Virtual Server Filtering
Filtering of the discovered virtual servers and draft virtual server endpoints makes it easier to manage large numbers of virtual servers.
The existing Public Experimental API endpoints for virtual servers have been changed to support the required filters and associated UI operations. You can now filter a discovered virtual server collection by:
name
SLB (API uses href as per conventions)
VIP: IP, proto, port (any or all)
virtual server href
Virtual Server Endpoints
New filters have been added for the following existing endpoints:
GET /orgs/:xorg_id/discovered_virtual_serversGET /orgs/:xorg_id/sec_policy/:pversion/virtual_servers
Note
These Interface endpoints are available only for API version V2.
Virtual Server Discoveries
Virtual server discovery happens passively once the Server Load Balancer (SLB) is configured and the Network Enforcement Node (NEN) receives the SLB configuration changes. However, users might want to be able to run virtual server discovery on demand.
The new schema network_enforcement_nodes_virtual_server_discovery_jobs_put.schema.json is used to create a virtual server discovery job request that contains the slb_name, the virtual server ip_address, and the port. NEN picks up the request, launches the discovery of the virtual server information, and posts the results back.
Discovery Job On-demand
Use the following API:
POST /api/v2/orgs/1/network_enforcement_nodes/virtual_server_discovery_jobs
where the required properties are:
slb_name
Description: Name of the SLB to interrogate.
Format: String
virtual_server_infos
Description: An array of virtual_server_info objects consisting of virtual_server port and IP address
Format: Array of Objects
Check the Status of Discovery Job
To find out the results of the discovery request use the following command:
GET /api/v2/orgs/1/network_enforcement_nodes/virtual_server_discovery_jobs/:job_uuid
Discovered Virtual Servers
Filter | URI Example | Notes |
|---|---|---|
|
| Supports partial and incomplete matches |
|
| |
|
| Supports suffix matches, e.g. 10.1 matches any IP address that starts with "10.1", "10.100", ... but not "110.x" |
|
| |
|
| |
|
| The |
|
| Options for this filter are "unmanaged" or "enforced" |
|
(JSON encoded array of arrays) | |
|
|
Virtual Servers
Filter | URI Example | Notes |
|---|---|---|
|
| Supports partial and incomplete matches |
|
| |
|
| Supports suffix matches, e.g., 10.1 matches any IP address that starts with "10.1", "10.100", ... but not "110.x" |
|
| |
|
| |
|
| Options for this filter are "unmanaged" or "enforced" |
|
| |
|
|
Schema Changes
discovered_virtual_servers
The following object has been added to the schema:
{
[... existing fields ...]
"virtual_server" : {
"href": "/orgs/1/sec_policy/draft/virtual_servers/fbae7cd2-04c3-4d7b-a628-2d69a9d64a71" ,
"update_type" : "create", # or "update", "delete", null
"mode": "enforced", # or "unmanaged"
"labels" [
{ "href": "/orgs/1/labels/2", "key": "role", "value": "database"},
{ "href": "/orgs/1/label/12", "key": "env", "value": "production"}
]
}
}virtual_servers
The "mode" and "vip_port" fields have been added to the "discovered_virtual_server sub-object" to reflect the filtering result.
{
[... existing fields ...]
"discovered_virtual_server" : {
"dvs_identifier" : "5111ecf75c61544720d800cce97a624d" ,
"href" : "/orgs/1/discovered_virtual_servers/c1cd1f00-7b48-4c43-a099-f758ac1a9b40" ,
"mode" : "snat" ,
"name" : "Common/vip1" ,
"vip_port" : {
"port" : "80" ,
"protocol" : 6 ,
"vip" : "10.0.0.109"
}
}
}slb_config
This schema has been deprecated. It was used for nfc (Network Function Controller), which is now deprecated.