SOLIDserver API for IT automationIT Automation and Ecosystem Integration

The SOLIDserver DDI solution (DNS-DHCP-IPAM) brings capability to automate internal function between the IPAM repository and services functions like DNS and DHCP. IT systems today require extra interconnection between components in order to provision new services and environments in a reproducible manner. Infrastructure components are mandatory for supporting applications and are expected to be available and scalable. Interfacing SOLIDserver to orchestration or automation systems provides IT the foundation of IP networking from addressing to global load balancing. The full SOLIDserver API stack enables linking with the whole infrastructure and application management ecosystem.

APIs_DDI-Architecture

Open Architecture for DDI Integration

SOLIDserver’s internal engine is based on a standard service oriented architecture allowing full decoupling of any atomic actions. All actions are exposed at various levels of the engine allowing easy automation, user interaction and API management. Even if all configuration actions can be performed from the web interface, automation requires a more simple and easy to manipulate interface.

SOLIDserver proposes both SOAP API and REST API interfaces to allow integration with most engines and development languages. SOAP interface is fully described through either a global WSDL description format or purpose built one through the web interface. The REST API is more used nowadays than SOAP on open integration, all services are also available through REST calls.

SOLIDserver API Key Benefits

1

Complete DDI Functions Access

REST and SOAP API access to the complete set of DDI functions to cover any integration need

2

Advanced Integration Plugins

API can be accessed directly in your programming language or through more advanced plugin solutions like Python or Terraform

3

Powerful Metadata Manipulation

Exposure of all class parameters and custom database through API calls

4

Enhanced Powerful Search and Filtering

API efficiency on large DDI databases with easy filtering and controlled searching capabilities

5

Strengthened API Access Security

Rich rights management and Role-Based Access Control (RBAC) applied to API calls for controlled exposition level

Proposed Plugins

The purpose of API is to bring feature access through openness. The service functions are published with arguments and returns format. Some development or tool parameterization is then required in order to correctly orchestrate various calls depending on the automation process required. For easing API usage, we propose some integration framework or plugins in open source projects.

API Service Design

All services allowing interaction with SOLIDserver are available by product and object. The services are then associated with a verb key describing the action that will be executed. The key services are mapped to the CRUD model and cover add, count, list, info and delete actions.

The list of object functions per service is presented on the following tree map and is evolving with each release of the SOLIDserver solution.

  • IPAM: space, network (v4/v6), pool (v4/v6), address (v4/v6), alias (v4/v6)
  • DHCP: server (v4/v6), scope (v4/v6), group (v4/v6), shared network (v4), range (v4/v6), lease (v4/v6), static (v4/v6), option (v4/v6), ACL (v4), failover channel (v4)
  • DNS: server, view, zone, resource record, ACL, TSIG key
  • Application: application, pool, node
  • DNS Guardian: policy
  • NetChange: network device, route (v4/v6), VLan, port, address (v4/v6), discovered items
  • Workflow: request
  • Device Manager: device, port and interface
  • VLan Manager: domain, range, VLan
  • VRF: VRF, route target
  • Administration: service, user group, user, custom database

SOLIDserver API functions

APIs_Metadata-Tags

Object Tagging with Metadata

Most of the API functions that manipulate DDI objects can use advanced class parameters in order to associate specific metadata to the object. This bridges the gap between automated functions performed in orchestration systems and the user interface on which operators will perform specific administration action. It can also help other usages such as conformity checks, security controls, auditing or costing and invoicing. Any metadata can be used as a search key in searching and listing operations, easing the link between objects in the real world and the IPAM, and simplifying the development of automation. Since the IPAM contains the IP golden records, adding actionable metadata by making use of the API is really important and easy with the API.

APIs_filtering

Advanced Filtering and Searching

For any API call related to counting objects or listing objects in any repository, a very advanced filtering capability is offered. Similar to SQL clause you can optimize any query with filter parameters on the rows being retrieved from the repository and also on the parameters returned from the query. In addition, the information retrieved can be sorted for simplifying analysis by the client.

Access Security

In order to secure the operation performed through the API, all calls should be authenticated. In the administration panel it is possible to create a specific account with appropriate access rights to each application that will perform API calls. Authorization can be a basic segregation between read and write, or more evolved with specific rights on each module and actions.

API calls are performed through a standard TLS security channel. A digital certificate can be checked at connection level in order to identify the SOLIDserver on which the action will be performed. Any action performed through the API is tracked for auditability at the user level.

More advanced protection and features can be performed with the addition of an API management platform, including user certificate validation, rate limiting, tracking at the protocol level or API token authentication.

Related Content

SOLIDserver DDI Product Brochure

Bringing important improvements for security, reliability and resiliency of network foundations, our SOLIDserver DDI solution is both orchestrator and cloud agnostic. New service deployment is accelerated and operational costs reduced thanks to smart automation.

ServiceNow and SOLIDserver Integration

SOLIDserver APIs have enabled a plugin (“activity pack”) to be created to simplify interactions between ServiceNow and DDI. Benefits include reduced complexity, accelerated service rollout, ensured policy enforcement and error-free configurations.

Cloud Automation with DDI Terraform

Modern IPAM solutions are key in the automation process. With our “Terraform Provider” – fully integrating DDI (DNS-DHCP-IPAM) with the Infrastructure-as-Code process – we bring end-to-end automation and orchestration of the whole IT system.