NSX Autonomous Edge REST API
System Administration
Associated URIs:
| API Description | API Path |
|---|---|
Read node propertiesReturns information about the NSX appliance. Information includes release number, time zone, system time, kernel version, message of the day (motd), and host name. |
GET /api/v1/node
|
Set the node system timeSet the node system time to the given time in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'. |
POST /api/v1/node?action=set_system_time
|
Restart or shutdown nodeRestarts or shuts down the NSX appliance. |
POST /api/v1/node?action=restart|shutdown
|
Update node propertiesModifies NSX appliance properties. Modifiable properties include the timezone, message of the day (motd), and hostname. The NSX appliance node_version, system_time, and kernel_version are read only and cannot be modified with this method. |
PUT /api/v1/node
|
Read node authentication policy configurationReturns information about the currently configured authentication policies on the node. |
GET /api/v1/node/aaa/auth-policy
|
Update node authentication policy configurationUpdate the currently configured authentication policy on the node. If any of api_max_auth_failures, api_failed_auth_reset_period, or api_failed_auth_lockout_period are modified, the http service is automatically restarted. |
PUT /api/v1/node/aaa/auth-policy
|
Read api certificate properties |
GET /api/v1/node/api-certificate
|
Update api certificate properties |
POST /api/v1/node/api-certificate
|
Read edge config diagnosis |
GET /api/v1/node/diagnosis
|
Read edge diagnosis inconsistency |
GET /api/v1/node/diagnosis/inconsistency
|
List node files |
GET /api/v1/node/file-store
|
Create directory in remote file serverCreate a directory on the remote remote server. Supports only SFTP. You must provide the remote server's SSH fingerprint. See the NSX Administration Guide for information and instructions about finding the SSH fingerprint. |
POST /api/v1/node/file-store?action=create_remote_directory
|
Delete file |
DELETE /api/v1/node/file-store/<file-name>
|
Read file properties |
GET /api/v1/node/file-store/<file-name>
|
Copy file in the file store to a remote file storeCopy a file in the file store to a remote server. If you use scp or sftp, you must provide the remote server's SSH fingerprint. See the NSX-T Administration Guide for information and instructions about finding the SSH fingerprint. |
POST /api/v1/node/file-store/<file-name>?action=copy_to_remote_file
|
Copy a remote file to the file storeCopy a remote file to the file store. If you use scp or sftp, you must provide the remote server's SSH fingerprint. See the NSX-T Administration Guide for information and instructions about finding the SSH fingerprint. |
POST /api/v1/node/file-store/<file-name>?action=copy_from_remote_file
|
Upload a file to the file storeWhen you issue this API, the client must specify: - HTTP header Content-Type:application/octet-stream. - Request body with the contents of the file in the filestore. In the CLI, you can view the filestore with the get files command. |
POST /api/v1/node/file-store/<file-name>
|
Read file contents |
GET /api/v1/node/file-store/<file-name>/data
|
Replace file contents |
PUT /api/v1/node/file-store/<file-name>/data
|
Read file thumbprint |
GET /api/v1/node/file-store/<file-name>/thumbprint
|
Gets the enable status for Mandatory Access Control |
GET /api/v1/node/hardening-policy/mandatory-access-control
|
Enable or disable Mandatory Access Control |
PUT /api/v1/node/hardening-policy/mandatory-access-control
|
Get the report for Mandatory Access Control |
GET /api/v1/node/hardening-policy/mandatory-access-control/report
|
Logical-router diagnosisReturns information of specified logical-router configured on edge. |
GET /api/v1/node/logical-routers/<logical-router-id>/diagnosis
|
Logical-routers diagnosisReturns information of all logical-routers or specified type of logical-routers configured on edge. |
GET /api/v1/node/logical-routers/diagnosis
|
List available node logsReturns the number of log files and lists the log files that reside on the NSX virtual appliance. The list includes the filename, file size, and last-modified time in milliseconds since epoch (1 January 1970) for each log file. Knowing the last-modified time with millisecond accuracy since epoch is helpful when you are comparing two times, such as the time of a POST request and the end time on a server. |
GET /api/v1/node/logs
|
Read node log propertiesFor a single specified log file, lists the filename, file size, and last-modified time. |
GET /api/v1/node/logs/<log-name>
|
Read node log contentsFor a single specified log file, returns the content of the log file. This method supports byte-range requests. To request just a portion of a log file, supply an HTTP Range header, e.g. "Range: bytes=<start>-<end>". <end> is optional, and, if omitted, the file contents from start to the end of the file are returned.' |
GET /api/v1/node/logs/<log-name>/data
|
Get Edge maintenance mode |
GET /api/v1/node/maintenance-mode
|
Set Edge maintenance mode |
PUT /api/v1/node/maintenance-mode
|
Read network configuration properties |
GET /api/v1/node/network
|
List the Node's Network InterfacesReturns the number of interfaces on the node appliance and detailed information about each interface. Interface information includes MTU, broadcast and host IP addresses, link and admin status, MAC address, network mask, and the IP configuration method (static or DHCP). |
GET /api/v1/node/network/interfaces
|
Read the Node's Network InterfaceReturns detailed information about the specified interface. Interface information includes MTU, broadcast and host IP addresses, link and admin status, MAC address, network mask, and the IP configuration method. |
GET /api/v1/node/network/interfaces/<interface-id>
|
Update the Node's Network InterfaceUpdates the specified interface properties. You cannot change the properties ip_configuration,
ip_addresses, or plane. NSX
Manager must have a static IP address. You must use NSX CLI to configure a controller or an edge node. |
PUT /api/v1/node/network/interfaces/<interface-id>
|
Read the Node's Network Interface StatisticsOn the specified interface, returns the number of received (rx), transmitted (tx), and dropped packets; the number of bytes and errors received and transmitted on the interface; and the number of detected collisions. |
GET /api/v1/node/network/interfaces/<interface-id>/stats
|
Read the Node's Name ServersReturns the list of servers that the node uses to look up IP addresses associated with given domain names. |
GET /api/v1/node/network/name-servers
|
Update the Node's Name ServersModifies the list of servers that the node uses to look up IP addresses associated with given domain names. If DHCP is configured, this method returns a 409 CONFLICT error, because DHCP manages the list of name servers. |
PUT /api/v1/node/network/name-servers
|
List node network routesReturns detailed information about each route in the node routing table. Route information includes the route type (default, static, and so on), a unique route identifier, the route metric, the protocol from which the route was learned, the route source (which is the preferred egress interface), the route destination, and the route scope. The route scope refers to the distance to the destination network: The "host" scope leads to a destination address on the node, such as a loopback address; the "link" scope leads to a destination on the local network; and the "global" scope leads to addresses that are more than one hop away. |
GET /api/v1/node/network/routes
|
Create node network routeAdd a route to the node routing table. For static routes, the route_type, interface_id, netmask, and destination are required parameters. For default routes, the route_type, gateway address, and interface_id are required. For blackhole routes, the route_type and destination are required. All other parameters are optional. When you add a static route, the scope and route_id are created automatically. When you add a default or blackhole route, the route_id is created automatically. The route_id is read-only, meaning that it cannot be modified. All other properties can be modified by deleting and readding the route. |
POST /api/v1/node/network/routes
|
Delete node network routeDelete a route from the node routing table. You can modify an existing route by deleting it and then posting the modified version of the route. To verify, remove the route ID from the URI, issue a GET request, and note the absense of the deleted route. |
DELETE /api/v1/node/network/routes/<route-id>
|
Read node network routeReturns detailed information about a specified route in the node routing table. |
GET /api/v1/node/network/routes/<route-id>
|
Read the Node's Search DomainsReturns the domain list that the node uses to complete unqualified host names. When a host name does not include a fully qualified domain name (FQDN), the NSX Management node appends the first-listed domain name to the host name before the host name is looked up. The NSX Management node continues this for each entry in the domain list until it finds a match. |
GET /api/v1/node/network/search-domains
|
Update the Node's Search DomainsModifies the list of domain names that the node uses to complete unqualified host names. If DHCP is configured, this method returns a 409 CONFLICT error, because DHCP manages the list of name servers. |
PUT /api/v1/node/network/search-domains
|
List node processesReturns the number of processes and information about each process. Process information includes 1) mem_resident, which is roughly equivalent to the amount of RAM, in bytes, currently used by the process, 2) parent process ID (ppid), 3) process name, 4) process up time in milliseconds, 5) mem_used, wich is the amount of virtual memory used by the process, in bytes, 6) process start time, in milliseconds since epoch, 7) process ID (pid), 8) CPU time, both user and the system, consumed by the process in milliseconds. |
GET /api/v1/node/processes
|
Read node processReturns information for a specified process ID (pid). |
GET /api/v1/node/processes/<process-id>
|
List node servicesReturns a list of all services available on the node applicance. |
GET /api/v1/node/services
|
Read NSX EdgeDatapath service properties |
GET /api/v1/node/services/dataplane
|
Restart, start or stop the NSX EdgeDatapath service |
POST /api/v1/node/services/dataplane?action=restart|start|stop
|
Update NSX Edge Datapath service properties |
PUT /api/v1/node/services/dataplane
|
Get NSX Edge dataplane cpu stats |
GET /api/v1/node/services/dataplane/cpu-stats
|
Update NSX Edge dataplane control packets prioritization settingEnable or disable NSX Edge dataplane control packets prioritization. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/ctrl-prio
|
Check dynamic core feature enabled status of NSX Edge dataplaneCheck current status of NSX Edge dataplane dynamic core feature. |
GET /api/v1/node/services/dataplane/dynamic-core
|
Update NSX Edge dataplane dynamic core feature enabled statusEnable or disable NSX Edge dataplane dynamic core feature. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/dynamic-core
|
Get NSX Edge dataplane flow cache setting |
GET /api/v1/node/services/dataplane/flow-cache
|
Update NSX Edge dataplane flow cache settingEnable or disable NSX Edge dataplane flow cache. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/flow-cache
|
Return top 10 flows informationRun flow monitor for timeout seconds for all or certain CPU core(s) and return top 10 flows. |
GET /api/v1/node/services/dataplane/flow-mon
|
Start NSX Edge dataplane flow monitorStarts NSX Edge dataplane flow monitor on all or certain CPU core(s) with a timeout. Stops flow monitor after timeout and dumps the flow file on local file store on edge. If top_10 argument is set to true top 10 flows are collected, else all flows are collected. |
PUT /api/v1/node/services/dataplane/flow-mon
|
Get NSX Edge dataplane geneve cbit setting |
GET /api/v1/node/services/dataplane/geneve-cbit
|
Update NSX Edge dataplane geneve cbit settingEnable or disable NSX Edge dataplane geneve critical bit. |
PUT /api/v1/node/services/dataplane/geneve-cbit
|
Update NSX Edge dataplane interrupt mode settingEnable or disable NSX Edge dataplane interrupt mode. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/intr-mode
|
Get NSX Edge dataplane l2vpn pmtu message generation setting |
GET /api/v1/node/services/dataplane/l2vpn-pmtu
|
Update NSX Edge dataplane l2vpn pmtu message generation settingEnable or disable NSX Edge dataplane pmtu cache in l2vpn. |
PUT /api/v1/node/services/dataplane/l2vpn-pmtu
|
Depreciated. Please use /node/services/dataplane/pmtu-learning |
GET /api/v1/node/services/dataplane/l3vpn-pmtu
(Deprecated)
|
Depreciated. Please use /node/services/dataplane/pmtu-learning |
PUT /api/v1/node/services/dataplane/l3vpn-pmtu
(Deprecated)
|
Get NSX Edge dataplane pmtu learning setting |
GET /api/v1/node/services/dataplane/pmtu-learning
|
Update NSX Edge dataplane pmtu learning settingEnable or disable NSX Edge dataplane pmtu learning |
PUT /api/v1/node/services/dataplane/pmtu-learning
|
Update NSX Edge dataplane QAT feature enabled statusEnable or disable NSX Edge dataplane QAT feature. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/qat-enable
|
Get NSX Edge dataplane QAT setting |
GET /api/v1/node/services/dataplane/qat-status
|
Get NSX Edge rx and tx queue number per port per coreGet NSX Edge rx and tx queue number per port per core. |
GET /api/v1/node/services/dataplane/queue-num-per-port-per-core
|
Set NSX Edge rx and tx queue number per port per coreSet NSX Edge rx and tx queue number per port per core. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/queue-num-per-port-per-core
|
Return rx/tx ring size information |
GET /api/v1/node/services/dataplane/ring-size
|
Set NSX Edge rx ring size for physical portsSet NSX Edge rx ring size for physical ports. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/rx-ring-size
|
Read NSX EdgeDatapath service status |
GET /api/v1/node/services/dataplane/status
|
Set NSX Edge tx ring size for physical portsSet NSX Edge tx ring size for physical ports. Dataplane service must be restarted for the change to take effect. |
PUT /api/v1/node/services/dataplane/tx-ring-size
|
Read NSX Edge Docker service propertiesRead the Docker service process properties from Edge. |
GET /api/v1/node/services/docker
|
Read NSX Edge Docker service statusChecks the status of dockerd process on the Edge. If dockerd process is running, returns "running", returns "stopped" otherwise. |
GET /api/v1/node/services/docker/status
|
Read NSX Edge Ipsec VPN service propertiesRead the IPsec VPN service process properties from Edge. |
GET /api/v1/node/services/ipsecvpn
|
Update NSX Edge Ipsec VPN service properties |
PUT /api/v1/node/services/ipsecvpn
|
Read NSX Edge Ipsec VPN service statusChecks the status of iked process on the Edge. If iked process is running, returns "running", returns "stopped" otherwise. |
GET /api/v1/node/services/ipsecvpn/status
|
Read liagent service properties |
GET /api/v1/node/services/liagent
|
Restart, start or stop the liagent service |
POST /api/v1/node/services/liagent?action=restart|start|stop
|
Read liagent service status |
GET /api/v1/node/services/liagent/status
|
Read NSX Edge NSXA service properties |
GET /api/v1/node/services/local-controller
|
Restart, start or stop the NSX EdgeNSXA service |
POST /api/v1/node/services/local-controller?action=restart|start|stop
|
Update NSX Edge NSXA service properties |
PUT /api/v1/node/services/local-controller
|
Read NSX EdgeNSXA service status |
GET /api/v1/node/services/local-controller/status
|
Read NSX Nestdb service properties |
GET /api/v1/node/services/nestdb
|
Restart, start or stop the NSX Nestdb service |
POST /api/v1/node/services/nestdb?action=restart|start|stop
|
Read NSX Nestdb service status |
GET /api/v1/node/services/nestdb/status
|
Read appliance management service properties |
GET /api/v1/node/services/node-mgmt
|
Restart the node management service |
POST /api/v1/node/services/node-mgmt?action=restart
|
Read appliance management service status |
GET /api/v1/node/services/node-mgmt/status
|
Read NSX Platform Client service properties |
GET /api/v1/node/services/nsx-platform-client
|
Restart, start or stop the NSX Platform Client service |
POST /api/v1/node/services/nsx-platform-client?action=restart|start|stop
|
Read NSX Platform Client service status |
GET /api/v1/node/services/nsx-platform-client/status
|
Read NSX upgrade Agent service properties |
GET /api/v1/node/services/nsx-upgrade-agent
|
Restart, start or stop the NSX upgrade agent service |
POST /api/v1/node/services/nsx-upgrade-agent?action=restart|start|stop
|
Read Nsx upgrade agent service status |
GET /api/v1/node/services/nsx-upgrade-agent/status
|
Read NTP service properties |
GET /api/v1/node/services/ntp
|
Restart, start or stop the NTP service |
POST /api/v1/node/services/ntp?action=restart|start|stop
|
Update NTP service properties |
PUT /api/v1/node/services/ntp
|
Read NTP service status |
GET /api/v1/node/services/ntp/status
|
Read NSX Edge Replica Agent service properties |
GET /api/v1/node/services/replica-agent
|
Restart, start or stop the NSX Edge Replica Agent service |
POST /api/v1/node/services/replica-agent?action=restart|start|stop
|
Read NSX Autonomous Edge Replica Agent client status from the seconday node |
GET /api/v1/node/services/replica-agent/client/status
|
Read NSX Edge Replica Agent service status |
GET /api/v1/node/services/replica-agent/status
|
Read NSX EdgeMSR service properties |
GET /api/v1/node/services/router
|
Read NSX EdgeMSRConfig service properties |
GET /api/v1/node/services/router-config
|
Read NSX EdgeMSRConfig service status |
GET /api/v1/node/services/router-config/status
|
Read NSX EdgeMSR service status |
GET /api/v1/node/services/router/status
|
Read SNMP service propertiesRead SNMP service properties. |
GET /api/v1/node/services/snmp
|
Restart, start or stop the SNMP service |
POST /api/v1/node/services/snmp?action=restart|start|stop
|
Update SNMP service propertiesUpdate SNMP service properties. |
PUT /api/v1/node/services/snmp
|
Read SNMP service status |
GET /api/v1/node/services/snmp/status
|
Read SNMP V3 Engine ID |
GET /api/v1/node/services/snmp/v3-engine-id
|
Update SNMP V3 Engine ID |
PUT /api/v1/node/services/snmp/v3-engine-id
|
Read ssh service properties |
GET /api/v1/node/services/ssh
|
Remove a host's fingerprint from known hosts file |
POST /api/v1/node/services/ssh?action=remove_host_fingerprint
|
Restart, start or stop the ssh service |
POST /api/v1/node/services/ssh?action=start|stop|restart
|
Update ssh service propertiesUpdate ssh service properties. If the start_on_boot property is updated to true, existing ssh sessions if any are stopped and the ssh service is restarted. |
PUT /api/v1/node/services/ssh
|
Restart, start or stop the ssh service |
POST /api/v1/node/services/ssh/notify_mpa?action=start|stop|restart
|
Read ssh service status |
GET /api/v1/node/services/ssh/status
|
Read syslog service properties |
GET /api/v1/node/services/syslog
|
Restart, start or stop the syslog service |
POST /api/v1/node/services/syslog?action=restart|start|stop
|
Delete all node syslog exportersRemoves all syslog exporter rules. |
DELETE /api/v1/node/services/syslog/exporters
|
List node syslog exportersReturns the collection of registered syslog exporter rules, if any. The rules specify the collector IP address and port, and the protocol to use. |
GET /api/v1/node/services/syslog/exporters
|
Add node syslog exporterAdds a rule for exporting syslog information to a specified server. The required parameters are the rule name (exporter_name); severity level (emerg, alert, crit, and so on); transmission protocol (TCP or UDP); and server IP address or hostname. The optional parameters are the syslog port number, which can be 1 through 65,535 (514, by default); facility level to use when logging messages to syslog (kern, user, mail, and so on); and message IDs (msgids), which identify the types of messages to export. |
POST /api/v1/node/services/syslog/exporters
|
Verify node syslog exporterCollect iptables rules needed for all existing syslog exporters and verify if the existing iptables rules are the same. If not, remove the stale rules and add the new rules to make sure all exporters work properly. |
POST /api/v1/node/services/syslog/exporters?action=verify
|
Delete node syslog exporterRemoves a specified rule from the collection of syslog exporter rules. |
DELETE /api/v1/node/services/syslog/exporters/<exporter-name>
|
Read node syslog exporterReturns information about a specific syslog collection point. |
GET /api/v1/node/services/syslog/exporters/<exporter-name>
|
Read syslog service status |
GET /api/v1/node/services/syslog/status
|
Read node statusReturns information about the node appliance's file system, CPU, memory, disk usage, and uptime. |
GET /api/v1/node/status
|
Update node statusClear node bootup status |
POST /api/v1/node/status?action=clear_bootup_error
|
Read node support bundle |
GET /api/v1/node/support-bundle
|
List appliance management tasks |
GET /api/v1/node/tasks
|
Delete task |
DELETE /api/v1/node/tasks/<task-id>
|
Read task properties |
GET /api/v1/node/tasks/<task-id>
|
Cancel specified task |
POST /api/v1/node/tasks/<task-id>?action=cancel
|
Read asynchronous task response |
GET /api/v1/node/tasks/<task-id>/response
|
List node usersReturns the list of users configured to log in to the NSX appliance. |
GET /api/v1/node/users
|
Read node userReturns information about a specified user who is configured to log in to the NSX appliance. The valid user IDs are: 0, 10000, 10002. |
GET /api/v1/node/users/<userid>
|
Update node userUpdates attributes of an existing NSX appliance user. This method cannot be used to add a new user. Modifiable attributes include the username, full name of the user, and password. If you specify a password in a PUT request, it is not returned in the response. Nor is it returned in a GET request. The specified password does not meet the following complexity requirements: - minimum 12 characters in length - minimum 1 uppercase character - minimum 1 lowercase character - minimum 1 numeric character - minimum 1 special character - minimum 5 unique characters - default password complexity rules as enforced by the Linux PAM module The valid user IDs are: 0, 10000, 10002. Note that invoking this API does not update any user-related properties of existing objects in the system and does not modify the username field in existing audit log entries. |
PUT /api/v1/node/users/<userid>
|
List SSH keys from authorized_keys file for node userReturns a list of all SSH keys from authorized_keys file for node user |
GET /api/v1/node/users/<userid>/ssh-keys
|
Remove SSH public key from authorized_keys file for node user |
POST /api/v1/node/users/<userid>/ssh-keys?action=remove_ssh_key
|
Add SSH public key to authorized_keys file for node user |
POST /api/v1/node/users/<userid>/ssh-keys?action=add_ssh_key
|
Read node version |
GET /api/v1/node/version
|
Additional
Links