Fish the UCS API with Wireshark http://developer.cisco.com/c/message_boards/find_recent_posts?p_l_id= 2013-05-18T08:20:39Z 2013-05-18T08:20:39Z Steve Chambers http://developer.cisco.com/c/message_boards/find_message?p_l_id=&messageId=2602169 2010-10-04T17:11:57Z 2010-10-04T17:11:57Z

Tested this again with Firefox and Poster:   If I send aaaLogin I get an outCookie. If I send aaaRefresh with inCookie set to outCookie value, I get the response errorCode="552" invocationResult="unidentified-fail" errorDescr="Authorization required" If I send aaaRefresh with cookie set to outCookie value, I get the response errorCode="552" invocationResult="unidentified-fail" errorDescr="Authorization required"   When I do this on UCSPE:   If I send aaaLogin I get an outCookie. If I send aaaRefresh with inCookie set to outCookie value, I get the response <aaaRefresh cookie="" response="yes" outCookie="1283410307/ddcf6b84-36e8-4513-b8d5-d4a8ab45e859" outRefreshPeriod="600" outPriv="aaa,admin,ext-lan-config,ext-lan-policy,ext-lan-qos,ext-lan-security,ext-san-config,ext-san-policy,ext-san-security,fault,operations,pod-config,pod-policy,pod-qos,pod-security,read-only" outDomains="org-root" outChannel="noencssl" outEvtChannel="noencssl"> </aaaRefresh>

Steve Chambers 2010-10-04T17:11:57Z Steve Chambers http://developer.cisco.com/c/message_boards/find_message?p_l_id=&messageId=2602082 2010-10-04T16:05:23Z 2010-10-04T16:05:23Z

...and here's me running the exact same code but this time @ UCSPE... this is the end of a debug log (I'm using Ruby, but I get the same results with Firefox Poster).     [b]First, aaaRefresh works:[/b]   I, [2010-10-04T12:03:24.681215 #50103]  INFO -- CiscoUCS:UCSM: dispatch called with <aaaRefresh inCookie='1283408575/96edbd49-6f0d-4087-800f-ddf18cb1f432'/> I, [2010-10-04T12:03:24.694525 #50103]  INFO -- CiscoUCS:UCSM: dispatch received  <aaaRefresh cookie="" response="yes" outCookie="1283408575/443b4d43-9492-489c-a5fe-c94c8db805d2" outRefreshPeriod="600" outPriv="aaa,admin,ext-lan-config,ext-lan-policy,ext-lan-qos,ext-lan-security,ext-san-config,ext-san-policy,ext-san-security,fault,operations,pod-config,pod-policy,pod-qos,pod-security,read-only" outDomains="org-root" outChannel="noencssl" outEvtChannel="noencssl"> </aaaRefresh> [b]and so does aaaLogout:[/b]   I, [2010-10-04T12:03:24.696213 #50103]  INFO -- CiscoUCS:UCSM: logout @url=http://192.168.1.66/nuova, @cookie=1283408575/443b4d43-9492-489c-a5fe-c94c8db805d2 I, [2010-10-04T12:03:24.702486 #50103]  INFO -- CiscoUCS:UCSM: dispatch starting I, [2010-10-04T12:03:24.702667 #50103]  INFO -- CiscoUCS:UCSM: dispatch called with <aaaLogout inCookie='1283408575/443b4d43-9492-489c-a5fe-c94c8db805d2'/> I, [2010-10-04T12:03:24.705481 #50103]  INFO -- CiscoUCS:UCSM: dispatch received  <aaaLogout cookie="" response="yes" outStatus="success"> </aaaLogout>

Steve Chambers 2010-10-04T16:05:23Z Steve Chambers http://developer.cisco.com/c/message_boards/find_message?p_l_id=&messageId=2602001 2010-10-04T15:35:24Z 2010-10-04T15:35:24Z

I had the two aaaRefresh/aaaLogout methods working fine on the UCS Platform Emulator, but then when I point at a "real" UCS I get errors back from the API.  Here's the response for the aaaLogin (works fine) and then the two "broken" methods:   [b]Login works fine, we get the cookie back:[/b] <aaaLogin cookie="" response="yes" outCookie="1286188141/01f3a63b-0881-4779-8883-78897329b861" outRefreshPeriod="600" outPriv="admin,read-only" outDomains="" outChannel="noencssl" outEvtChannel="noencssl" outSessionId="web_37413_B" outVersion="1.3(1c)"> </aaaLogin>   [b]I can get MOs back:[/b] Sent: <configResolveClass inHierarchical='false' cookie='1286188242/5eda8671-76a3-4678-9084-6e42f2306084' classId='networkElement'/> Received: <configResolveClass cookie="1286188242/5eda8671-76a3-4678-9084-6e42f2306084" response="yes" classId="networkElement"> <outConfigs>  <networkElement adminInbandIfState="disable"  dn="sys/switch-A" fltAggr="4294967296" id="A" inbandIfGw="0.0.0.0" inbandIfIp="0.0.0.0" inbandIfMask="0.0.0.0" inbandIfVnet="0" model="N10-S6100" oobIfGw="10.52.204.222" oobIfIp="10.52.204.193" oobIfMask="255.255.255.224" operability="operable" revision="0"  serial="SSI132107CJ"  totalMemory="3549" vendor="Cisco Systems, Inc."/>  <networkElement adminInbandIfState="disable"  dn="sys/switch-B" fltAggr="8589934592" id="B" inbandIfGw="0.0.0.0" inbandIfIp="0.0.0.0" inbandIfMask="0.0.0.0" inbandIfVnet="0" model="N10-S6100" oobIfGw="10.52.204.222" oobIfIp="10.52.204.194" oobIfMask="255.255.255.224" operability="operable" revision="0"  serial="SSI13180DB5"  totalMemory="3549" vendor="Cisco Systems, Inc."/> </outConfigs> </configResolveClass>   [b]But aaaRefresh doesn't work with the same cookie:[/b] Sent: <aaaRefresh inCookie='1286188242/5eda8671-76a3-4678-9084-6e42f2306084'/> Received: <aaaRefresh cookie="1286188141/01f3a63b-0881-4779-8883-78897329b861" response="yes" errorCode="552" invocationResult="unidentified-fail" errorDescr="Authorization required"> </aaaRefresh> [b]Neither does aaaLogout"[/b] Sent: <aaaLogout inCookie='1286188242/5eda8671-76a3-4678-9084-6e42f2306084'/>   Received: <aaaLogout cookie="1286184622/6788cb4d-8806-4be8-9674-4dcfdcf10bed" response="yes" errorCode="555" invocationResult="unidentified-fail" errorDescr="Session not found"> </aaaLogout> Any ideas?

Steve Chambers 2010-10-04T15:35:24Z Steve Chambers http://developer.cisco.com/c/message_boards/find_message?p_l_id=&messageId=2599172 2010-10-01T21:27:15Z 2010-10-01T21:25:30Z

I'm working on a Ruby gem called UCSAPI.  This is a blog post on ViewYonder about it and how to get it (really easy).  Early days, just some basic stuff in there for now... worth a lookie tho'   [url=http://viewyonder.com/2010/10/01/easy-access-to-the-cisco-ucs-api-via-the-ruby-ucsapi-module/]Easy access to the Cisco UCS API via the Ruby UCSAPI Module[/url]   Here's what you can do so far... I'm working on going deeper on each object (e.g. into computeBlade) and wider to cover more objects (e.g. lsServer) and more methods (e.g. config changes and listening).   Last login: Thu Sep 30 21:52:06 on ttys001 13:20:08 ~ $ irb >> require 'UCSAPI' => true     >> include UCSAPI => Object   >> ucspe = UCSM.new( :url => 'http://192.168.1.66/nuova', :inName => 'config', :inPassword => 'config') ...output removed..   >> ucspe.fabric ..dumps two fabric objects out, which look ugly on a blog...   >> ucspe.fabric.each { |fabric| puts fabric.oobIfIp } 192.168.1.66 0.0.0.0   >> ucspe.chassis.each { |chassis| puts chassis.dn + " is managed by Fabric " + chassis.managingInst } sys/chassis-1 is managed by Fabric A sys/chassis-2 is managed by Fabric A sys/chassis-3 is managed by Fabric A   >> ucspe.fan( :fabric => 'A' ).each { |fan| puts fan.serial + " is " + fan.operState } Chassis-2A is operable Chassis-1A is operable   >> ucspe.psu( :chassis => 1).each { |psu| puts psu.dn + " voltage is " + psu.voltage } sys/chassis-1/psu-4 voltage is ok sys/chassis-1/psu-3 voltage is ok sys/chassis-1/psu-2 voltage is ok sys/chassis-1/psu-1 voltage is ok

Steve Chambers 2010-10-01T21:25:30Z Steve Chambers http://developer.cisco.com/c/message_boards/find_message?p_l_id=&messageId=2551319 2010-09-19T13:51:33Z 2010-09-19T13:51:33Z

You can monitor and control Cisco UCS via the XML API¿ if you just knew how.  As well as learning the API, you also need to troubleshoot it.  For those two reasons, you need to know how to use Wireshark to expose the raw API interactions.   http://viewyonder.com/2010/09/19/fish-the-ucs-api-pool-with-wireshark/ 

Steve Chambers 2010-09-19T13:51:33Z