How to execute Contrail Service Orchestrator HTTP API requests through CLI

  [KB34116] Show Article Properties


Summary:

The Juniper Network’s Cloud Services Orchestration (CSO) APIs allow you to use the same CSO capabilities available through the Web user interface (UI). These APIs can be used for automating various tasks, deploy and monitor services.  CSO uses modular components, available through the distributed microservices that use RESTful (CRUD), HTTP remote procedure call (RPC), and JavaScript Object Notation (JSON) requests. HTTP APIs are used to facilitate communication between microservices.

This article explains how to execute Contrail Service Orchestrator RESTful API requests through CLI.
For further information regarding CSO API, Kindly refer to CSO HTTP API Reference and Developer Guide

Solution:
  1. Generate a Token which will be used for authentication on subsequent requests. There are 2 types of tokens; tenant scoped token and global scoped token.

    Generating Tenant Scoped Token:

    curl http:// <CSO IP> :5000/v3/auth/tokens  -k -s -i -H "Content-Type: application/json" -d \
      ' {
     "auth":{
        "identity":{
           "methods":[
              "password"
           ],
           "password":{
              "user":{
                 "name":"cspadmin",     
                 "domain":{
                    "id":"default"
                 },
                 "password":"Passw0rd@123"    
              }
           }
        },
        "scope":{
           "project":{
              "domain":{
                 "id":"default"
              },
              "name":"TenantA"      
           }
        }
     }
    } '

    In the above example, ‘cspadmin’ username and password is used for authentication and to generate token for TenantA.

    Note: CSO IP address should be replaced with IP address or DNS name based on CSO deployment mode as shown below:

    Small Deployment - Central Mircro Services VM  IP
    Medium Deployment - Central VIP  IP
    Large Deployment - Central VIP  IP

    Generating Global/all-tenants scoped Token:

    curl http:// <CSO IP> :5000/v3/auth/tokens  -k -s -i -H "Content-Type: application/json" -d \
     
     ' {
     "auth":{
        "identity":{
           "methods":[
              "password"
           ],
           "password":{
              "user":{
                 "name":"cspadmin",    
                 "domain":{
                    "id":"default"
                 },
                 "password":"Passw0rd@123"    
              }
           }
        },
        "scope":{
           "project":{
              "domain":{
                 "id":"default"
              },
              "name":"admin"      
           }
        }
     }
    } '

    In the above example, 'cspadmin' username and password used for authentication and to get the token for global/all-tenant.

    Note: CSO IP address should be replaced with IP address or DNS name based on CSO deployment mode as shown below:

    Small Deployment - Central Mircro Services VM  IP
    Medium Deployment - Central VIP  IP
    Large Deployment - Central VIP  IP
  2. Copy the X-Subject-Token from the above command result and export it to TOKEN variable as shown below:

    export TOKEN=<ID copied from above result >

    Here is the example output showing X-Subject-Token resulted from step1

    HTTP/1.1 201 Created
    Date: Fri, 29 Mar 2019 17:36:04 GMT
    Server: Apache/2.4.7 (Ubuntu)
    X-Subject-Token: 64c7d8611831428cb7b66fb343d5ca07  <<< Token ID
    Vary: X-Auth-Token
    X-Distribution: Ubuntu
    x-openstack-request-id: req-6301c665-9577-484e-9c7e-568c15fce45c
    Content-Length: 3016
    Content-Type: application/json
  3. Execute the desired API requests through CLI.

    Examples:

    curl  -k -H "x-auth-token:$TOKEN" -H "content-type: application/json" https://<CSO IP>/tssm/  -X GET
    curl  -k -H "x-auth-token:$TOKEN" -H "content-type: application/json" https://<CSO IP>/tssm/site  -X GET
    curl  -k -H "x-auth-token:$TOKEN" -H "content-type: application/json" https://<CSO IP>/tssm/project   -X GET
    curl  -k -H "x-auth-token:$TOKEN" -H "content-type: application/json" https://<CSO IP>/policy-mgmt/intent_policy/ -X GET | python -m json.tool
    Output will vary based on the token value. If tenant scoped token used then results will only be specific to that tenant.
     
    In the above step, CSO IP should be replaced with IP based on CSO deployment mode as mentioned below:
     
    Small Deployment - Central Mircro Services VM
    Medium Deployment - Central VIP IP
    Large Deployment - Central VIP IP or Regional VIP IP based on the API issued.
Modification History:
2019-06-11: fixed formatting and added link to documentation.
Related Links: