Using Nitro API on Netscaler/ADC

Beside working on an appliance the old fashion way using the ssh or the GUI, modern appliances have an API. Now, what is an API? You can find more here:
https://www.howtogeek.com/343877/what-is-an-api/

On Netscaler/ADC you have Nitro API. The NetScaler NITRO protocol allows you to configure and monitor the NetScaler appliance programmatically by using Representational State Transfer (REST) interfaces.  More on this, here:
https://developer-docs.citrix.com/projects/netscaler-nitro-api/en/12.0/
https://developer-docs.citrix.com/projects/netscaler-nitro-api/en/11.1/

Using the Nitro API you can do all the things you would do via ssh/GUI but you will do it via http/https. And the real win here is that it can be easy to automate, as you can do it with different SDK’s: python, .NET, Java or use tools like Ansible.

Now let’s see some examples using cURL:

#To check the stats of a cs vserver:
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  "https://10.10.10.10/nitro/v1/stat/csvserver/cs-443-test"

#To check the config of a cs vserver:
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  "https://10.10.10.10/nitro/v1/config/csvserver/cs-443-test"

You can use something similar with all other entities like lb vserver, services, policies.
In the above example we use two http headers to specify the user and the password. Another way to do it is using only one http header called Authorization, like this:

curl -vvv -k  --basic --user nsroot:nsroot "https://10.10.10.10/nitro/v1/stat/csvserver/cs-443-test"

Create/delete vip examples:

# Create a simple cs vserver
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X POST -d @csvserver.conf "https://192.168.100.2/nitro/v1/config/csvserver"

# Delete the cs vserver
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X DELETE  "https://192.168.100.2/nitro/v1/config/csvserver/cs-80-test"

This is how the vip config looks like in the csvserver.conf file:

{
   "csvserver": {
      "name": "cs-80-test",
      "servicetype": "HTTP",
      "ipv46": "10.10.10.1",
      "port": "80"
   }
}

Same principles apply to other entities like lb vserver, services, policies.

Managing backups :

# create a system backup
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X POST -d @backup.conf "https://192.168.100.2/nitro/v1/config/systembackup?action=create"

# delete a system backup
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X DELETE "https://192.168.100.2/nitro/v1/config/systembackup/backup.tgz"

Backup.conf file looks like this:

{"systembackup":{
      "filename":"backup",
      "level":"full"
}}

About the author

Mihai is a Network Aficionado with more than 10 years experience