This post is more than 5 years old
5 Practitioner
•
274.2K Posts
1
3448
Unable to use API to create NFS Export in OneFS 7.2.x
Looking for some PowerShell/REST/API assistance. I’m hitting a snag with NFS export creation and I wrapping my head around as to why. Below is the output and failure I get when trying to use my PowerShell script to create a simple export.
PS C:\> .\ps_isilon_create_nfs_export_via_papi.ps1 -isilonip 192.168.253.51 -username root -password a -paths /ifs/test -description "NFS export created from PAPI" -clients 192.168.253.11 -rootclients 192.168.253.21
Creating an export for /ifs/test
Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
At C:\ps_isilon_create_nfs_export_via_papi.ps1:43 char:14
+ $ISIObject = Invoke-RestMethod -Uri $uri -Headers $headers -Body $ExportObject - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
It appears to have a problem with my $ExportObject but I’m not quite sure why. In the past, I’ve seen this (400) Bad Request when I didn’t specify enough required properties to satisfy the POST request. But when you look at my $ExportObject variable, I believe I should have all the required options defined, or set as variables for prompted input:
$ExportObject = @"
{"all_dirs": false,
"clients": "$clients",
"description": "$description",
"paths": "$paths",
"read_only_clients": $roclients,
"read_write_clients": $rwclients,
"root_clients": $rootclients,
"zone": "System"}
"@
To answer some basic questions:
- Yes, HTTP is enabled on the cluster and have confirmed other PowerShell PAPI scripts work fine on cluster
- I have verified the path exist for where I’m pointing my NFS export
- I have tried without setting description and without clients, and without both.
Any thoughts?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
1
January 22nd, 2016 12:00
Peter,
I went down the path of using curl to create the export, and that plus what you mentioned with $paths needing to be an [Array] helped me figured it out.
I only had to change [String] to [Array] for $paths and add [] brackets around the variable in the $ExportObject:
# Acceptable Parameters
Param([String]$isilonip,[String]$username,[String]$password,[Array]$paths)
# Avoid certificate error (code from blogs.msdn.com)
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAll : ICertificatePolicy {
public TrustAll() {}
public bool CheckValidationResult(
ServicePoint sPoint, X509Certificate cert,
WebRequest req, int problem) {
return true;
}
}
"@
[System.Net.ServicePointManager]::CertificatePolicy = new-object TrustAll
# Encode basic authorization header and create baseurl
$EncodedAuthorization = [System.Text.Encoding]::UTF8.GetBytes($username + ':' + $password)
$EncodedPassword = [System.Convert]::ToBase64String($EncodedAuthorization)
$headers = @{"Authorization"="Basic $($EncodedPassword)"}
$baseurl = 'https://' + $isilonip +":8080"
# Create NFS Export
$resource = "/platform/2/protocols/nfs/exports"
Write-Host "Creating an export for $paths"
$ExportObject = @"
{"paths": ["$paths"]}
"@
$headers = @{"Authorization"="Basic $($EncodedPassword)"}
$uri = $baseurl + $resource
$ISIObject = Invoke-RestMethod -Uri $uri -Headers $headers -Body $ExportObject -ContentType "application/json; charset=utf-8" -Method POST
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 21st, 2016 19:00
Peter,
Thanks for your response! So when I browse to https://192.168.253.51:8080/platform/2/protocols/nfs/exports I can see the only existing export on the cluster (default /ifs export). According to the OneFS 7.2.0.x API Guide, clients is a string, whereas root_clients, read_write_clients, and read_only_clients are all "Array"...I'm not sure as to why. Also paths appears to be plural in API (just as it is in the isi nfs command itself) http://www.emc.com/collateral/TechnicalDocument/docu56063.pdf
PS C:\> .\getnfshelp.ps1 -isilonip 192.168.253.51 -username root -password a
/platform/2/protocols/nfs/exports
Overview:
This resource applies the standard collection pattern to NFS exports.
Method GET:
List all NFS exports.
Query Arguments:
sort=
The field that will be used for sorting.
zone=
Access zone
resume=
Continue returning results from previous call using this token (token
should come from the previous call, resume cannot be used with other
options).
limit=
Return no more than this many results at once (see resume).
scope=[effective|user]
If specified as effective or not specified, all export fields are shown.
If specified as user, only fields with non-default values are shown.
check=
Check for conflicts when listing exports.
dir=[ASC|DESC]
The direction of the sort.
Method POST:
Create a new NFS export.
Query Arguments:
force=
If true, the export will be created even if it conflicts with another
export.
zone=
Access zone
GET Response Body Schema:
{
"properties" :
{
"exports" :
{
"items" :
{
"description" : "NFS export configuration values.",
"properties" :
{
"all_dirs" :
{
"description" : "If true, all directories under the specified paths are mountable.",
"type" : "boolean"
},
"block_size" :
{
"description" : "The block size returned by the NFS STATFS procedure.",
"type" : "integer"
},
"can_set_time" :
{
"description" : "If true, the client may set file times using the NFS SETATTR request. This option is advisory and the server always behaves as if it is true.",
"type" : "boolean"
},
"case_insensitive" :
{
"description" : "If true, the server will report that it ignores case for file names.",
"type" : "boolean"
},
"case_preserving" :
{
"description" : "If true, the server will report that it always preserves case for file names.",
"type" : "boolean"
},
"chown_restricted" :
{
"description" : "If true, the server will report that only the superuser may change file ownership.",
"type" : "boolean"
},
"clients" :
{
"description" : "Clients that have access to the export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"commit_asynchronous" :
{
"description" : "If true, allows NFS commit requests to execute asynchronously.",
"type" : "boolean"
},
"conflicting_paths" :
{
"description" : "Paths that conflict with another export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"description" :
{
"description" : "A human readable description of the export.",
"type" : "string"
},
"directory_transfer_size" :
{
"description" : "The preferred size for directory read operations. This option is advisory.",
"type" : "integer"
},
"encoding" :
{
"description" : "The character encoding of clients connecting to the export.",
"type" : "string"
},
"id" :
{
"description" : "Unique ID for the export.",
"type" : "integer"
},
"link_max" :
{
"description" : "The reported maximum number of links to a file.",
"type" : "integer"
},
"map_all" :
{
"description" : "The user and groups that non-root clients are mapped to.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"map_failure" :
{
"description" : "The user and groups that clients are mapped to should auth fail.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"map_full" :
{
"description" : "If true, user mappings queries the OneFS user database. If false, only local authentication is queried.",
"type" : "boolean"
},
"map_lookup_uid" :
{
"description" : "If true, incoming UIDs are mapped to users in the OneFS user database. If false, incoming UIDs are applied directly to file operations.",
"type" : "boolean"
},
"map_non_root" :
{
"description" : "The user and groups that nonroot clients are mapped to.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"map_retry" :
{
"description" : "Determines whether lookups for users specified in map_all, map_root or map_nonroot are retried if the look fails.",
"type" : "boolean"
},
"map_root" :
{
"description" : "The user and groups that root clients are mapped to.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"max_file_size" :
{
"description" : "The maximum file size in the export.",
"type" : "integer"
},
"name_max_size" :
{
"description" : "The reported maximum length of a file name.",
"type" : "integer"
},
"no_truncate" :
{
"description" : "If true, report that too-long file names result in an error",
"type" : "boolean"
},
"paths" :
{
"description" : "The paths under /ifs that are exported.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"read_only" :
{
"description" : "If true, the export is read-only.",
"type" : "boolean"
},
"read_only_clients" :
{
"description" : "Clients that have read only access to the export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"read_transfer_max_size" :
{
"description" : "The maximum buffer size that clients should use on NFS read requests. This option is advisory.",
"type" : "integer"
},
"read_transfer_multiple" :
{
"description" : "The preferred multiple size for NFS read requests. This option is advisory.",
"type" : "integer"
},
"read_transfer_size" :
{
"description" : "The optimal size for NFS read requests. This option is advisory.",
"type" : "integer"
},
"read_write_clients" :
{
"description" : "Clients that have read and write access to the export, even if the export is read-only.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"readdirplus" :
{
"description" : "If true, readdirplus requests are enabled.",
"type" : "boolean"
},
"readdirplus_prefetch" :
{
"description" : "This field is deprecated and does not do anything.",
"type" : "integer"
},
"return_32bit_file_ids" :
{
"description" : "Limits the size of file identifiers returned by NFSv3+ to 32-bit values.",
"type" : "boolean"
},
"root_clients" :
{
"description" : "Clients that have root access to the export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"security_flavors" :
{
"description" : "The authentication flavors that are supported for this export.",
"items" :
{
"description" : "The security type.",
"enum" : [ "unix", "krb5", "krb5i", "krb5p" ],
"type" : "string"
},
"type" : "array"
},
"setattr_asynchronous" :
{
"description" : "If true, allows setattr operations to execute asynchronously.",
"type" : "boolean"
},
"snapshot" :
{
"description" : "Use this snapshot for all mounts.",
"type" : "string"
},
"symlinks" :
{
"description" : "If true, paths reachable by symlinks are exported.",
"type" : "boolean"
},
"time_delta" :
{
"description" : "The resolution of all time values that are returned to clients.",
"type" : "number"
},
"unresolved_clients" :
{
"description" : "Clients that cannot be resolved.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"write_datasync_action" :
{
"description" : "The action to be taken when an NFSv3+ datasync write is requested.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_datasync_reply" :
{
"description" : "The stability disposition returned when an NFSv3+ datasync write is processed.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_filesync_action" :
{
"description" : "The action to be taken when an NFSv3+ filesync write is requested.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_filesync_reply" :
{
"description" : "The stability disposition returned when an NFSv3+ filesync write is processed.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_transfer_max_size" :
{
"description" : "The maximum buffer size that clients should use on NFS write requests. This option is advisory.",
"type" : "integer"
},
"write_transfer_multiple" :
{
"description" : "The preferred multiple size for NFS write requests. This option is advisory.",
"type" : "integer"
},
"write_transfer_size" :
{
"description" : "The optimal size for NFS read requests. This option is advisory.",
"type" : "integer"
},
"write_unstable_action" :
{
"description" : "The action to be taken when an NFSv3+ unstable write is requested.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_unstable_reply" :
{
"description" : "The stability disposition returned when an NFSv3+ unstable write is processed.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"zone" :
{
"description" : "The zone in which the export is valid",
"type" : "string"
}
},
"type" : "object"
},
"type" : "array"
},
"resume" :
{
"description" : "Continue returning results from previous call using this token (token should come from the previous call, resume cannot be used with other options).",
"type" : [ "string", "null" ]
},
"total" :
{
"description" : "Total number of items available.",
"type" : "integer"
}
},
"type" : "object"
}
POST Request Body Schema:
{
"description" : "NFS export configuration values.",
"properties" :
{
"all_dirs" :
{
"description" : "If true, all directories under the specified paths are mountable.",
"type" : "boolean"
},
"block_size" :
{
"description" : "The block size returned by the NFS STATFS procedure.",
"type" : "integer"
},
"can_set_time" :
{
"description" : "If true, the client may set file times using the NFS SETATTR request. This option is advisory and the server always behaves as if it is true.",
"type" : "boolean"
},
"case_insensitive" :
{
"description" : "If true, the server will report that it ignores case for file names.",
"type" : "boolean"
},
"case_preserving" :
{
"description" : "If true, the server will report that it always preserves case for file names.",
"type" : "boolean"
},
"chown_restricted" :
{
"description" : "If true, the server will report that only the superuser may change file ownership.",
"type" : "boolean"
},
"clients" :
{
"description" : "Clients that have access to the export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"commit_asynchronous" :
{
"description" : "If true, allows NFS commit requests to execute asynchronously.",
"type" : "boolean"
},
"description" :
{
"description" : "A human readable description of the export.",
"type" : "string"
},
"directory_transfer_size" :
{
"description" : "The preferred size for directory read operations. This option is advisory.",
"type" : "integer"
},
"encoding" :
{
"description" : "The character encoding of clients connecting to the export.",
"type" : "string"
},
"link_max" :
{
"description" : "The reported maximum number of links to a file.",
"type" : "integer"
},
"map_all" :
{
"description" : "The user and groups that non-root clients are mapped to.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"map_failure" :
{
"description" : "The user and groups that clients are mapped to should auth fail.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"map_full" :
{
"description" : "If true, user mappings queries the OneFS user database. If false, only local authentication is queried.",
"type" : "boolean"
},
"map_lookup_uid" :
{
"description" : "If true, incoming UIDs are mapped to users in the OneFS user database. If false, incoming UIDs are applied directly to file operations.",
"type" : "boolean"
},
"map_non_root" :
{
"description" : "The user and groups that nonroot clients are mapped to.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"map_retry" :
{
"description" : "Determines whether lookups for users specified in map_all, map_root or map_nonroot are retried if the look fails.",
"type" : "boolean"
},
"map_root" :
{
"description" : "The user and groups that root clients are mapped to.",
"type" :
[
{
"description" : "User and group mapping.",
"properties" :
{
"enabled" :
{
"description" : "Should this user mapping be applied",
"type" : "boolean"
},
"primary_group" :
{
"description" : "User's primary group.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"secondary_groups" :
{
"items" :
{
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
},
"type" : "array"
},
"user" :
{
"description" : "User name.",
"type" :
[
{
"description" : "A persona consists of either a 'type' and 'name' or a 'ID'.",
"properties" :
{
"id" :
{
"description" : "Serialized form (e.g. 'UID:0', 'USER:name', 'GID:0', 'GROUP:wheel', 'SID:S-1-1').",
"type" : "string"
},
"name" :
{
"description" : "Persona name, must be combined with type.",
"type" : "string"
},
"type" :
{
"description" : "Type of persona when using name.",
"enum" : [ "user", "group", "wellknown" ],
"type" : "string"
}
},
"type" : "object"
}
]
}
},
"type" : "object"
}
]
},
"max_file_size" :
{
"description" : "The maximum file size in the export.",
"type" : "integer"
},
"name_max_size" :
{
"description" : "The reported maximum length of a file name.",
"type" : "integer"
},
"no_truncate" :
{
"description" : "If true, report that too-long file names result in an error",
"type" : "boolean"
},
"paths" :
{
"description" : "The paths under /ifs that are exported.",
"items" :
{
"type" : "string"
},
"required" : true,
"type" : "array"
},
"read_only" :
{
"description" : "If true, the export is read-only.",
"type" : "boolean"
},
"read_only_clients" :
{
"description" : "Clients that have read only access to the export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"read_transfer_max_size" :
{
"description" : "The maximum buffer size that clients should use on NFS read requests. This option is advisory.",
"type" : "integer"
},
"read_transfer_multiple" :
{
"description" : "The preferred multiple size for NFS read requests. This option is advisory.",
"type" : "integer"
},
"read_transfer_size" :
{
"description" : "The optimal size for NFS read requests. This option is advisory.",
"type" : "integer"
},
"read_write_clients" :
{
"description" : "Clients that have read and write access to the export, even if the export is read-only.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"readdirplus" :
{
"description" : "If true, readdirplus requests are enabled.",
"type" : "boolean"
},
"readdirplus_prefetch" :
{
"description" : "This field is deprecated and does not do anything.",
"type" : "integer"
},
"return_32bit_file_ids" :
{
"description" : "Limits the size of file identifiers returned by NFSv3+ to 32-bit values.",
"type" : "boolean"
},
"root_clients" :
{
"description" : "Clients that have root access to the export.",
"items" :
{
"type" : "string"
},
"type" : "array"
},
"security_flavors" :
{
"description" : "The authentication flavors that are supported for this export.",
"items" :
{
"description" : "The security type.",
"enum" : [ "unix", "krb5", "krb5i", "krb5p" ],
"type" : "string"
},
"type" : "array"
},
"setattr_asynchronous" :
{
"description" : "If true, allows setattr operations to execute asynchronously.",
"type" : "boolean"
},
"snapshot" :
{
"description" : "Use this snapshot for all mounts.",
"type" : "string"
},
"symlinks" :
{
"description" : "If true, paths reachable by symlinks are exported.",
"type" : "boolean"
},
"time_delta" :
{
"description" : "The resolution of all time values that are returned to clients.",
"type" : "number"
},
"write_datasync_action" :
{
"description" : "The action to be taken when an NFSv3+ datasync write is requested.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_datasync_reply" :
{
"description" : "The stability disposition returned when an NFSv3+ datasync write is processed.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_filesync_action" :
{
"description" : "The action to be taken when an NFSv3+ filesync write is requested.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_filesync_reply" :
{
"description" : "The stability disposition returned when an NFSv3+ filesync write is processed.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_transfer_max_size" :
{
"description" : "The maximum buffer size that clients should use on NFS write requests. This option is advisory.",
"type" : "integer"
},
"write_transfer_multiple" :
{
"description" : "The preferred multiple size for NFS write requests. This option is advisory.",
"type" : "integer"
},
"write_transfer_size" :
{
"description" : "The optimal size for NFS read requests. This option is advisory.",
"type" : "integer"
},
"write_unstable_action" :
{
"description" : "The action to be taken when an NFSv3+ unstable write is requested.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"write_unstable_reply" :
{
"description" : "The stability disposition returned when an NFSv3+ unstable write is processed.",
"type" :
[
{
"description" : "The synchronization type.",
"enum" : [ "DATASYNC", "FILESYNC", "UNSTABLE" ],
"type" : "string"
}
]
},
"zone" :
{
"description" : "The zone in which the export is valid",
"type" : "string"
}
},
"type" : "object"
}
POST Response Body Schema:
{
"properties" :
{
"id" :
{
"description" : "ID of created item that can be used to refer to item in the collection-item resource path.",
"required" : true,
"type" : "integer"
}
},
"type" : "object"
}
The odd part is I haven't had any issues creating scripts for quotas and shares/share permissions, but nfs exports has been giving me a lot of grief.
Thanks!
Adam
edit: Just read you said clients should be an Array -- I will give that a shot. So that's wrong in the Guide?
Peter_Sero
1.2K Posts
0
January 21st, 2016 19:00
Can you list some existing exports with the API?
This will tell you the exact format of the params; the API docu seems to have some issues in this respect.
For example, "clients" should be an array rather than a string, just as "read_only_clients" etc are arrays! E.g you find "clients" : [],
in the sample output here: Re: OneFS API hints and tips
Same caution applies to "paths" and other params that appear in plural.
hth
-- Peter
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 21st, 2016 19:00
According to that output, it appears that the only requirement to creating an NFS export via API is the following:
"paths" :
{
"description" : "The paths under /ifs that are exported.",
"items" :
{"type" : "string"},
"required" : true,
}
Using that logic, the creation script should work if it's as simple as specifying the path, right?
Tried doing that (see attached .ps1) and still fails (see below).
PS C:\> .\ps_isilon_create_nfs_export_only_paths_defined.ps1 -isilonip 192.168.253.51 -username root -password a -paths /ifs/test
Creating an export for /ifs/test
Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
At C:\ps_isilon_create_nfs_export_only_paths_defined.ps1:36 char:14
+ $ISIObject = Invoke-RestMethod -Uri $uri -Headers $headers -Body $ExportObject - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
edit: Below is the output of the existing /ifs export:
{
"exports" :
[
{
"all_dirs" : false,
"block_size" : 8192,
"can_set_time" : true,
"case_insensitive" : false,
"case_preserving" : true,
"chown_restricted" : false,
"clients" : [],
"commit_asynchronous" : false,
"conflicting_paths" : [],
"description" : "",
"directory_transfer_size" : 131072,
"encoding" : "DEFAULT",
"id" : 1,
"link_max" : 32767,
"map_failure" :
{
"enabled" : false,
"primary_group" : {},
"secondary_groups" : [],
"user" :
{
"id" : "USER:nobody"
}
},
"map_full" : true,
"map_lookup_uid" : false,
"map_non_root" :
{
"enabled" : false,
"primary_group" : {},
"secondary_groups" : [],
"user" :
{
"id" : "USER:nobody"
}
},
"map_retry" : true,
"map_root" :
{
"enabled" : true,
"primary_group" : {},
"secondary_groups" : [],
"user" :
{
"id" : "USER:nobody"
}
},
"max_file_size" : 9223372036854775807,
"name_max_size" : 255,
"no_truncate" : false,
"paths" : [ "/ifs" ],
"read_only" : false,
"read_only_clients" : [],
"read_transfer_max_size" : 1048576,
"read_transfer_multiple" : 512,
"read_transfer_size" : 131072,
"read_write_clients" : [],
"readdirplus" : true,
"readdirplus_prefetch" : 10,
"return_32bit_file_ids" : false,
"root_clients" : [],
"security_flavors" : [ "unix" ],
"setattr_asynchronous" : false,
"snapshot" : "-",
"symlinks" : true,
"time_delta" : 1.000000000000000e-09,
"unresolved_clients" : [],
"write_datasync_action" : "DATASYNC",
"write_datasync_reply" : "DATASYNC",
"write_filesync_action" : "FILESYNC",
"write_filesync_reply" : "FILESYNC",
"write_transfer_max_size" : 1048576,
"write_transfer_multiple" : 512,
"write_transfer_size" : 524288,
"write_unstable_action" : "UNSTABLE",
"write_unstable_reply" : "UNSTABLE",
"zone" : "System"
}
]
}
1 Attachment
ps_isilon_create_nfs_export_only_paths_defined_via_papi.ps1
Peter_Sero
1.2K Posts
0
January 22nd, 2016 01:00
The PDF guide has is wrong with plain "string" for "clients".
A closer look at the auto-generated description that you have sent
will reveal (after slightly reformatting the lines)
that the actual meaning is "array of strings", which makes more sense:
"clients" :
{
"description" : "Clients that have access to the export.",
"items" : { "type" : "string" },
"type" : "array"
},
I also ran a test by listing some exports over here,
and I got an array of strings for "clients":
"clients" :
[
"10.10.115.66",
"10.10.115.69",
"10.10.115.70",
"10.10.118.148",
"10.10.119.137"
],
I'd suggest to create one "reference" export with all relevant params
via the WebUI first, then inquire it with the API and follow
that exact syntax further on.
Cheers
-- Peter
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
January 22nd, 2016 07:00
Peter,
I'll certainly continue to reference other sample exports to try and get a syntax that will be accepted. I guess my remaining question would be why a simple NFS creation script, who's only variable is for the NFS export itself is $paths (which is the only option who's requirement = true) would give me such kick-back?
PS C:\> .\ps_isilon_create_nfs_export_only_paths_defined_via_papi.ps1 -isilonip 192.168.253.51 -username root -password a -paths /ifs/test
Creating an export for /ifs/test
Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
At C:\ps_isilon_create_nfs_export_only_paths_defined_via_papi.ps1:36 char:14
+ $ISIObject = Invoke-RestMethod -Uri $uri -Headers $headers -Body $ExportObject - ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
If you look at the second powershell script I attached (ps_isilon_create_nfs_export_only_paths_defined_via_papi.ps1) you'll see the only parameters I have defined are as follows:
# Acceptable Parameters
Param([String]$isilonip,[String]$username,[String]$password,[String]$paths)
# Create NFS Export
$resource = "/platform/2/protocols/nfs/exports"
Write-Host "Creating an export for $paths"
$ExportObject = @"
{"paths": "$paths"}
"@
$headers = @{"Authorization"="Basic $($EncodedPassword)"}
$uri = $baseurl + $resource
$ISIObject = Invoke-RestMethod -Uri $uri -Headers $headers -Body $ExportObject -ContentType "application/json; charset=utf-8" -Method POST
So regardless of whether "clients" is an array or string, so long as it's not defined in the script and not a requirement for the POST request, I'm curious as to what I'm missing. Thanks again for all of your insight! I'll keep digging...
Thanks!
Adam
Peter_Sero
1.2K Posts
2
January 22nd, 2016 09:00
Not using PowerShell at this moment... but keep in mind "paths" is an array, too.
A cool helper for API testing is "isi --debug CMD" which tells us how the API equivalent of CMD would look like:
isilon-20 # mkdir /ifs/justatest
isilon-20 # isi --debug nfs export create --path /ifs/justatest
>>>POST ['2', 'protocols', 'nfs', 'exports']
args={}
body={'paths': ['/ifs/justatest']}
<<<(201, {'status': '201 Created', 'content-type': 'application/json', 'allow': 'GET, POST, HEAD'}, '\n{\n"id" : 211\n}\n')
The syntax for POST is not a URL here, but anyway the important part (other than success status "201 Created") is the body: paths is an array with [] here!
Hope it helps also for PowerShell scripting.
-- Peter