Joe Dillig

Creating VSX Virtual Systems using REST API

Discussion created by Joe Dillig Employee on May 2, 2018

This is a very simple solution for creating VSX virtual systems using the 'run-script' REST api call on R80.X management versions. The vsx provisioning tool api is not exposed outside of the Check Point management server so scripting the creation of virtual systems could only happen from inside the management server. This api call will allow you to add/delete/modify virtual systems from a third-party automation/orchestration server.

I have attached some bash script code examples that you can use to reference,expand, and develop your own solution.

 

The run-script api call has to have both a "target" and "script" values . This target needs to be the name of the Check Point Management server. In the example below the management server's name is 'R80.10'. 

The "scrip" value needs to be the vsx_provisioning_tool configuration.The example below shows a very simple VS being created on VSX. More information on the syntax of this command can be found HERE on the user center site.

 

 

Create VS Example:

 

#!/bin/bash

cp_api_url='https://192.168.30.95'

 

#Login and retrieve the session_id
SID=`curl -k -H "Content-Type: application/json" -H "Accept: bla" -X POST '{"user":"admin","password":"mypass"}' $cp_api_url/web_api/login | ./jq-linux64 '.sid' | sed s/\"//g`

 

#VSX VS Deployment
curl -k \
-H "Content-Type: application/json" \
-H "Accept: bla" \
-H "X-chkp-sid: $SID" \
-X POST -d '{"script-name":"VSX Provisioning","script":"vsx_provisioning_tool -s localhost -u admin -p mypass -o add vd name VS1 vsx VSX type vs main_ip 192.168.30.101, add interface name eth1 ip 192.168.30.101/24, add interface name eth2 ip 10.10.10.1/24","targets":"R80.10"}' \
$cp_api_url/web_api/run-script | ./jq-linux64

 

#publish

curl -k \
-H "Content-Type: application/json" \
-H "Accept: bla" \
-H "X-chkp-sid: $SID" \
-X POST -d '{}' \
$cp_api_url/web_api/publish | ./jq-linux64

 

#logout
curl -k -H "Content-Type: application/json" -H "Accept: bla" -H "X-chkp-sid: $SID" -X POST -d '{}' $cp_api_url/web_api/logout

 

 

Enjoy

Outcomes