/mailman/listinfo/toasters
--
Brian Parent
Information Technology Services Department
IT Infrastructure Operations Group
Computing Infrastructure Team
UC San Diego
(858) 534-6090
_______________________________________________
Toasters mailing list
Toasters@teaparty.net<mailto:Toasters@teaparty.net>
http://www.teaparty.net/mailman/listinfo/toasters
[Attachment #3 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40"> <head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Balloon Text Char";
margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
p.emailquote, li.emailquote, div.emailquote
{mso-style-name:emailquote;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:1.0pt;
border:none;
padding:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.xemailquote, li.xemailquote, div.xemailquote
{mso-style-name:x_emailquote;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:1.0pt;
border:none;
padding:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.BalloonTextChar
{mso-style-name:"Balloon Text Char";
mso-style-priority:99;
mso-style-link:"Balloon Text";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Here \
are the directions I used:<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><a \
href="https://community.netapp.com/t5/Software-Development-Kit-SDK-and-API-Discussions \
/Using-5-1-NM-SDK-with-Certificate-based-authentication-against-cluster-mode-8-2/m-p/7 \
714/highlight/true#M76">https://community.netapp.com/t5/Software-Development-Kit-SDK-a \
nd-API-Discussions/Using-5-1-NM-SDK-with-Certificate-based-authentication-against-cluster-mode-8-2/m-p/7714/highlight/true#M76</a><o:p></o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">It \
says 5.1 and 8.2 but I’ve used it with SDK up to 5.4 and Cmode up to \
8.3.1.<o:p></o:p></span></p> <p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">--rdp<o:p></o:p></span></p>
<p class="MsoNormal"><span \
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span \
style="font-size:10.0pt;font-family:"Tahoma","sans-serif"">From:</span></b><span \
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""> \
Weber, Mark A [mailto:mark-a-weber@uiowa.edu] <br>
<b>Sent:</b> Monday, February 29, 2016 7:04 PM<br>
<b>To:</b> bparent@ucsd.edu; Payne, Richard<br>
<b>Cc:</b> toasters@teaparty.net<br>
<b>Subject:</b> Re: NetApp API authentication<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p style="margin:0in;margin-bottom:.0001pt"><span style="font-size:10.0pt">If I \
remember correctly, the harvest docs walk through setting it \
up <o:p></o:p></span></p> <p style="margin:0in;margin-bottom:.0001pt"><span \
style="font-size:10.0pt"><o:p> </o:p></span></p> <p \
style="margin:0in;margin-bottom:.0001pt"><span \
style="font-size:10.0pt">mark<o:p></o:p></span></p> <p \
style="margin:0in;margin-bottom:.0001pt"><span \
style="font-size:10.0pt"><o:p> </o:p></span></p> </div>
<div>
<p style="margin:0in;margin-bottom:.0001pt"><span \
style="font-size:10.0pt"><o:p> </o:p></span></p> <p \
style="margin:0in;margin-bottom:.0001pt"><span style="font-size:10.0pt">------ \
Original message------<o:p></o:p></span></p> <p \
style="margin:0in;margin-bottom:.0001pt"><b><span style="font-size:10.0pt">From: \
</span></b><span style="font-size:10.0pt">Brian Parent<o:p></o:p></span></p> <p \
style="margin:0in;margin-bottom:.0001pt"><b><span style="font-size:10.0pt">Date: \
</span></b><span style="font-size:10.0pt">Mon, Feb 29, 2016 5:46 \
PM<o:p></o:p></span></p> <p style="margin:0in;margin-bottom:.0001pt"><b><span \
style="font-size:10.0pt">To: </span></b><span style="font-size:10.0pt">Payne, \
Richard;<o:p></o:p></span></p> <p style="margin:0in;margin-bottom:.0001pt"><b><span \
style="font-size:10.0pt">Cc: </span></b><span style="font-size:10.0pt"><a \
href="mailto:toasters@teaparty.net">toasters@teaparty.net</a>;<o:p></o:p></span></p> \
<p style="margin:0in;margin-bottom:.0001pt"><b><span \
style="font-size:10.0pt">Subject:</span></b><span style="font-size:10.0pt">Re: NetApp \
API authentication<o:p></o:p></span></p> <p \
style="margin:0in;margin-bottom:.0001pt"><span \
style="font-size:10.0pt"><o:p> </o:p></span></p> </div>
</div>
<div>
<p class="MsoNormal"><span style="font-size:10.0pt">Is there a handy cook book on how \
to set up certificate based authentication<br> on CDOT 8.x, specifically for use with \
the SDK APIs?<br> <br>
I'm looking at the help doc for Session Managemet APIs for Perl,<br>
(in netapp-manageability-sdk-5.4P1/doc/WebHelp/index.htm), but<br>
it doesn't explain the steps sufficiently for me.<br>
<br>
Re:<br>
> From: "Payne, Richard" <<a \
href="mailto:richard.payne@amd.com">richard.payne@amd.com</a>><br> > Date: Wed, \
18 Mar 2015 15:40:47 +0000<br> > Subject: RE: NetApp API authentication<br>
> To: Edward Rolison <<a \
href="mailto:ed.rolison@gmail.com">ed.rolison@gmail.com</a>>, "<a \
href="mailto:toasters@teaparty.net">toasters@teaparty.net</a>"<br> > \
<<a href="mailto:toasters@teaparty.net">toasters@teaparty.net</a>><br> > \
<br> > 7mode or Cmode?<br>
> <br>
> For 7Mode I’ve used, hosts_equiv authentication (which arguably could be \
better/worse than username/password).<br> > <br>
> For Cmode I’ve setup certificate based authentication.<br>
> <br>
> I make use of the Perl APIs, but started with them and never looked at just \
using LWP & XML Parser so I can’t comment on that part.<br> > <br>
> --rdp<br>
> <br>
> From: <a href="mailto:toasters-bounces@teaparty.net">toasters-bounces@teaparty.net</a> \
[<a href="mailto:toasters-bounces@teaparty.net">mailto:toasters-bounces@teaparty.net</a>] \
On Behalf Of Edward Rolison<br> > Sent: Wednesday, March 18, 2015 11:34 AM<br>
> To: <a href="mailto:toasters@teaparty.net">toasters@teaparty.net</a><br>
> Subject: NetApp API authentication<br>
> <br>
> Having started to review some of our filer automation scripts, I'm starting to \
look in a bit more detail at the API.<br> > <br>
> My first conclusion is - the perl SDK doesn't actually seem to do anything much \
- it seems to be a reimplementation of LWP and and XML Parser.<br> > <br>
> Given I have LWP and XML::Twig installed, and am making API calls just fine, is \
there anything I'm missing here?<br> > <br>
> Aside from that though - authentication types.<br>
> <br>
> I currently use ssh public-private key pairs, in a trusted account on a \
management station to enable 'doing stuff' with filers. It _looks_ like my only \
option with the API is to create a designated service account, and assign \
permissions... and then embed a username and password in a script somewhere.<br>
> That just doesn't sit well with me - I like what ssh-agent will do in \
'unlocking' key files, and I don't like embedding (potentially privileged) usernames \
and passwords ... anywhere.<br> > <br>
> Does anyone have a better solution than a couple of designated API users \
(privileged and read only) with a file somewhere embedding their username and \
password?<br> > <br>
> Does anyone have a better approach?<br>
<br>
> _______________________________________________<br>
> Toasters mailing list<br>
> <a href="mailto:Toasters@teaparty.net">Toasters@teaparty.net</a><br>
> <a href="http://www.teaparty.net/mailman/listinfo/toasters">http://www.teaparty.net/mailman/listinfo/toasters</a><br>
<br>
<br>
-- <br>
Brian Parent<br>
Information Technology Services Department<br>
IT Infrastructure Operations Group<br>
Computing Infrastructure Team<br>
UC San Diego<br>
(858) 534-6090<br>
_______________________________________________<br>
Toasters mailing list<br>
<a href="mailto:Toasters@teaparty.net">Toasters@teaparty.net</a><br>
<a href="http://www.teaparty.net/mailman/listinfo/toasters">http://www.teaparty.net/mailman/listinfo/toasters</a><o:p></o:p></span></p>
</div>
</div>
</body>
</html>
_______________________________________________
Toasters mailing list
Toasters@teaparty.net
http://www.teaparty.net/mailman/listinfo/toasters
--===============1614064311471789178==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic