Invoke Infoblox Rest API calls with PowerShell

Invoke Infoblox Rest API calls with PowerShell

Invoke Infoblox Rest API calls with PowerShell  : In this blog post we would look at how we can leverage REST API’s provided by Infoblox and how we can use PowerShell to automate various tasks which need an admin to log into the Infoblox UI.

If you dont know what is infoblox, its a leading company focusing on software and hardware for managing Internet addresses and identifying devices connected to networks—specifically solutions for Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), and IP address management.

Infoblox offers an interface to NIOS based on REST (REpresentational State Transfer). This API, which they call WAPI (or Web-based API), is also called a RESTful web API and is available starting with NIOS release 6.6.

This API can be used to query your NIOS environment or to build tools that interact with NIOS to automate your organization’s work processes.

The RESTful API does not require client software and will work with your grid master without a need for any additional hardware.

Because the API lives on the grid master, it will scale as your network grows and it will it will take advantage of the redundancy and high availability you build into your grid.

It enables clients to work with NIOS releases. The API is versioned, so you can build tools with confidence that future releases of NIOS won’t cause your applications to break.

ok, now lets look at how the Infoblox grid ui looks like.

As you can see section A shows the hostnames / vmnames and section B shows the corresponding IP address, now if you want to bulk add / retrieve / delete these records it can become a painful task to do it the manual way.

This is where REST kicks in ;). With the PowerShell Invoke-WebRequest cmdlet you can almost any API exposed by the GRID and build your automation solutions.

Using the below code we can extract details about the ipaddress of a host.

function returnmatch {

param ($ref)

$ref -match "record:host/([^;]*):" | Out-Null 

return $Matches[1]

}

$Credential = Get-Credential

Write-Verbose "Executing GET Request on $vmhostname.domain.com"
$webrequest = Invoke-WebRequest -Uri "https://<Grid Server IP>/wapi/v2.0/record:host?name=$vmhostname.domain.com" -Credential $Credential
$b=$webrequest.Content | ConvertFrom-Json


$refnew = $b._ref

$b = $b | select @{l='Ref_ID';e={returnmatch -ref $refnew}},@{l='Host';e={($_ | select -ExpandProperty ipv4addrs).host}},@{l='IPV4Addr';e={($_ | select -ExpandProperty ipv4addrs).ipv4addr}}

When i fill in the required parameters and invoke this code, you would see the results as below, i get the hostname, the REFID and also the IPAddress.

The Ref_ID we extracted from the above web request can be again used to delete this record as its the parameter required as an input.

For this i have put together a function.

function Remove-IBHostRecord {

# Example Usage as below, user will get a popup ro enter the ib grid credential (admin/infoblox) : - 
# Remove-IBHostRecord -vmhostname florthainntry


param ($vmhostname,[pscredential]$Credential = (Get-Credential -Message 'InfoBlox credential'))



### Ignore TLS/SSL errors
add-type @"
using System.Net;
using System.Security.Cryptography.X509Certificates;
public class TrustAllCertsPolicy : ICertificatePolicy {
public bool CheckValidationResult(
ServicePoint srvPoint, X509Certificate certificate,
WebRequest request, int certificateProblem) {
return true;
}}
"@

[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy


function returnmatch {

param ($ref)

$ref -match "record:host/([^;]*):" | Out-Null 

return $Matches[1]

}

# Update with the prod grid server ip.

Write-Verbose "Executing GET Request on $vmhostname.domain.com"
$webrequest = Invoke-WebRequest -Uri "https://<GridServerIP>/wapi/v2.0/record:host?name=$vmhostname.domain.com" -Credential $Credential
$b=$webrequest.Content | ConvertFrom-Json


$refnew = $b._ref

$b = $b | select @{l='Ref_ID';e={returnmatch -ref $refnew}},@{l='Host';e={($_ | select -ExpandProperty ipv4addrs).host}},@{l='IPV4Addr';e={($_ | select -ExpandProperty ipv4addrs).ipv4addr}}

$b | Export-Csv "c:\iprecords_infoblox.csv" -Append

# Creating URI for delete record

$refid = $b.Ref_ID

$uri = "https://<GridServerIP>/wapi/v2.0/record:host/$refid"

try { 
$request = Invoke-RestMethod -Uri $uri -Method Delete -Credential $Credential -ErrorAction Stop
Write-Host "Record $($b.ipv4addr) succesfully deleted" -ForegroundColor Green

}

catch {

Write-Host "Error occured in deleting Record $($b.ipv4addr) / Record does not exist" -ForegroundColor Red

}

}

Remove-IBHostRecord -vmhostname flidfom

Remove-IBHostRecord -vmhostname floainoor

Remove-IBHostRecord -vmhostname florthaientry

Remove-IBHostRecord -vmhostname fntairwell

Here’s a sample execution view of the above function. As you can see with the try-catch block we are able to catch errors and show them in a more understandable way to the admin.

Create a Host Record

An update to the post, i was testing out ways to create a Host record, if you go through the API guide for infoblox you would find an example built in curl.

If you need to create a Host record in default view, its pretty simple using Invoke-WebRequest cmdlet.

But the issue comes when you try to create this in another view, the above command will fail with an error.

This is because the JSON format fed into the request is not correct as it does not have the view specified, its neither covered in the API guide.

Now to fix this i had to do a bit of tweaking, i had to add this extra line to specify the view type ,`”view`”:’Corp’ , as by default everything will go to “default” container.

This time when i ran the code it ran as expected and was able to see the entry created in desired view.

add-type @"
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    public class TrustAllCertsPolicy : ICertificatePolicy {
        public bool CheckValidationResult(
            ServicePoint srvPoint, X509Certificate certificate,
            WebRequest request, int certificateProblem) {
            return true;
        }
    }
"@
[System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy

$IPv4Address = "101.161.181.10"
$HostName =  "testrecord.domain.com"
$Credential = Get-Credential
$InfobloxURI = "https://<Grid-Server-IP>/wapi/v2.0/record:host"

        
write-host $InfobloxURI
$Data = "{`"ipv4addrs`":[{`"ipv4addr`":'$IPv4Address'}],`"name`":'$HostName',`"view`":'Corp'}" | ConvertFrom-Json | ConvertTo-Json

        
write-host $data

$WebReqeust = Invoke-WebRequest -Uri $InfobloxURI -Method Post -Body $Data -ContentType "application/json" -Credential $Credential

I hope you enjoyed this post and found it useful, hope it helps you out with infoblox automation using powershell.