SEMP script required for Enabling/Disabling VPN

I am trying to write powershell/BASH script to enable/disable VPN. Can anyone give me a sample script (BASH or powershell)

Assume My VPN URL is this:

http://10.1.255.255:8080/SEMP/v2/config/msgVpns/v001

let's assume user name is admin. Password is ADMpwd1

Best Answer

  • RobO
    RobO Member, Employee Posts: 19 Solace Employee
    edited July 2021 #2 Answer ✓

    An example call I have used in the past is the following (with your URL and creds in place):

    curl -X PATCH -u admin:ADMpwd1 -H "content-type: application/json" http://10.1.255.255:8080/SEMP/v2/config/msgVpns/v001 -d '{"enabled":false}'

    Change "enabled":true to enable. You can then wrap that call in any script that you want.

Answers

  • RobO
    RobO Member, Employee Posts: 19 Solace Employee
    edited July 2021 #3 Answer ✓

    An example call I have used in the past is the following (with your URL and creds in place):

    curl -X PATCH -u admin:ADMpwd1 -H "content-type: application/json" http://10.1.255.255:8080/SEMP/v2/config/msgVpns/v001 -d '{"enabled":false}'

    Change "enabled":true to enable. You can then wrap that call in any script that you want.

  • marc
    marc Member, Administrator, Moderator, Employee Posts: 972 admin

    thanks for the quick answer @RobO!

  • fellaamazing
    fellaamazing Member Posts: 7

    What if password has special characters?
    I am getting The underlying connection was closed.
    I even tried to URL encode the password.

    For another solace machine that had simpler password, Get command is working fine, however Patch command is giving me (400) Bad Request

    That was from powershell.

    When I did the same from BASH, I always get Failed to connect to.... ; Connection refused. Interestingly the message mentions port 80 for some reason instead of the one I specify.

  • RobO
    RobO Member, Employee Posts: 19 Solace Employee
    edited July 2021 #6

    I just tested and you should be able to put single quotes around the username:password field

    -u 'admin:admin!@#'

    Can you provide the description in the error section? Does it say Bad Request?

  • fellaamazing
    fellaamazing Member Posts: 7

    When using Bash, this is what I get

  • fellaamazing
    fellaamazing Member Posts: 7

    This was my request.

  • fellaamazing
    fellaamazing Member Posts: 7

    Never mind. It worked. Just noticed extra / in IP. lol

  • Aaron
    Aaron Member, Administrator, Moderator, Employee Posts: 662 admin

    I made a bash script a (long) while ago to simulate a bunch of failure conditions for testing. It's not done, but maybe it can help..?

    #!/usr/bin/env sh
    
    # https://docs.solace.com/API-Developer-Online-Ref-Documentation/swagger-ui/config/index.html
    
    ROUTER=localhost:8080
    ADMIN_USER=admin
    ADMIN_PW=admin
    VPN=default
    OUTAGE_LENGTH_SECONDS=5
    
    VPN=default
    CLIENT_USERNAME=default
    CLIENT_PROFILE=default
    ACL_PROFILE=default
    
    #echo Getting hostname via SEMPv1...
    #OUTPUT=$(curl -s -u $ADMIN_USER:$ADMIN_PW http://$ROUTER/SEMP -X POST -d '<rpc><show><hostname/></show></rpc>' | perl -ne ' if (m|<hostname>(.*?)</hostname>|) { print "$1"; } ')
    # might not be global admin priveleges (e.g. Solace CLoud)
    
    CUR_SPOOL=$(curl -s -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/default?select=maxMsgSpoolUsage" -X GET -H "Content-type:application/json" | perl -ne ' if (/"maxMsgSpoolUsage":(\d+)/) { print "$1"; } ')
    echo CUR SPOOL = $CUR_SPOOL
    
    echo About to run some simple error case tests on Solace broker $OUTPUT at $ROUTER
    
    # bounce the Message VPN to disable all client connections and such for a few seconds
    echo About to shutdown $VPN VPN for $OUTAGE_LENGTH_SECONDS seconds...
    if ! curl -f -s -S -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/$VPN" -X PATCH -H "Content-type:application/json" -d '{"enabled":false}' > /dev/null; then
        echo " X ERROR! Could not shutdown $VPN VPN. Exiting."
        exit 1
    else
        echo " + Success! $VPN VPN is shutdown."
    fi
    sleep $OUTAGE_LENGTH_SECONDS
    
    echo About to enable $VPN VPN...
    if ! curl -f -s -S -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/$VPN" -X PATCH -H "Content-type:application/json" -d '{"enabled":true}' > /dev/null; then
        echo " X ERROR! Could not enable $VPN VPN. Beware, VPN might be left in a shutdown state. Exiting."
        exit 2
    else
        echo " + Success! $VPN VPN is enabled."
    fi
    exit 0
    
    
    # set the message spool to 0bounce the Message VPN to disable all client connections and such for a few seconds
    echo About to disable all persistent publishing into $VPN VPN for $OUTAGE_LENGTH_SECONDS seconds...
    
    if ! curl -f -s -S -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/$VPN" -X PATCH -H "Content-type:application/json" -d '{"maxMsgSpoolUsage":0}' > /dev/null; then
        echo " X ERROR! Could not shutdown $VPN VPN. Exiting."
        exit 1
    else
        echo " + Success! $VPN VPN is shutdown."
    fi
    sleep $OUTAGE_LENGTH_SECONDS
    
    echo About to put message spool back to $CUR_SPOOL MB in $VPN VPN...
    if ! curl -f -s -S -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/$VPN" -X PATCH -H "Content-type:application/json" -d '{"maxMsgSpoolUsage":$CUR_SPOOL}' > /dev/null; then
        echo " X ERROR! Could not enable $VPN VPN. Beware, VPN might be left in a shutdown state. Exiting."
        exit 2
    else
        echo " + Success! VPN $VPN is enabled."
    fi
    
    
    
    
    # now let's add an ACL publish issue
    echo About to add a publish ACLs to acl-profile $ACL_PROFILE for $OUTAGE_LENGTH_SECONDS seconds...
    exit 3
    if ! curl -f -s -S -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/$VPN" -X PATCH -H "Content-type:application/json" -d '{"enabled":false}' > /dev/null; then
        echo " X ERROR! Could not shutdown VPN. Exiting."
        exit 1
    else
        echo " + Success! VPN is shutdown."
    fi
    sleep $OUTAGE_LENGTH_SECONDS
    
    echo About to enable the VPN...
    if ! curl -f -s -S -u $ADMIN_USER:$ADMIN_PW "http://$ROUTER/SEMP/v2/config/msgVpns/$VPN" -X PATCH -H "Content-type:application/json" -d '{"enabled":true}' > /dev/null; then
        echo " X ERROR! Could not enable VPN. Beware, VPN might be left in a shutdown state. Exiting."
        exit 2
    else
        echo " + Success! VPN is enabled."
    fi