REST API reference
Create an FPolicy engine configuration for an SVM
Suggest changes
PDFs
POST /protocols/fpolicy/{svm.uuid}/engines
Introduced In: 9.6
Creates an FPolicy engine configuration for a specified SVM. FPolicy engine creation is allowed only on data SVMs.
Required properties
-
svm.uuid- Existing SVM in which to create the FPolicy engine. -
name- Name of external engine. -
port- Port number of the FPolicy server application. -
primary_servers- List of primary FPolicy servers to which the node will send notifications.
Recommended optional properties
-
secondary_servers- It is recommended to configure secondary FPolicy server to which the node will send notifications when the primary server is down.
Default property values
-
type- synchronous -
format- xml
Related ONTAP commands
-
fpolicy policy external-engine create
Learn more
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
Request Body
| Name | Type | Description |
|---|---|---|
buffer_size |
Specifies the send and recieve buffer size of the connected socket for the FPolicy server. |
|
certificate |
Provides details about certificate used to authenticate the Fpolicy server. |
|
format |
string |
The format for the notification messages sent to the FPolicy servers. The possible values are:
|
max_server_requests |
integer |
Specifies the maximum number of outstanding requests for the FPolicy server. It is used to specify maximum outstanding requests that will be queued up for the FPolicy server. The value for this field must be between 1 and 10000. The default value can be 500 , 1000 or 2000 depending on the hardware platform. |
name |
string |
Specifies the name to assign to the external server configuration. |
port |
integer |
Port number of the FPolicy server application. |
primary_servers |
array[string] |
|
request_abort_timeout |
string |
Specifies the ISO-8601 timeout duration for a screen request to be aborted by a storage appliance. The allowed range is between 0 to 200 seconds. |
request_cancel_timeout |
string |
Specifies the ISO-8601 timeout duration for a screen request to be processed by an FPolicy server. The allowed range is between 0 to 100 seconds. |
resiliency |
If all primary and secondary servers are down, or if no response is received from the FPolicy servers, file access events are stored inside the storage controller under the specified resiliency-directory-path. |
|
secondary_servers |
array[string] |
|
server_progress_timeout |
string |
Specifies the ISO-8601 timeout duration in which a throttled FPolicy server must complete at least one screen request. If no request is processed within the timeout, connection to the FPolicy server is terminated. The allowed range is between 0 to 100 seconds. |
ssl_option |
string |
Specifies the SSL option for external communication with the FPolicy server. Possible values include the following:
|
status_request_interval |
string |
Specifies the ISO-8601 interval time for a storage appliance to query a status request from an FPolicy server. The allowed range is between 0 to 50 seconds. |
svm |
||
type |
string |
The notification mode determines what ONTAP does after sending notifications to FPolicy servers. The possible values are:
|
Example request
{
"certificate": {
"ca": "TASample1",
"name": "Sample1-FPolicy-Client",
"serial_number": "8DDE112A114D1FBC"
},
"format": "string",
"max_server_requests": 500,
"name": "fp_ex_eng",
"port": 9876,
"primary_servers": [
"10.132.145.20",
"10.140.101.109"
],
"request_abort_timeout": "PT40S",
"request_cancel_timeout": "PT20S",
"resiliency": {
"directory_path": "/dir1",
"retention_duration": "PT3M"
},
"secondary_servers": [
"10.132.145.20",
"10.132.145.21"
],
"server_progress_timeout": "PT1M",
"ssl_option": "string",
"status_request_interval": "PT10S",
"svm": {
"uuid": "string"
},
"type": "string"
}Response
Status: 201, Created| Name | Type | Description |
|---|---|---|
_links |
||
num_records |
integer |
Number of records |
records |
array[fpolicy_engine] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"records": [
{
"certificate": {
"ca": "TASample1",
"name": "Sample1-FPolicy-Client",
"serial_number": "8DDE112A114D1FBC"
},
"format": "string",
"max_server_requests": 500,
"name": "fp_ex_eng",
"port": 9876,
"primary_servers": [
"10.132.145.20",
"10.140.101.109"
],
"request_abort_timeout": "PT40S",
"request_cancel_timeout": "PT20S",
"resiliency": {
"directory_path": "/dir1",
"retention_duration": "PT3M"
},
"secondary_servers": [
"10.132.145.20",
"10.132.145.21"
],
"server_progress_timeout": "PT1M",
"ssl_option": "string",
"status_request_interval": "PT10S",
"svm": {
"uuid": "string"
},
"type": "string"
}
]
}Error
Status: DefaultONTAP Error Response Codes
| Error Code | Description |
|---|---|
9764885 |
The primary secondary server has a redundant IP address |
9764953 |
The name of the FPolicy engine is "native" which is reserved by the system |
| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
buffer_size
Specifies the send and recieve buffer size of the connected socket for the FPolicy server.
| Name | Type | Description |
|---|---|---|
recv_buffer |
integer |
Specifies the receive buffer size of the connected socket for the FPolicy server. Default value is 256KB. |
send_buffer |
integer |
Specifies the send buffer size of the connected socket for the FPolicy server. Default value 1MB. |
certificate
Provides details about certificate used to authenticate the Fpolicy server.
| Name | Type | Description |
|---|---|---|
ca |
string |
Specifies the certificate authority (CA) name of the certificate used for authentication if SSL authentication between the SVM and the FPolicy server is configured. |
name |
string |
Specifies the certificate name as a fully qualified domain name (FQDN) or custom common name. The certificate is used if SSL authentication between the SVM and the FPolicy server is configured. |
serial_number |
string |
Specifies the serial number of the certificate used for authentication if SSL authentication between the SVM and the FPolicy server is configured. |
resiliency
If all primary and secondary servers are down, or if no response is received from the FPolicy servers, file access events are stored inside the storage controller under the specified resiliency-directory-path.
| Name | Type | Description |
|---|---|---|
directory_path |
string |
Specifies the directory path under the SVM namespace, where notifications are stored in the files whenever a network outage happens. |
enabled |
boolean |
Specifies whether the resiliency feature is enabled or not. Default is false. |
retention_duration |
string |
Specifies the ISO-8601 duration, for which the notifications are written to files inside the storage controller during a network outage. The value for this field must be between 0 and 600 seconds. Default is 180 seconds. |
svm
| Name | Type | Description |
|---|---|---|
uuid |
string |
SVM UUID |
fpolicy_engine
Defines how ONTAP makes and manages connections to external FPolicy servers.
| Name | Type | Description |
|---|---|---|
buffer_size |
Specifies the send and recieve buffer size of the connected socket for the FPolicy server. |
|
certificate |
Provides details about certificate used to authenticate the Fpolicy server. |
|
format |
string |
The format for the notification messages sent to the FPolicy servers. The possible values are:
|
max_server_requests |
integer |
Specifies the maximum number of outstanding requests for the FPolicy server. It is used to specify maximum outstanding requests that will be queued up for the FPolicy server. The value for this field must be between 1 and 10000. The default value can be 500 , 1000 or 2000 depending on the hardware platform. |
name |
string |
Specifies the name to assign to the external server configuration. |
port |
integer |
Port number of the FPolicy server application. |
primary_servers |
array[string] |
|
request_abort_timeout |
string |
Specifies the ISO-8601 timeout duration for a screen request to be aborted by a storage appliance. The allowed range is between 0 to 200 seconds. |
request_cancel_timeout |
string |
Specifies the ISO-8601 timeout duration for a screen request to be processed by an FPolicy server. The allowed range is between 0 to 100 seconds. |
resiliency |
If all primary and secondary servers are down, or if no response is received from the FPolicy servers, file access events are stored inside the storage controller under the specified resiliency-directory-path. |
|
secondary_servers |
array[string] |
|
server_progress_timeout |
string |
Specifies the ISO-8601 timeout duration in which a throttled FPolicy server must complete at least one screen request. If no request is processed within the timeout, connection to the FPolicy server is terminated. The allowed range is between 0 to 100 seconds. |
ssl_option |
string |
Specifies the SSL option for external communication with the FPolicy server. Possible values include the following:
|
status_request_interval |
string |
Specifies the ISO-8601 interval time for a storage appliance to query a status request from an FPolicy server. The allowed range is between 0 to 50 seconds. |
svm |
||
type |
string |
The notification mode determines what ONTAP does after sending notifications to FPolicy servers. The possible values are:
|
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
next |
||
self |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |