This page documents the queries put forth by the SDK users.
1. How do I get set_style() with the HOSTS option in Perl if I get "Authorization failed" error?
2. How do I fix the "SSL initialization" error while using HTTPS transport option in my application?
3. Which ports are used on the storage system for Data ONTAP API communication?
4. Where do I find information about the NetApp SNMP MIBs and supported Data ONTAP versions?
5. Can I connect to a MultiStore system (vFiler) using HTTPS?
7. Does ONTAPI access to vFiler units using HTTP work with Data ONTAP versions prior to 7.2?
8. Do SDK libraries work with older Data ONTAP versions?
9. Which version of ONTAPI should be used by the client programs?
10. Where can I find more information about the error returned by the APIs?
11. How does Data ONTAP API behave in the absence of the required license on the storage system?
13. How do I make non-blocking API calls to the storage system?
18. How can I read the 64-bit integer value from the API output?
19. When should I use iterative APIs?
20. What is the minimum version of Data ONTAP that supports the IPv6 feature?
21. How do I know whether IPv6 is configured in a storage system?
22. Where can I get information about configuring IPv6 on the storage system?
24. How do I know whether a storage system is a NetApp storage system or an IBM N series system?
25. How can I retrieve the vendor ID of my storage system?
26. What are the Microsoft .Net Framework languages supported by Manage ONTAP SDK 3.5?
27. Where can I find more information about errors returned by the Microsoft .NET Core APIs?
28. Can I make use of certificate-based authentication using HTTPS?
29. Where can I find ntapadmin.dll?
HOSTS option requires the 'httpd.admin.hostsequiv.enable' option on the storage system to be set to 'on'.
If you use the Perl API set_style() with the HOSTS option, and 'httpd.admin.hostsequiv.enable' is not set to 'on', you get the error message 'Authorization failed'. It runs the rsh command successfully on the storage system.
Following is the output when you run the options httpd command:
|
httpd.access |
legacy |
|
httpd.admin.access |
legacy |
|
httpd.admin.enable |
on |
|
httpd.admin.hostsequiv.enable |
on |
|
httpd.admin.max_connections |
512 |
|
httpd.admin.ssl.enable |
off |
|
httpd.autoindex.enable |
on |
|
httpd.enable |
on |
|
httpd.log.format |
common |
|
httpd.method.trace.enable |
off |
|
httpd.rootdir |
XXX |
|
httpd.timeout |
300 |
|
httpd.timewait.enable |
off |
To set the above option, run the following command on NetApp storage system:
$options httpd.admin.hostsequiv.enable on
Check whether OpenSSL libraries are in your Path environment variable. On UNIX, check whether LD_LIBRARY_PATH has path for OpenSSL libraries. On Windows, check whether PATH environment variable has a path for OpenSSL libraries.
When the path is not set as mentioned above, the application fails and sends the error message "SSL initialization failed".
Following are the default ports on the storage system used for Data ONTAP API communication:
HTTP transport - 80
HTTPS transport - 443
The SNMP MIB files are present at the NOW site. Click here to view.
No. SSL is not supported on MultiStore/vFiler systems. Therefore, Data ONTAP API calls to MultiStore/vFiler systems using HTTPS as the transport mechanism is not possible. To overcome this limitation, use the vFiler tunneling feature of the SDK.
vFiler tunneling is the ability to execute an API on a vFiler unit through a physical storage system. This feature is supported by the -v option of the apitest utility. The na_server_set_vfiler() interface is used for this purpose.
For more information, click here.
No. It only works from Data ONTAP 7.2.1 and later.
Yes. Libraries in the later versions of the Manage ONTAP SDK work with the older APIs. For example, Manage ONTAP SDK 1.6 works with Data ONTAP versions prior to 7.2).
As a good practice, the client program should specify the lowest ONTAPI version that corresponds to the APIs used by the program. This ensures that the client program is usable on as many storage systems as possible.
If the client program specifies the latest version of ONTAPI, it is usable on the latest version of Data ONTAP only, even if it uses the older APIs.
The ONTAPI version is specified in na_server_open().
For example:
s = na_server_open(argv[1],1,4);
By providing ONTAPI 1.4 in the client program, it is usable on Data ONTAP 7.0, 7.1, and 7.2. You can use the API 'system-get-ontapi-version' command on the client program to know the ONTAPI version of Data ONTAP.
The include/netapp_errno.h file in the SDK provides information about the error numbers returned by the APIs.
The Data ONTAP APIs return the EAPILICENSE error in the absence of the required license on the storage system.
Not all the APIs are supported for vFiler units. Check the API documentation to determine whether the API is supported for vFiler units. If the 'vfiler-enabled' tag is "Yes", then the API is supported for the vFiler units.
You can set the timeout value for the server connection to a non-zero value to make API calls non-blocking. For the applications that use the C APIs, you can set the timeout value using the Core API na_server_set_timeout(). Timeout setting is not supported in Java and Perl APIs.
The total number of client connections is limited by the maximum HTTP connections allowed by the storage system. The option 'httpd.admin.max_connections' decides this value and falls in the range of 1 and 1023.
You can determine the maximum connection allowed by the storage system by entering the following command-line interface command:
$options httpd
|
httpd.access |
legacy |
|
httpd.admin.access |
legacy |
|
httpd.admin.enable |
on |
|
httpd.admin.hostsequiv.enable |
on |
|
httpd.admin.max_connections |
512* |
|
httpd.admin.ssl.enable |
off |
|
httpd.autoindex.enable |
on |
|
httpd.enable |
on |
|
httpd.log.format |
common |
|
httpd.method.trace.enable |
off |
|
httpd.rootdir |
XXX |
|
httpd.timeout |
300 |
|
httpd.timewait.enable |
off |
* The value that is set.
For Data ONTAP 7.1 and later, the longest permitted retention period is 70 years. To support an extended range for record retention dates, SnapLock provides a mechanism by which applications can specify retention dates up to January 19, 2071. This is accomplished by defining a new epoch for the last access time of January 1, 2003, at 00:00:00 GMT. Rather than offsetting the entire time range, SnapLock interprets last access times before January 1, 2003, as dates in the future, using the wraparound technique. This technique leaves all retention dates between January 1, 2003, and January 19, 2038 identical to the regular format. However, it remaps dates in the range 1970 through 2003 to the range 2038 through 2071.
For Data ONTAP 7.0 systems, the longest permitted retention period is 30 years, and setting a record's retention date to the 2038 through 2071 extended range is not supported. Therefore, for Data ONTAP 7.1 and later, to set the date beyond January 19,2038, you must map the date to a date in the range of 1970 through 2003.
For Data ONTAP 7.1 and later, years 1970 through 2003 are remapped to 2038 through 2071. Therefore, the years from 1970 through 2003 actually represent the future years from 2038 to 2071. See question 15 for details.
Yes. You can do so by using either command or APIs, as follows:
Use the useradmin command to restrict the client from using Data ONTAP APIs.
For more information, see the $man useradmin command.
APIs support setting RBAC using the 'useradmin-*' API family. You can set a particular user to have only particular API capabilities. Following is the granularity with which you can assign API capabilities to a user:
|
Capability |
Level of Access |
|
api-* |
Grants the specified role all API capabilities. |
|
api-api_call_family-* |
Grants the specified role the capability to call all API routines in the family api_call_family. |
|
api-api_call |
Grants the specified role the capability to call the API api_call. |
Note: Users with API capability also require the login-http-admin capability to execute APIs.
You can use the na_child_get_int64() or na_child_get_uint64() API to read a 64-bit integer value.
Prior to Manage ONTAP SDK 3.0, the 64-bit integer value was read as a string by using the API na_child_get_string(), and then the string was converted to a 64-bit integer.
Use iterative APIs when the output is expected to have a large amount of data (for example, thousands of qtrees).
Do not use iterative APIs when the output does not contain a large amount of data.
IPv6 feature is supported by Data ONTAP 7.3.1 and later.
To check whether IPv6 is configured, run the following command:
$ifconfig -a
Look for the inet6 address or IPv6 format address. An example of an IPv6 address is as follows: 3ffe:1900:4545:3:200:f8ff:fe21:67cf
For information about how to configure IPv6, see the Data ONTAP 7.3.1 System Administration Guide on the Netapp On the Web (NOW) site.
Yes. You must enable the option httpd.ipv6.enable to make Data ONTAP APIs queries using the HTTP or HTTPS transport mechanism on an IPv6 network.
To enable IPv6, run the following command:
$options http
To use the Windows DCE/RPC transport mechanism on an IPv6 network, enable option cifs.ipv6.enable. Run the following command to enable the option cifs.ipv6.enable:
$options cifs.ipv6.enable on
Use the system-get-version API to get the vendor information.
For NetApp storage system, the output is as follows:
$apitest <host> <user> <password> system-get-version
<results status="passed">
<version>NetApp Release 7.3: Fri May 9 08:47:06 PDT 2008</version>
</results>
Following is the output for an IBM N series, which has an IBM tag:
$apitest <host> <user> <password> system-get-version
<results status="passed">
<version>Data ONTAP Release 7.1.2: Thu Feb 22 00:45:26 PST 2007 (IBM)</version>
</results>
The system-get-info API returns the vendor ID as part of output parameter vendor-id. The value for vendor-id is NetApp for NetApp storage systems and IBM for IBM N series systems.
Following is an example of system-get-info:
<results status="passed">
<system-info>
<system-id>0084181440</system-id>
<system-model>FAS270</system-model>
<vendor-id>NetApp</vendor-id>
<system-serial-number>3047474</system-serial-number>
............
</system-info>
</results>
<results status="passed">
<system-info>
<system-id>0084181440</system-id>
<system-model>FAS270</system-model>
<vendor-id>IBM</vendor-id>
<system-serial-number>3047474</system-serial-number>
............
</system-info>
</results>
The Microsoft .Net Framework languages that Manage ONTAP SDK 3.5 supports are C# and VB.NET.
To view all the errors returned by the APIs, launch the Microsoft .NET Core API documentation. Select the topic ErrNo Enumeration from the Table of Contents.
Certificate-based authentication is not yet supported by the Manage ONTAP SDK.
The ntapadmin.dll library is at lib\nt. It is required for the RPC transport mechanism.