Module netapp_ontap.resources.cluster_peer

Copyright © 2019 NetApp Inc. All rights reserved.

Cluster peer operations

Cluster peering allows administrators of ONTAP systems to establish relationships between two or more independent clusters. Once a relationship exists between two clusters, they may then exchange user data, configuration information and coordinate operations. The /cluster/peers endpoint supports operations such as create, get, modify and delete using GET, PATCH and POST HTTP requests.

Creating a cluster peer

A new cluster peer relationship can be set up by issuing a POST request to /cluster/peers. Parameters in the POST body define the settings of the peering relationship. A successful POST request that succeeds in creating a peer returns a HTTP status code, code 201, along with the details of the created peer such as peer UUID, name, authentication information. A failed POST request returns an HTTP error code along with a message indicating the reason for the error. This can include malformed request and invalid operations.

Sample request

curl -X POST 'https://<mgmt-ip>/api/cluster/peers/' -d '{"authentication":{"expiry_time":"12/25/2018 12:34:56","generate_passphrase":true}}'
Examples
# Create - no params
body = {}
# Create with a peer address and a passphrase
body =
{
    "remote":
      {
          "ip_addresses":["1.2.3.4"]
      }
}
# Create with a peer name and a generated passphrase that is true
body =
{
    "name":"cp_xyz123",
    "authentication":
      {
          "generate_passphrase":true
      }
}
# Create with a name, a peer address, and a passphrase
body =
{
    "name":"cp_xyz123",
    "remote":
      {
          "ip_addresses": ["1.2.3.4"]
      },
    "authentication":
      {
          "passphrase":"xyz12345"
      }
 }
# Create with a proposed encryption protocol
body =
{
    "encryption":
      {
          "proposed":"tls-psk"
      }
}

Creating local intercluster LIFs

The local cluster must have an intercluster LIF on each node for the correct operation of cluster peering. If no local intercluster LIFs exist, you can optionally specify LIFs to be created for each node in the local cluster. These local interfaces, if specified, are created on each node before proceeding with the creation of the cluster peering relationship. Cluster peering relationship would be established if there is an error preventing the LIFs from being created. Local interfaces, once created, should not be specified for subsequent cluster peering relationships.

Local LIF creation fields

  • local_network.ip_addresses - list of IP addresses to assign, one per node in the local cluster
  • local_network.netmask - IPv4 mask or netmask length
  • local_network.broadcast_domain - Broadcast domain that is in use within the IPspace.
  • local_network.gateway - The IPv4 or IPv6 address of the default router.
Additional information on network routes

It might happen that when creating LIFs the network route discovery mechanism could take additional time (1-5 seconds) to become visible in the network outside of the cluster. This delay in publishing the routes might cause an initial cluster peer "create" request to fail. This error disappears with a retry of the same request.

Example
curl -X POST "https://<mgmt-ip>/api/cluster/peers" -d body

where "" is replaced by the IP address of the cluster management LIF, and "body" is replaced by the JSON body of the POST, containing the fields for the new peering relationship and local LIFs.

Example POST body

To create 4 intercluster LIFs on a 4-node cluster before creating a cluster peer relationship:

{
    "local_network":
    {
        "interfaces": [
            {"ip_address":"1.2.3.4"},
            {"ip_address":"1.2.3.5"},
            {"ip_address":"1.2.3.6"}
            ],
        "netmask": "255.255.0.0",
        "broadcast_domain": "Default",
        "gateway": "1.2.0.1"
    }
    "remote.ip_addresses": ["1.2.9.9"],
    "authentication.passphrase": "xyz12345"
}

Retrieve a cluster peer

Peers in a cluster can be retrieved by issuing a GET request to /cluster/peers. It is also possible to retrieve a specific peer when qualified by its UUID to /cluster/peers/{uuid}.

Overview of fields used for retrieving a cluster peer

A GET request might have no query parameters or a valid cluster UUID. The former retrieves all records while the latter retrieves the record for the cluster peer with that UUID.

Required fields

There are no required fields for GET requests.

Optional fields

The following fields are optional for GET requests

  • UUID - uuid of the cluster peer
Examples
curl -X GET "https://<mgmt-ip>/api/cluster/peers/"
curl -X GET "https://<mgmt-ip>/api/cluster/peers/{uuid}"
curl -X GET "https://<mgmt-ip>/api/cluster/peers/{uuid}?fields=*"

Update a cluster peer

A cluster peer relationship can be updated by issuing a PATCH request to /cluster/peers/{uuid}. As in the CLI mode, you can toggle the proposed encryption protocol, update the passphrase, or specify a new set of stable addresses. All PATCH requests take the parameters that are to be updated in the request body. If the generate_passphrase is 'true', the passphrase is returned in the PATCH response.

Fields overview

This sections highlights the parameters that control the modification of an existing cluster peering relationship.

Required fields

A PATCH request with an empty body has no effect on the cluster peer instance. All other fields and the combinations in which they are valid are indicated below:

  • encryption_proposed - Toggle the proposed encryption protocol (from 'none' to 'tls-psk' or otherwise). Authentication must be true and a passphrase must be present in body.
  • passphrase
  • passphrase or generate passphrase
  • remote.ip_addresses

Optional fields

  • expiration time - Set the expiration time of the passphrase
Examples
# Update with an empty body
body = {}
# Update the proposed encryption protocol from tls-psk to none
body =
{
    "authentication":
      {
          "passphrase":"xyz12345",
          "in_use":"ok"
      },
    "encryption":
      {
          "proposed":"none"
      }
}
# Update the passphrase
body =
{
    "authentication":
     {
         "passphrase":"xyz12345",
         "in_use":"ok"
     }
}
# Set an auto-generated passphrase
body =
{
    "authentication":
     {
         "generate_passphrase": true,
         "in_use":"ok"
     }
}
# Update remote IP addresses
body =
{
    "remote":
      {
          "ip_addresses":["10.224.65.30"]
      }
}
Sample requests
# Set a passphrase
curl -X PATCH 'https://<mgmt-ip>/api/cluster/peers/73123071-d0b9-11e8-a686-005056a7179a' -d '{"authentication":{"passphrase":"xyz12345","in_use":"ok"}}'
# Update a peer address
curl -X PATCH 'https://<mgmt-ip>/api/cluster/peers/73123071-d0b9-11e8-a686-005056a7179a' -d '{"remote":{"ip_addresses":["1.2.3.4"]}}'

Delete a cluster peer

This interface allows you to delete a cluster peer using the HTTP DELETE request.

Required fields

All delete operations must be performed on a valid peer UUID. Deleting an invalid peer returns 'HTTP 404' indicating an error.

Optional fields

The DELETE operation has no optional fields.

Request format

DELETE "https:///api/cluster/peers/{uuid}"

Examples

The request -

curl -X DELETE "https://<mgmt-ip>/api/cluster/peers/8becc0d4-c12c-11e8-9ceb-005056bbd143"

deletes a peer with peer UUID '8becc0d4-c12c-11e8-9ceb-005056bbd143'

Classes

class ClusterPeer (*args, **kwargs)

Allows interaction with ClusterPeer objects on the host

Initialize the instance of the resource.

Any keyword arguments are set on the instance as properties. For example, if the class was named 'MyResource', then this statement would be true:

MyResource(name='foo').name == 'foo'

Args

*args
Each positional argument represents a parent key as used in the URL of the object. That is, each value will be used to fill in a segment of the URL which refers to some parent object. The order of these arguments must match the order they are specified in the URL, from left to right.
**kwargs
each entry will have its key set as an attribute name on the instance and its value will be the value of that attribute.

Ancestors

Static methods

def delete_collection(*args, connection: HostConnection = None, **kwargs) -> NetAppResponse

Deletes a cluster peer.

Learn more


Delete all objects in a collection which match the given query.

All records on the host which match the query will be deleted.

Args

*args
Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to delete the collection of bars for a particular foo, the foo.name value should be passed.
connection
The HostConnection object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context.
**kwargs
Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be patched.

Returns

A NetAppResponse object containing the details of the HTTP response.

Raises

NetAppRestError: If the API call returned a status code >= 400

def find(*args, connection: HostConnection = None, **kwargs) -> Resource

Retrieve the collection of cluster peers.

Learn more


Find an instance of an object on the host given a query.

The host will be queried with the provided key/value pairs to find a matching resource. If 0 are found or if more than 1 is found, an error will be raised or returned. If there is exactly 1 matching record, then it will be returned.

Args

*args
Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to find a bar for a particular foo, the foo.name value should be passed.
connection
The HostConnection object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context.
**kwargs
Any key/value pairs passed will be sent as query parameters to the host.

Returns

A Resource object containing the details of the object.

Raises

NetAppRestError: If the API call did not return exactly 1 matching resource.

def get_collection(*args, connection: HostConnection = None, max_records: int = None, **kwargs) -> typing.Iterable

Retrieve the collection of cluster peers.

Learn more


Fetch a list of all objects of this type from the host.

Args

*args
Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to get the collection of bars for a particular foo, the foo.name value should be passed.
connection
The HostConnection object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context.
max_records
The maximum number of records to return per call
**kwargs
Any key/value pairs passed will be sent as query parameters to the host.

Returns

A list of Resource objects

Raises

NetAppRestError: If there is no connection available to use either passed in or on the library.

def patch_collection(body: dict, *args, connection: HostConnection = None, **kwargs) -> NetAppResponse

Updates a cluster peer instance.

Learn more


Patch all objects in a collection which match the given query.

All records on the host which match the query will be patched with the provided body.

Args

body
A dictionary of name/value pairs to set on all matching members of the collection.
*args
Each entry represents a parent key which is used to build the path to the child object. If the URL definition were /api/foos/{foo.name}/bars, then to patch the collection of bars for a particular foo, the foo.name value should be passed.
connection
The HostConnection object to use for this API call. If unset, tries to use the connection which is set globally for the library or from the current context.
**kwargs
Any key/value pairs passed will be sent as query parameters to the host. Only resources matching this query will be patched.

Returns

A NetAppResponse object containing the details of the HTTP response.

Raises

NetAppRestError: If the API call returned a status code >= 400

Methods

def delete(self, poll: bool = True, poll_interval: typing.Union = None, poll_timeout: typing.Union = None, **kwargs) -> NetAppResponse

Deletes a cluster peer.

Learn more


Send a deletion request to the host for this object.

Args

poll
If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
Any key/value pairs passed will be sent as query parameters to the host.

Returns

A NetAppResponse object containing the details of the HTTP response.

Raises

NetAppRestError: If the API call returned a status code >= 400

def get(self, **kwargs) -> NetAppResponse

Retrieves a specific cluster peer instance.

Learn more


Fetch the details of the object from the host.

Requires the keys to be set (if any). After returning, new or changed properties from the host will be set on the instance.

Returns

A NetAppResponse object containing the details of the HTTP response.

Raises

NetAppRestError: If the API call returned a status code >= 400

def patch(self, hydrate: bool = False, poll: bool = True, poll_interval: typing.Union = None, poll_timeout: typing.Union = None, **kwargs) -> NetAppResponse

Updates a cluster peer instance.

Learn more


Send the difference in the object's state to the host as a modification request.

Calculates the difference in the object's state since the last time we interacted with the host and sends this in the request body.

Args

hydrate
If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
Any key/value pairs passed will be sent as query parameters to the host.

Returns

A NetAppResponse object containing the details of the HTTP response.

Raises

NetAppRestError: If the API call returned a status code >= 400

def post(self, hydrate: bool = False, poll: bool = True, poll_interval: typing.Union = None, poll_timeout: typing.Union = None, **kwargs) -> NetAppResponse

Creates a peering relationship and, optionally, the IP interfaces it will use. There are two ways to create a peering relationship.

Provide remote IP

Here the user provides the remote IP address. Creating a new cluster peer relationship with a specific remote cluster requires at least one remote intercluster IP address from that cluster.

Required properties

  • remote.ip_addresses - Addresses of the remote peers. The local peer must be able to reach and connect to these addresses for the request to succeed in creating a peer.
  • Either set generate_passphrase to true or provide a passphrase in the body of the request; only one of them is required.

Optional properties

The following fields are optional for a POST on /cluster/peer/. All fields must follow the structure in the cluster peer API definition. * name - Name of the peering relationship. * passphrase - User generated passphrase for use in authentication. * generate_passphrase (true/false) - When this option is true, ONTAP automatically generates a passphrase to authenticate cluster peers. * ipspace - IPspace of the local intercluster LIFs. Assumes Default IPspace if not provided. * initial_allowed_svms - the local SVMs allowed to peer with the peer cluster's SVMs. This list can be modified until the remote cluster accepts this cluster peering relationship. * local_network - fields to create a local intercluster LIF. See section on "Creating local intercluster lifs". * expiry_time - Duration in ISO 8601 format for which the user-supplied or auto-generated passphrase is valid. Expiration time must not be greater than seven days into the future. ISO 8601 duration format is "PnDTnHnMnS" or "PnW" where n is a positive integer. The nD, nH, nM and nS fields can be dropped if zero. "P" should always be present and "T" should be present if there are any hours, minutes or seconds fields. * encryption_proposed (none/tls-psk) - Encryption mechanism of the communication channel between the two peers.

Do not provide remote IP

This method is used when the remote IP address is not provided. This method is used when the filer is ready to accept peering request from foreign clusters.

Required properties

  • generate_passphrase (true) - This option must be set to true. ONTAP automatically generates a passphrase to authenticate cluster peers. Either set generate_passphrase to true or provide a passphrase in the body of the request; only one of them is required.

Optional properties

The following fields are optional for a POST on /cluster/peer/. All fields must follow the structure in the cluster peer API definition. * name - Name of the remote peer. * ipspace - IPspace of the local intercluster LIFs. Assumes Default IPspace if not provided. * initial_allowed_svms - Local SVMs allowed to peer with the peer cluster's SVMs. This list can be modified until the remote cluster accepts this cluster peering relationship. * local_network - Fields to create a local intercluster LIF. See section on "Creating local intercluster lifs". * expiry_time - Duration in ISO 8601 format for which the user-supplied or auto-generated passphrase is valid. Expiration time must not be greater than seven days into the future. ISO 8601 duration format is "PnDTnHnMnS" or "PnW" where n is a positive integer. The nD, nH, nM and nS fields can be dropped if zero. "P" should always be present and "T" should be present if there are any hours, minutes or seconds fields. * encryption_proposed (none/tls-psk) - Encryption mechanism of the communication channel between the two peers.

Additional information

As with creating a cluster peer through the CLI, the combinations of options must be valid in order for the create operation to succeed. The following list shows the combinations that will succeed and those that will fail: * a passphrase only (fail) * a peer IP address (fail) * a passphrase with an expiration time > 7 days into the future (fail) * peer IP address and a passphrase (OK) * generate_passphrase=true (OK) * any proposed encryption protocol (OK) * an IPspace name or UUID (OK) * a passphrase, peer IP address, and any proposed encryption protocol (OK) * a non empty list initial allowed vserver peer names or UUIDs. (OK)

Learn more

Learn more


Send this object to the host as a creation request.

Args

hydrate
If set to True, after the response is received from the call, a a GET call will be made to refresh all fields of the object.
poll
If set to True, the call will not return until the asynchronous job on the host has completed. Has no effect if the host did not return a job response.
poll_interval
If the operation returns a job, this specifies how often to query the job for updates.
poll_timeout
If the operation returns a job, this specifies how long to continue monitoring the job's status for completion.
**kwargs
Any key/value pairs passed will be sent as query parameters to the host.

Returns

A NetAppResponse object containing the details of the HTTP response.

Raises

NetAppRestError: If the API call returned a status code >= 400

Inherited members

class ClusterPeerSchema (only=None, exclude=(), many=False, context=None, load_only=(), dump_only=(), partial=False, unknown=None)

The fields of the ClusterPeer object

Ancestors

  • netapp_ontap.resource.ResourceSchema
  • marshmallow.schema.Schema
  • marshmallow.schema.BaseSchema
  • marshmallow.base.SchemaABC

Class variables

var authentication

The authentication field of the cluster_peer.

var encryption

The encryption field of the cluster_peer.

var initial_allowed_svms

The local SVMs allowed to peer with the peer cluster's SVMs. This list can be modified until the remote cluster accepts this cluster peering relationship.

var ipspace

The ipspace field of the cluster_peer.

The links field of the cluster_peer.

var local_network

The local_network field of the cluster_peer.

var name

Optional name for the cluster peer relationship. By default it is the name of the remote cluster.

Example: cluster2

var opts
var remote

The remote field of the cluster_peer.

var status

The status field of the cluster_peer.

var uuid

UUID of the cluster peer relationship. For anonymous cluster peer offers, the UUID will change when the remote cluster accepts the relationship.

Example: 1cd8a442-86d1-11e0-ae1c-123478563412