Accessing Pure Storage Pure1 with Ansible

In previous Blogs I have shared how you can use Ansible to manage Pure Storage FlashArray volumes and snapshots. In this Blog I will show how you can also use Ansible to access Pure Storage Pure1 to get fleet information such as version, model, volume, snapshots, pods, file systems, network interfaces, and metrics.

Accessing Pure1 is slightly different to the FlashArray and requires a few additional steps before we can start. The steps can be summarised as:

  1. Create public and private PEM key pairs.
  2. Register key pair with Pure1
  3. Create Pure1 access token
  4. Access Pure1 using REST

Note: step 1 and 2 are only needed the first time round.

Create Public and Private PEM files

The first step is to create a key pair, I performed this using the following on my Mac. Don’t forget to remember your passphrase as you will need it later.

$ openssl genrsa -aes256 -out private.pem 2048
$ openssl rsa -in private.pem -outform PEM -pubout -out public.pem

Copy the public.pem file into your laptops buffer.

Register key pair with Pure1

Logon to your Pure Storage Pure1 as an Admin account and click on API Registration, provide a descriptive name and paste the Public Key created in the previous step into the Public Key area.

Pure1 Application Registration
Enter source system Name and provide Public Key
API Registration

Now capture your Application ID as this will be required in the next step.

Create an Pure1 access token

Download the following 2 files from the Pure Storage support site, and then use pip to install the Python3 requirements. Please note: you will need a Pure Storage support account to download the files.

$ pip install -r requirements.txt

Now we have the pre-requisites in place we can now use the pure1_token_factory.py Python script to create our access token using the syntax below. Provide the passphrase you set earlier as prompted.

python3 pure1_token_factory.py -o <output_file> <application_id> <private_key_file>

$ python3 pure1_token_factory.py pure1:apikey:RElWp8HeHLPM private.pem -o token.txt

Note: The access token will expire after 10 hours

Access Pure1 using REST

Visit the Pure Storage support site to access the latest Pure 1 reference guide and URL details.

We can test our Pure1 access token using the following CURL example:

AUTH="Authorization: Bearer "
TOKEN=$(cat token.txt)
AUTHORIZATION=$AUTH$TOKEN$
PURE1=XXXXXXXXXX.com

$ curl -X GET \
    https://${PURE1}/api/1.0/arrays \
    -H "${AUTHORIZATION}" \
    -H 'Content-Type: application/json'

If the above test worked, we can now try and access Pure1 using the Ansible URI module using the following example:

 ---
 # Get Arrays from PURE
 - name: Create PURE1 Session
   uri:
     url: https://{{ pure1 }}/api/1.0/arrays
     method: GET
     headers:
       Content-Type: "application/json"
       Authorization: "{{ accessToken }}"
     validate_certs: "no"
     return_content: "yes"
   register: Arrays 

 - name: List Arrays
   debug:
     msg: "Pure1 Arrays {{ Arrays.json }}"

Hope you found the above both informative and useful.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s