ECS: How to use the API curl command

Summary: How to to use the Application Programming Interface (API) curl command with GET and PUT examples.

Αυτό το άρθρο ισχύει για Αυτό το άρθρο δεν ισχύει για Αυτό το άρθρο δεν συνδέεται με κάποιο συγκεκριμένο προϊόν. Δεν προσδιορίζονται όλες οι εκδόσεις προϊόντων σε αυτό το άρθρο.
Δείτε άλλους πόρους

Instructions

This knowledge article shows how to use curl commands for ECS API usage.

In the users guides like the ECS Administration Guide or the Data Access Guide, there are examples of the API usage with curl commands.

This displays how to use the curl command to GET and PUT on an API. In this example, the LDAPS certificate API per KB ECS: How to setup and accept all certificates over LDAPS on ECS.


Curl example - LDAPS certificate API example:
LDAPS certificates API uses the management IP and does not allow emcmonitor access, but the root user instead. This is an example of ECS API usage, LDAPS certificate API is located in the "/vdc/truststore". Your API may be different and in a different location.

To examine the ECS settings regarding the LDAPS certificate settings, first get a Node Management IP to use. If there is network separation for the UI management, the "getrackinfo -n" has "mgmt" values. Use the nodes public.mgmt IP address, the replication, and data network separation are not required for these steps:

# getrackinfo -n
Named networks
==============
Node ID       Network          Ip Address        Netmask            Gateway            VLAN               Interface
1            repl              10.xxx.xxx.11     255.255.254.0      xxx.xxx.xxx.xxx    14                 public
1            mgmt              10.xxx.xxx.21     255.255.254.0      xxx.xxx.xxx.xxx    13                 public
1            data              10.xxx.xxx.31     255.255.254.0      xxx.xxx.xxx.xxx    15                 public
2            repl              10.xxx.xxx.12     255.255.254.0      xxx.xxx.xxx.xxx    14                 public
2            mgmt              10.xxx.xxx.22     255.255.254.0      xxx.xxx.xxx.xxx    13                 public
2            data              10.xxx.xxx.32     255.255.254.0      xxx.xxx.xxx.xxx    15                 public
3            repl              10.xxx.xxx.13     255.255.254.0      xxx.xxx.xxx.xxx    14                 public
3            mgmt              10.xxx.xxx.23     255.255.254.0      xxx.xxx.xxx.xxx    13                 public
3            data              10.xxx.xxx.33     255.255.254.0      xxx.xxx.xxx.xxx    15                 public
4            repl              10.xxx.xxx.14     255.255.254.0      xxx.xxx.xxx.xxx    14                 public
4            mgmt              10.xxx.xxx.24     255.255.254.0      xxx.xxx.xxx.xxx    13                 public
4            data              10.xxx.xxx.34     255.255.254.0      xxx.xxx.xxx.xxx    15                 public

If there is no network public.mgmt separation on the VDC, use the node's public IP address instead. Note the public.mgmt network separation address takes precedence if set.

# getrackinfo
Node private      Node              Public                                  BMC
Ip Address        Id       Status   Mac                 Ip Address          Mac                 Ip Address          Node Name
===============   ======   ======   =================   =================   =================   =================   =========
192.1XX.2XX.1     1        MA       a4:bf:xx:xx:xx:74   10.xx.xx.1          a4:bf:xx:xx:xx      192.1XX.2XX.101     provo-red
192.1XX.2XX.2     2        SA       a4:bf:xx:xx:xx:c8   10.xx.xx.2          a4:bf:xx:xx:xx      192.1XX.2XX.102     sandy-red
192.1XX.2XX.3     3        SA       a4:bf:xx:xx:xx:e0   10.xx.xx.3          a4:bf:xx:xx:xx      192.1XX.2XX.103     orem-red
192.1XX.2XX.4     4        SA       a4:bf:xx:xx:xx:56   10.xx.xx.4          a4:bf:xx:xx:xx      192.168.219.104     ogden-red

Use the management IP address acquired to get the root user token, root user password is required:

# curl -s -k -v -u root https://<NodeManagementIP>:4443/login 2>&1

Example:

# curl -s -k -v -u root https://10.xxx.xxx.21:4443/login 2>&1
Enter host password for user 'root':
......

< HTTP/1.1 200 OK
< Date: Thu, 14 Jan 2021 13:51:24 GMT
< Content-Type: application/xml
< Content-Length: 93
< Connection: keep-alive
< X-SDS-AUTH-TOKEN: BAAcdWhGbnVRVjd1WlpmR0xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxAgAC0A8=
< X-SDS-AUTH-USERNAME: root
< X-SDS-AUTH-MAX-AGE: 28800
<
* Connection #0 to host 10.xxx.xxx.21 left intact
root

If the output is not "HTTP/1.1 200 OK", check the password and IP address, check if UI management network separation exists from the command "getrackinfo -n". With the root user token, create a token variable, a valid token must be updated if in a new CLI session:

# export TOKEN='X-SDS-AUTH-TOKEN: BAAcdWhGbnVRVjd1WlpmR0xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxAgAC0A8='

To test the token is value, you can run a curl command:

# curl -k -X GET -H "$TOKEN"  https://10.xxx.xxx.21:4443/object/capacity  | xmllint --format -        
% Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                               Dload  Upload   Total   Spent    Left  Speed
100   176  100   176    0     0    249      0 --:--:-- --:--:-- --:--:--   250

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<cluster_capacity>
  <totalFree_gb>100657</totalFree_gb>
  <totalProvisioned_gb>447005</totalProvisioned_gb>
</cluster_capacity>

The purpose of the above steps is to use the root user token to gain curl access to the ECS UI truststore. See the ECS Admin guide for more information about "Add custom LDAP certificate". In this example of ECS API usage the LDAPS certificate API is located in the "/vdc/truststore". Your API may be in a different location.

 

Curl GET example:

Get the truststore settings with a curl GET command:

# curl -s -k -X GET -H Content-Type:application/json -H "$TOKEN" -H ACCEPT:application/json https://<NodeManagementIP>:4443/vdc/truststore/settings

Example:

# curl -s -k -X GET -H Content-Type:application/json -H "$TOKEN" -H ACCEPT:application/json https://10.xxx.xxx.21:4443/vdc/truststore/settings
{"accept_all_certificates":false}


In the above example, the truststore "accept_all_certificates" is set to false. This means that only uploaded LDAPS certificates that match an AD/LDAP server certificate are allowed to be trusted by ECS. A user may want this set to true or false depending on their needs. To test the LDAPS connection, setting it to true and testing the users login can validate.

Create a json file to change the truststore settings by a curl command with a json payload:

# sudo vi truststoresettings.json
# sudo cat truststoresettings.json
{"accept_all_certificates": "true"}


The json.tool module on python can validate a json file format. If there is an error, the file may not be a json file. In this example, there is no error and outputs the file, so it is a formatted json file:

# python -m json.tool truststoresettings.json
{
    "accept_all_certificates": "true"
}

 

Curl PUT example:

Run a curl command with a json file as the payload with a curl PUT command:

# curl -s -k -X PUT -H Content-Type:application/json -H "$TOKEN" -H ACCEPT:application/json https://:4443/vdc/truststore/settings -d @truststoresettings.json

To check that it is updated, run the curl GET command:

# curl -s -k -X GET -H Content-Type:application/json -H "$TOKEN" -H ACCEPT:application/json https://10.xxx.xxx.21:4443/vdc/truststore/settings
{"accept_all_certificates":true}

Επηρεαζόμενα προϊόντα

ECS

Προϊόντα

ECS Appliance
Ιδιότητες άρθρου
Article Number: 000194272
Article Type: How To
Τελευταία τροποποίηση: 04 Νοε 2025
Version:  4
Βρείτε απαντήσεις στις ερωτήσεις σας από άλλους χρήστες της Dell
Υπηρεσίες υποστήριξης
Ελέγξτε αν η συσκευή σας καλύπτεται από τις Υπηρεσίες υποστήριξης.