Using Nitro API on Netscaler/ADC

by mihai cziraki | Posted on

Besides working on an appliance the old fashion way using ssh or the GUI, modern appliances have an API. Now, what is an API? You can find more here:
https://www.howtogeek.com/343877/what-is-an-api/

On Netscaler/ADC you have Nitro API. The NetScaler NITRO protocol allows you to configure and monitor the NetScaler appliance programmatically by using Representational State Transfer (REST) interfaces.  More on this, here:
https://developer-docs.citrix.com/projects/netscaler-nitro-api/en/12.0/
https://developer-docs.citrix.com/projects/netscaler-nitro-api/en/11.1/

Using the Nitro API you can do all the things you would do via ssh/GUI but you will do it via HTTP/HTTPS. And the real win here is that it can be easy to automate, as you can do it with different SDKs: python, .NET, Java, or use tools like Ansible.

Now let’s see some examples using cURL:

#To check the stats of a cs vserver:
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  "https://10.10.10.10/nitro/v1/stat/csvserver/cs-443-test"

#To check the config of a cs vserver:
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  "https://10.10.10.10/nitro/v1/config/csvserver/cs-443-test"

You can use something similar with all other entities like lb vserver, services, and policies.
In the above example, we use two HTTP headers to specify the user and the password. Another way to do it is using only one HTTP header called Authorization, like this:

curl -vvv -k  --basic --user nsroot:nsroot "https://10.10.10.10/nitro/v1/stat/csvserver/cs-443-test"

Create/delete VIP examples:

# Create a simple cs vserver
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X POST -d @csvserver.conf "https://192.168.100.2/nitro/v1/config/csvserver"

# Delete the cs vserver
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X DELETE  "https://192.168.100.2/nitro/v1/config/csvserver/cs-80-test"

This is how the VIP config looks like in the csvserver.conf file:

{
   "csvserver": {
      "name": "cs-80-test",
      "servicetype": "HTTP",
      "ipv46": "10.10.10.1",
      "port": "80"
   }
}

The same principles apply to other entities like lb vserver, services, and policies.

Managing backups :

# create a system backup
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X POST -d @backup.conf "https://192.168.100.2/nitro/v1/config/systembackup?action=create"

# delete a system backup
curl -vvv -k -H "X-NITRO-USER: nsroot" -H "X-NITRO-PASS: nsroot"  -H "Content-Type:application/json" -X DELETE "https://192.168.100.2/nitro/v1/config/systembackup/backup.tgz"

Backup.conf file looks like this:

{"systembackup":{
      "filename":"backup",
      "level":"full"
}}

About the author

Mihai is a Senior Network Engineer with more than 15 years of experience

Related Posts