What’s new with the ONTAP REST API and automation

Contributors dmp-netapp

NetApp periodically updates the ONTAP REST API to bring you new features, enhancements, and bug fixes.

ONTAP 9.11.1

ONTAP 9.11.1 continues to expand the capabilities of the ONTAP REST API with nearly a hundred new API calls. These endpoints support the new ONTAP features as well as enhancements to existing features. This release focuses on supporting customer migration to the ONTAP REST API from the Data ONTAP API (ONTAPI or ZAPI).

Granular RBAC

The ONTAP role-based access control (RBAC) capability has been enhanced to provide additional granularity. You can use the traditional roles or create new roles as needed. Every role can be associated with one or more access definitions, each of which identifies a command or REST API call along with the desire access level. New access permissions are also available, such as read_create and read_modify. This enhancement provides parity with the Data ONTAP API (ONTAPI or ZAPI) and supports customer migration to the REST API.

Performance counters

Previous ONTAP releases have maintained statistical information about the operational characteristics of the system. With the 9.11.1 release, this information has been enhanced and is now available through the REST API. An administrator or automated process can access the data to determine system performance. The statistical information, as maintained by the counter manager subsystem, is presented in a database format using tables and rows. This enhancement brings the ONTAP REST API closer to parity with the Data ONTAP API (ONTAPI or ZAPI).

Aggregate management

The management of ONTAP storage aggregates has been enhanced. You can use the updated REST endpoints to move aggregates online and offline as well as manage the spares.

IP subnet capability

The ONTAP networking capability has been expanded to include support for IP subnets. The REST API provides access to the configuration and management of the IP subnets within an ONTAP cluster.

Multiple administrator verification

The multiple administrator verification feature provides a flexible authorization framework for protecting access to ONTAP commands or operations. You can define rules that identify the restricted commands. When a user requests access to a specific command, approval can be granted by multiple ONTAP administrators as appropriate.

SnapMirror enhancements

The SnapMirror capability has been enhanced in several areas including scheduling. The SnapVault relationship parity has been added in a DP relationship with ONTAP 9.11.1 Also, the throttle feature available with the REST API has reached parity with the Data ONTAP API (ONTAPI or ZAPI).

Name services cache support

ONTAP name services has been enhanced to support caching which improves performance and resiliency. Configuration of the name services cache can now be accessed through the REST API. Settings can be applied at multiple levels including: hosts, unix-users, unix-groups, and netgroups.

ONTAP 9.10.1

ONTAP 9.10.1 continues to expand the capabilities of the ONTAP REST API. Over a hundred new endpoints have been added to support new ONTAP features as well as enhancements to existing features. A summary of the REST API enhancements is presented below.

Application consistency group

A consistency group is a set of volumes that are grouped together when performing certain operations such as a snapshot. This feature extends the same crash consistency and data integrity implicit with single-volume operations across a set of volumes. It is valuable for large multi-volume workload applications.

SVM migration

You can migrate an SVM from a source cluster to a destination cluster. The new endpoints provide complete control, including the ability to pause, resume, retrieve status, and abort a migration operation.

File cloning and management

Volume-level file cloning and management have been enhanced. New REST endpoints support file move, copy, and split operations.

Improved S3 auditing

Auditing of the S3 events is a security improvement allowing you to track and log certain S3 events. An S3 audit event selector can be set on a per SVM per bucket basis.

Ransomware defense

ONTAP detects files potentially containing a ransomware threat. You can retrieve a list of these suspect files as well as remove them from a volume.

Miscellaneous security enhancements

There are several general security enhancements that expand existing protocols and introduce new capabilities. Improvements have been made to IPSEC, key management, SSH configuration, and file permissions.

CIFS domains and local groups

Support for CIFS domains has been added at the cluster and SVM level. You can retrieve the domain configuration as well as create and remove preferred domain controllers.

Expanded volume analytics

Volume analytics and metrics have been expanded through additional endpoints to support top files, directories, and users.

Support enhancements

Support has been enhanced through several new features. Automatic update can keep your ONTAP systems current by downloading and applying the latest software updates. You can also retrieve and manage the memory core dumps generated by a node.

ONTAP 9.9.1

ONTAP 9.9.1 continues to expand the capabilities of the ONTAP REST API. There are new API endpoints for existing ONTAP features, including SAN port sets and vServer file directory security. In addition, endpoints have been added to support new ONTAP 9.9.1 features and enhancements. And the related documentation has also been improved. A summary of the enhancements is presented below.

Mapping ONTAPI to the ONTAP 9 REST API

To help you transition your ONTAP automation code to the REST API, NetApp provides API mapping documentation. This reference includes a list of ONTAPI calls and the REST API equivalent for each. The mapping document has been updated to include the new ONTAP 9.9.1 API end points. See ONTAPI to REST API mapping for more information.

API endpoints for new ONTAP 9.9.1 core features

Support for new ONTAP 9.9.1 features that are not available through the ONTAPI API has been added to the REST API. This includes support for nested igroups and Google Cloud Key Management Services.

Improved support for transitioning to REST from ONTAPI

More of the legacy ONTAPI calls now have corresponding REST API equivalents. This includes local Unix users and groups, management of NTFS file security without the need for a client, SAN port sets, and volume space attributes. These changes are also included in the updated ONTAPI to REST mapping documentation.

Enhanced online documentation

The ONTAP online documentation reference page now includes labels indicating the ONTAP release when each REST endpoint or parameter was introduced, including those new with ONTAP 9.9.1.

ONTAP 9.8

ONTAP 9.8 greatly expands the breadth and depth of the ONTAP REST API. It includes several new features which enhance your ability to automate the deployment and management of ONTAP storage systems. In addition, support has been improved for assisting with the transition to REST from the legacy ONTAPI API.

Mapping ONTAPI to the ONTAP 9 REST API

To help you update your ONTAPI automation, NetApp provides a list of ONTAPI calls that require one or more input parameters, along with a mapping of those calls to the equivalent ONTAP 9 REST API call. See ONTAPI to REST API mapping for more information.

API endpoints for new ONTAP 9.8 core features

Support for the new core ONTAP 9.8 features not available through ONTAPI has been added to the REST API. This includes REST API support for ONTAP S3 buckets and services, SnapMirror Business Continuity, and File System Analytics.

Expanded support for enhanced security

Security has been enhanced through the support of several services and protocols, including Azure Key Vault, Google Cloud Key Management Services, IPSec, and Certificate Signing Requests.

Enhancements to improve simplicity

ONTAP 9.8 delivers more efficient and modern workflows using the REST API. For example, oneclick firmware updates are now available for several different types of firmware.

Enhanced online documentation

The ONTAP online documentation page now includes labels indicating the ONTAP release that each REST endpoint or parameter was introduced, including those new in 9.8.

Improved support for transitioning to REST from ONTAPI

More legacy ONTAPI calls now have corresponding REST API equivalents. Documentation is also available to help identify which REST endpoint should be used in place of an existing ONTAPI call.

Expanded performance metrics

Performance metrics for the REST API have been expanded to include several new storage and network objects.

ONTAP 9.7

ONTAP 9.7 extends the functional scope of the ONTAP REST API by introducing three new resource categories, each with several REST endpoints:

  • NDMP

  • Object store

  • SnapLock

ONTAP 9.7 also introduces one or more new REST endpoints in several of the existing resource categories:

  • Cluster

  • NAS

  • Networking

  • NVMe

  • SAN

  • Security

  • Storage

  • Support

ONTAP 9.6

ONTAP 9.6 greatly extends the REST API support originally introduced in ONTAP 9.4. The ONTAP 9.6 REST API supports most ONTAP configuration and administration tasks.

REST APIs in ONTAP 9.6 include the following key areas and many more:

  • Cluster setup

  • Protocol configuration

  • Provisioning

  • Performance monitoring

  • Data protection

  • Application aware data management