Skip to main content

Hey

In Calm (Script that I have in old lab, AOS v6.5) My script (part in blueprint) use REST API and ip is used as localhost:

 

Now, In self-Service not accepted localhost (security reasoning).

In Self-Service Administration and Operations Guide I see some script that use @@{pc_ip}@@ but this is not real variable.

Is there any alternative to get the Prism Central IP and use it in my script? since I use the same script in many PC, It not good practice to hard coded the IP..

alternatively: is there a way to get the cluster list (instead use API)?

 

Thanks

Hi

I don’t see an official dynamic solution, as escript won't let you import python modules for extracting the IP or FQDN of PC.

What I do, is use a python pre-create set-variable task that connects to a dedicated Self-Service database I’ve built.

I store all the infrastructure data over there, such as all PC’s all DNS servers etc.

On this pre-create task I query the relevant data for the blueprint, according to the logic of the blueprint.
Then, I will use the PC IP or FQDN as a macro variable

Hope it helps.

 

 

Thank you for the answer.

This might work, but I really want to avoid storing additional configurations if possible :)

The only reason I need the PC IP is to use the cluster/list API.

 

Is there a built-in option to use the API without specifying the PC IP?

Hey Eviatar,

I understand your need.

API needs a full URI, thus, the PC FQDN/IP needs to be known.

using escript means you execute the code on the specific PC you defined in your provider account.

I don’t know of a way to ask PC for its own IP using escript as it is very hardened.

Another thing to mention - calm_jwt macro will not be available in the future(!) in pc2024.3.1.3 if you choose to decouple NCM from PC, it will stop working, and in a few updates  decoupling will become mandatory.

So - if you can’t use calm_jwt you will need to use PC’s credentials. What will you do then? as you have multiple PCs and I guess you don’t use the same user/pass on every one of them

My solution for your scenario is using dynamic credentials for all of the PCs

You will also need to use an external database to store all of your PCs IP/FQDN and retrieve the right one, based on the provider account you select. (If you move your blueprint to another environment, you will anyway have to change the “account” field (which is your provider account)

 

Sorry if I wasn’t too helpful on your issue…

Cheers.

Oh no

I did not know calm_jwt will not be available! where it mentioned?

Thank you for the suggestion. I will need to change the blueprint…

 

It’s in the NCM 1.5 release notes

 

Terms & Conditions