NetScaler and PowerShell cmdlets

Now this is something I have been planning a post on for some time, ever since I started working with the C# library to do NITRO API calls against NetScaler. I was planning and started on a a PowerShell module for NetScaler, but still someone beat me to the race, so no reason to reinvent the wheel anymore Smilefjes

Someone at Citrix (Santiago Cardenas)  has already created an REST API based PowerShell module, which is placed on GitHub here –> https://github.com/santiagocardenas/netscaler-configuration

Now the scripts which contains many of the basic features, but ill give you an recipe which will allow you to create your own extensions to the scripts. Now using REST API, we have built-it documentation which is available on the NetScaler here –> Under the download page of the NetScaler

image

From the download you have an index.html file which will show you the different tasks

image
There are two main categories, Configuraiton and statistics, from there I can drill down into a specific feature. So for instance let us look at gateway vServer (Which is located under SSL VPN) which is also the same as Gateway vServer

So if we want to setup a Gateway vServer what do we need to specify ? If we from there choose vpnserver which is the base object
image
We get all the attributes that can be configured from the vpnvserver object.

name, servicetype, ipv46, range, port

Now its a long list, but if you scroll down the documentation page you can see a specific example if you for instance wish to add a vServer (The objects in red are the ones that ARE required)

image

Now using a REST API we need to use a POST command which will push the settings we specify using PowerShell. The github PowerShell cmdlets have already taken care of this, so the commands are built up llike this.

function GatewayvServer ($GatewayFQDN, $VIP) {
EnableFeatures SSLVPN

$body = @{
    «vpnvserver»=@{
        «name»=»$GatewayFQDN»;
        «servicetype»=»SSL»;
        «ipv46″=»$VIP»;
        «port»=»443»;
        «icaonly»=»ON»;
        «tcpprofilename»=»nstcp_default_XA_XD_profile»;
        }
    }
$body = ConvertTo-JSON $body
Invoke-RestMethod -uri «10.0.0.1/nitro/v1/config/vpnvserver?action=add» -body $body -WebSession $NSSession `
-Headers @{«Content-Type»=»application/vnd.com.citrix.netscaler.vpnvserver+json»} -Method POST

A funciton is the name we use when starting it from PowerShell and the variables are the ones that we can specify behind the cmdlet. Now all the specific attributes are part of a variable called $body, which then added to the HTTP Body. The 10.0.0.1 is the direct name of the NetScaler.

Now what if we want to create a function that gets information about a particular vServer? We can see from the documentation that there is a “get” example

image

So an example Powershell function would look like this,

function Get-GatewayvServer {
# Login to NetScaler and save session to global variable
$gateway = Read-host -Prompt «Type VIP name»
$body = ConvertTo-JSON @{
    «login»=@{
        «username»=»$username»;
        «password»=»$password»
        }
    }
Invoke-RestMethod -uri «10.0.0.1/nitro/v1/config/vpnvserver/VIP22” -WebSession $NSSession -Method GET
$Script:NSSession = $local:NSSession
}

As we can see from the URI (All we need is to specify the hostname of the NetScaler and that particular VPN vServer using the GET HTTP Method. So if you are unsure of the URI you can just open up a browser and connect to that particular URI

image

So the PowerShell cmdlets from Santiago Cardenas can be used as a starting point, adding your own PowerShell functions is pretty easy when you just look at what attributes and URI that are being used. So start scripting!

#netscaler, #powershell