Using the Ksplice Uptrack API Commands
The Python bindings include the following commands, which cover common uses of the Ksplice Uptrack API.
The commands use the API user name and key for authentication.
uptrack-api-authorize
The uptrack-api-authorize command uses the authorize
API call to change the authorization for a single system, as shown in the following
examples.
To deny a system:
uptrack-api-authorize -u api_username -k api_key uuid denyOutput might appear as follows:
Successfully denied access for uuid.To allow a system:
uptrack-api-authorize -u api_username -k api_key uuid allowOutput might appear as follows:
Successfully allowed access for uuid .Note:
To view the API username and API key, sign in to https://status.ksplice.oracle.com and then select the Settings tab.
The UUID of a registered system is stored in /var/lib/uptrack/uuid on the
system. An example of a UUID is e82ba0ae-ad0a-4b92-a776-62b502bfd29d.
uptrack-api-describe
The uptrack-api-describe command uses the describe
API call to get detailed information about a single system, which is specified by its UUID,
for example:
uptrack-api-describe -u api_username -k api_key uuidOutput might appear as follows:
prod1.example.com (192.168.1.100)
Effective kernel: 2.6.18-194.11.1.el5
This machine is no longer active
Last seen on 2010-09-12T10:19:35Z
OS status: Up to dateuptrack-api-describe -u api_username -k api_key --this-machineqa.example.com (192.168.1.200)
Effective kernel: 2.6.18-194.8.1.el5
This machine is active
Last seen on 2010-09-15T12:43:07Z
OS status: Out of date:
* Install v8gacfip CVE-2010-2521: Remote buffer overflow in NFSv4 server.
* Install 3c4sopia CVE-2010-2226: Read access to write-only files in XFS filesystem.
* Install oiqwvltu CVE-2010-2240: Privilege escalation vulnerability in memory management.uptrack-api-list
machines API
call to return a list of all systems and their status, for example:
uptrack-api-list -u api_username -k api_key- dev1.example.com (192.168.1.102): outofdate
- qa1.example.com (192.168.1.103): outofdate (inactive)
- prod1.example.com (192.168.1.100): uptodate
- prod2.example.com (192.168.1.101): uptodateViewing The API Username and API Key
- Sign in to https://status.ksplice.oracle.com.
- Select the Settings tab.
Generating a New API Key
Note:
Generating a new API key invalidates the existing API key.
-
Sign in to https://status.ksplice.oracle.com.
-
Select the Settings tab.
-
On the Settings page, select the Generate a new API key? checkbox and click Save Changes.
Specifying the username and api_key Variables
If you set the username and api_key variables in the
/etc/uptrack-api.conf file, you don't need to supply these variables as
command line arguments to the scripts.
[uptrack] section heading, for example:
[uptrack]
username = jo.admin@example.com
api_key = 3af3c2c1ec407feb0fdc9fc1d8c4460c username and api_key
variables in the UPTRACK_API_USERNAME and
UPTRACK_API_KEY environment variables, for example:
export UPTRACK_API_USERNAME=jo.admin@example.com
export UPTRACK_API_KEY=3af3c2c1ec407feb0fdc9fc1d8c4460c
uptrack-api-describe --this-machineSpecifying a Proxy
[uptrack] section of the /etc/uptrack-api.conf file, as
shown in the following example:
https_proxy = [protocol://][username:password@]proxy[:port] In the previous example, protocol is either specified as
http or https, username and
password authenticate you with the proxy (if required), and
proxy and port are the host name/IP address and port
number that you use to connect to the proxy server.
The following example shows how you might specify this connection information:
https_proxy = http://proxy.example.com:3128/Note that the proxy must support HTTPS connections.