Infoblox Exchange Cybersecurity Roadshow 2020 – Join us!
North America | Europe | Middle East/Africa | Asia-Pacific

API & Integration

Reply
Accepted Solution

Sub zone

oliverleach
Techie
Posts: 2
6310     0
Hi - what would be the correct call to creat a subzone under an existing zone?

E.g new.example.com where new is the sun zone?

Cheers
Oli

Re: Sub zone

Adviser
Posts: 132
6311     0

@oliverleach wrote:
Hi - what would be the correct call to creat a subzone under an existing zone?


In the Web API there is no difference between creating a completely new zone and creating a subzone under an existing zone. In both cases you use a POST request against the zone_auth object. Here's a very simple example (recall that with the curl utility using the --data option automatically generates a POST request:

 

curl --tlsv1 --insecure --user 'admin:infoblox' --header 'Content-Type: application/json' --data '{"fqdn": "sub.example.com"}' 'https://gm.example.com/wapi/v2.2/zone_auth'

 

in this case "sub.example.com" is a subzone of the existing zone "example.com". Creating a new higher-level zone (not a subzone) uses the same POST operation:

 

curl --tlsv1 --insecure --user 'admin:infoblox' --header 'Content-Type: application/json' --data '{"fqdn": "example2.com"}' 'https://gm.example.com/wapi/v2.2/zone_auth'

 

Note that the userid used to authenticate the WAPI call must have restart permissions. In other words, it must have permissions to be able to restart DNS services. However the call above doesn't actually do the restart.

Re: Sub zone

zhiz
Techie
Posts: 2
6311     0

How to specify the network view that you want to insert the zone into?

Re: Sub zone

Adviser
Posts: 132
6311     0

@zhiz wrote:

How to specify the network view that you want to insert the zone into?


Do you mean network view, or DNS view? (Recall that network views are used when you have overlapping networks in different parts of the organization. Within a given network view you can have multiple DNS views.)

 

In any case, to add the subzone to a given DNS view you add the 'view' parameter when submitting the data as part of the WAPI request; the example below shows adding the zone 'sub.example.com' to the DNS view 'external':

 

curl --tlsv1 --insecure --user 'admin:infoblox' --header 'Content-Type: application/json' --data '{"fqdn": "sub.example.com", "view": "external"}' 'https://gm.example.com/wapi/v2.2/zone_auth'

As I understand it, DNS view names have to be unique across all network views, so that if you specify the DNS view name it automatically determines the network view. (For example, in the command above the network view in which the zone would be created is the network view in which the DNS view 'external' resides.) In connection with this, note that if you create a second network view, for example 'netview2', then the name of the default DNS view in that network view will be 'default.netview2'.

 

Frank

 

Re: Sub zone

[ Edited ]
yardenbar
Techie
Posts: 8
6311     0

Hello @FHecker,
I've tried the queries you mentioned (I am using v2.6), and its failing on tenant ID field.

{
  "Error": "AdmConDataError: None (IBDataConflictError: IB.Data.Conflict:Extensible attribute Tenant ID is required.)",
  "code": "Client.Ibap.Data.Conflict",
  "text": "Extensible attribute Tenant ID is required."
}

I've tried adding 'tenant' and "tenant_id" to the request payload, but it fails with unknown fields error.

 

What am I missing?

 

Thank you,

Yarden

Re: Sub zone

Moderator BRampling
Moderator
Posts: 87
6311     0

You will receive that error if the parent object is owned by the Cloud API. Are you trying to create a subzone? You can check the GUI for the parent zone configuration (gear icon -> Edit), in the General tab there will be a "Cloud Usage" field. You can also get the cloud_info field using the WAPI. If the parent zone is owned by the Cloud API you need to specify three EAs:

 

"Tenant ID"

"Cloud API Owned"

"CMP Type"

 

That is what instructs NIOS to use the Cloud API rather than the non-cloud API.

 

Chapter 7 of the Admin Guide (Deploying Cloud Network Automation) covers this and explains the process in more detail. There is a table that explains the required EAs for cloud-owned objects.

Re: Sub zone

yardenbar
Techie
Posts: 8
6311     0

Thank you BRampling, I will try adding those EAs.

Where is the documentation its written that those are required? (lost my way through it)

 

Best,

Jorden

Showing results for 
Search instead for 
Do you mean 

Recommended for You