Compare commits
8 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 8a792ddbf7 | |||
| 05f09af4f3 | |||
| e3c8817eec | |||
| 49392fd80e | |||
| 56c42c1e91 | |||
| c5a8d261c6 | |||
| 125fa5ed43 | |||
| 7433599edb |
@@ -7,8 +7,13 @@ In no event shall Zerto, its authors or anyone else involved in the creation, pr
|
||||
|
||||
In 9.5U1, Zerto introduced a new Zerto Virtual Manager Appliance (ZVMA) which differs from the "classic" Zerto Virtual Manager installed on a Windows Server. First and foremost, the authentication has changed to use [Keycloak](https://www.keycloak.org), an "Open Source Identity and Access Management" solution which supports a wide range of authentication methods. With that, scripts built for the classic ZVM will not work without modification. Instead of embedding a username and password into a script, an administrator would create a secret within Keycloak, call a Keycloak API with that secret, then receive a token to make calls to the APIs on the ZVML appliance going forward.
|
||||
|
||||
These code samples provide sample code in PowerShell showing how one could connect to a ZVM Appliance and perform some common operations, such as list VPGs.
|
||||
These code samples provide sample code showing how one could connect to a ZVM Appliance and perform some common operations, such as list VPGs.
|
||||
|
||||
# Relevant Blog Post
|
||||
|
||||
- [Creating KeyCloak Credentials](https://www.jpaul.me/2023/04/converting-rest-api-scripts-for-zvm-appliance/) - steps 1-3
|
||||
|
||||
# Code Samples in this Repo:
|
||||
|
||||
- [ZVML-simple-list-vpgs.ps1](ZVML-simple-list-vpgs.ps1) - Shows how to connect to ZVM Linux appliance using Keycloak token, then list VPGs of a Zerto site
|
||||
- [zvma-simple-list-vpgs.ps1](zvma-simple-list-vpgs.ps1) - PowerShell example of how to connect to ZVM Linux appliance using Keycloak token, then list VPGs of a Zerto site
|
||||
- [zvma-simple-list-vpgs.py](zvma-simple-list-vpgs.py) - Python 3.x example of how to connect to ZVM Linux appliance using Keycloak token, then list VPGs of a Zerto site
|
||||
|
||||
@@ -30,7 +30,7 @@ $zvmApiBase = "https://" + $zvmAddress + "/v1/"
|
||||
$request = @{
|
||||
|
||||
Headers = @{
|
||||
ContentType = "application/x-www-form-urlencode"
|
||||
ContentType = "application/x-www-form-urlencoded"
|
||||
}
|
||||
|
||||
Body = @{
|
||||
@@ -80,4 +80,4 @@ catch {
|
||||
Write-Error "Error making API call to ZVM" -ErrorAction Stop
|
||||
}
|
||||
|
||||
$result | select VPGName,VMsCount, SourceSite, TargetSite, ActualRPO | format-table
|
||||
$result | select VPGName,VMsCount, SourceSite, TargetSite, ActualRPO | format-table
|
||||
@@ -0,0 +1,80 @@
|
||||
# Legal Disclaimer
|
||||
# This script is an example script and is not supported under any Zerto support program or service. The author and Zerto further disclaim all implied warranties including, without limitation, any implied warranties of merchantability or of fitness for a particular purpose.
|
||||
# In no event shall Zerto, its authors or anyone else involved in the creation, production or delivery of the scripts be liable for any damages whatsoever (including, without limitation, damages for loss of business profits, business interruption, loss of business information, or other pecuniary loss) arising out of the use of or the inability to use the sample scripts or documentation, even if the author or Zerto has been advised of the possibility of such damages. The entire risk arising out of the use or performance of the sample scripts and documentation remains with you.
|
||||
#
|
||||
|
||||
# Notes:
|
||||
# - requires ZVM Linux Appliance 9.5U1 or higher, developed and tested on 9.7U1
|
||||
|
||||
# Libraries needed
|
||||
|
||||
import requests
|
||||
import json
|
||||
|
||||
# Variables to Configure
|
||||
|
||||
zvmAddress = "" # IP address or DNS name
|
||||
keycloakClientID = "" # defined in Keycloak - string name
|
||||
keycloakClientSecret = "" # defined in Keycloak - long string
|
||||
verifyCertificate = False
|
||||
|
||||
# Setup API string conventions for later use
|
||||
|
||||
keyCloakApiBase = "https://" + zvmAddress + "/auth/realms/zerto/protocol/openid-connect/token"
|
||||
zvmApiBase = "https://" + zvmAddress + "/v1/"
|
||||
|
||||
# Connect to Keycloak with secret and get token
|
||||
|
||||
uri = keyCloakApiBase
|
||||
|
||||
headers = {
|
||||
'Content-Type': 'application/x-www-form-urlencoded'
|
||||
}
|
||||
|
||||
body = {
|
||||
'client_id': keycloakClientID,
|
||||
'client_secret': keycloakClientSecret,
|
||||
'grant_type': 'client_credentials'
|
||||
}
|
||||
|
||||
try:
|
||||
response = requests.post(uri, headers=headers, data=body, verify=verifyCertificate)
|
||||
except BaseException as e:
|
||||
print("Exception:", e)
|
||||
quit()
|
||||
|
||||
|
||||
if response.ok:
|
||||
token = response.json()['access_token']
|
||||
else:
|
||||
print("HTTP %i - %s, Message %s" % (response.status_code, response.reason, response.text))
|
||||
quit()
|
||||
|
||||
# Now that we have a token because of successful Keycloak authentication, we can proceed with Zerto REST API calls
|
||||
|
||||
uri = zvmApiBase + 'vpgs/'
|
||||
|
||||
headers = {
|
||||
'Content-Type': 'application/json',
|
||||
'Authorization': 'Bearer ' + token
|
||||
}
|
||||
|
||||
body = {
|
||||
}
|
||||
|
||||
try:
|
||||
response = requests.get(uri, headers=headers, data=body, verify=verifyCertificate)
|
||||
except BaseException as e:
|
||||
print("Exception:", e)
|
||||
quit()
|
||||
|
||||
if response.ok:
|
||||
vpgInfo = response.json()
|
||||
else:
|
||||
print("HTTP %i - %s, Message %s" % (response.status_code, response.reason, response.text))
|
||||
quit()
|
||||
|
||||
# Print JSON out in a nice way
|
||||
|
||||
print ("VPGs:")
|
||||
print (json.dumps(vpgInfo, indent=1))
|
||||
Reference in New Issue
Block a user