If you want to cluster two or more Barracuda Web Application Firewalls, the following three API’s should be executed.
- Add Shared Secret to the First Unit/Node
- Retrieve Cluster Details from the First Unit/Node
- Add the Second Unit/Node to the First Unit/Node
To Add Shared Secret to the First Node
| URL: /v1/system | |||
| Method: POST | |||
| Description: Adds shared secret to the first node. | |||
| Parameter Name | Data Type | Mandatory | Description |
|---|---|---|---|
| Input Parameters: | |||
| cluster_shared_secret | Alphanumeric | Yes | Passcode to prevent unauthorized systems from accessing cluster information. All Barracuda Web Application Firewalls in a cluster must have the same shared secret. |
Example:
Request:
curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzNzk0OTUxOTgiLCJwYXNzd29yZCI6ImZiODljYjIyOWE5MzcyNTBiNTRkZDNmOTg3\nYmIwMzBkIiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json -d '{"cluster_shared_secret":"12345"}'
Response:
{"msg":"Configuration Updated","token":"eyJldCI6IjEzODAyMzA4NzciLCJwYXNzd29yZCI6IjJhM2QxZGI5MzcyNjFjNTQzNDEwNGEyMGJl\nNTRlZTY2IiwidXNlciI6ImFkbWluIn0=\n"}
To Retrieve Cluster Shared Secret
| URL: /v1/system | |||
| Method: GET | |||
| Description: Retrieves the passcode of the given unit. | |||
| Parameter Name | Data Type | Mandatory | Description |
|---|---|---|---|
| Input Parameters: | |||
| parameters | Alphanumeric | Yes | The parameter name (cluster_shared_secret) that needs to be retrieved. |
Example:
Request:
curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzODY0MzA4MTQiLCJwYXNzd29yZCI6ImMzZTkxZjU5YTRiNDgxMTUxZTFlZGJmODBj\nYzY1Zjc2IiwidXNlciI6ImFkbWluIn0=\n:' -X GET -G -d parameters=cluster_shared_secret
Response:
{"token":"eyJldCI6IjEzODY0MzA4MzYiLCJwYXNzd29yZCI6IjM3NzkwMzBiZmQxYWYyNmE5MDA5MGJjZTE5\nMDcyYTI5IiwidXNlciI6ImFkbWluIn0=\n","cluster_shared_secret":"123456"}
To Retrieve Cluster Details from the First Node
| URL: /v1/system |
| Method: GET |
| Description: Retrieves cluster information such as System IP, Shared Secret and Serial Number from the first node. |
Example 1:
Request:
curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzODY0MzA4MzYiLCJwYXNzd29yZCI6IjM3NzkwMzBiZmQxYWYyNmE5MDA5MGJjZTE5\nMDcyYTI5IiwidXNlciI6ImFkbWluIn0=\n:' -X GET
Response:
{"token":"eyJldCI6IjEzODY0MzA5NDkiLCJwYXNzd29yZCI6IjFmZThmNWQ4NWNiYmQ1ZDU2ZGM3NzU3NzNk\nOGFlY2U2IiwidXNlciI6ImFkbWluIn0=\n","system_serial":"477393","cluster_shared_secret":"123456","system_ip":"192.168.0.1"}
Example 2:
Request:
curl http://192.168.0.1:8000/restapi/v1/system -u 'eyJldCI6IjEzODY0MzA4MzYiLCJwYXNzd29yZCI6IjM3NzkwMzBiZmQxYWYyNmE5MDA5MGJjZTE5\nMDcyYTI5IiwidXNlciI6ImFkbWluIn0=\n:' -X GET -G -d parameters=system_ip
Response:
{"token":"eyJldCI6IjEzODY0MzEwNjkiLCJwYXNzd29yZCI6IjAyM2FkMmVlNmUyZmY1NGI1NDA4M2M2ZTAz\nMjM2NmNlIiwidXNlciI6ImFkbWluIn0=\n","system_ip":"192.168.0.1"}
To Add a Second Node to the First Node
| URL: /v1/system/configuration_cluster | |||
| Method: POST | |||
| Description: Adds second node to the first node. | |||
| Parameter Name | Data Type | Mandatory | Description |
|---|---|---|---|
| Input Parameters: | |||
| remote_cluster_shared_secret | Alphanumeric | Yes | The passcode specified in cluster_shared_secret of the first node. |
| remote_system_serial | Alphanumeric | Yes | The serial number of the first node. |
| remote_system_ip | Numeric | Yes | The WAN (system) IP address of the first node. |
Example:
Request:
curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster -u 'eyJldCI6IjEzNzk0OTUxOTgiLCJwYXNzd29yZCI6ImZiODljYjIyOWE5MzcyNTBiNTRkZDNmOTg3\nYmIwMzBkIiwidXNlciI6ImFkbWluIn0=\n:' -X POST -H Content-Type:application/json -d '{"remote_cluster_shared_secret":"abcdef","remote_system_serial":"123456","remote_system_ip":"10.11.11.11"}'
Response:
{"msg":"Configuration Updated","token":"eyJldCI6IjEzODAyMzE2NjYiLCJwYXNzd29yZCI6ImY1YmNlYjkxY2ZmMTdmYzBiZTZlMDExMWY3\nMDE3M2IwIiwidXNlciI6ImFkbWluIn0=\n"}
To Retrieve Details of Clustered Nodes
| URL: /v1/system/configuration_cluster |
| Method: GET |
| Description: Lists all nodes that are in cluster with this unit. |
Example 1:
Request:
curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster -u 'eyJldCI6IjEzODY0MzE5OTUiLCJwYXNzd29yZCI6ImVhYTA1ZmFlMjkyN2FhNjk2NThiMDUxNDZk\nNGM4NWNlIiwidXNlciI6ImFkbWluIn0=\n:' -X GET
Response:
{"parameters":null,"object":"ConfigurationCluster","data":[{"system_mode":"Active","id":"192.168.0.1","system_serial":"477393","system_ip":"192.168.0.1"},{"system_mode":"Active","id":"10.11.25.190","system_serial":"477395","system_ip":"10.11.25.190"}],"limit":null,"token":"eyJldCI6IjEzODY0MzIwMjciLCJwYXNzd29yZCI6IjA1MDJjM2QzMWQ4ODc1MjFiN2Y5NWI1MzBi\nMWM4MmE0IiwidXNlciI6ImFkbWluIn0=\n","offset":null}
Example 2:
Request:
curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster -u 'eyJldCI6IjEzODY0MzE5OTUiLCJwYXNzd29yZCI6ImVhYTA1ZmFlMjkyN2FhNjk2NThiMDUxNDZk\nNGM4NWNlIiwidXNlciI6ImFkbWluIn0=\n:' -X GET -G -d parameters=system_ip
Response:
parameters":["system_ip"],"object":"ConfigurationCluster","data":[{"system_ip":"192.168.0.1"},{"system_ip":"10.11.25.190"}],"limit":null,"token":"eyJldCI6IjEzODY0MzI0NjMiLCJwYXNzd29yZCI6IjM2NDE0M2M4NzM3MDhlZmFiOWZkZjRlNjky\nOGNiOTU4IiwidXNlciI6ImFkbWluIn0=\n","offset":null}
To Delete a Node from the Cluster
| URL: /v1/system/configuration_cluster/{remote_serial} |
| Method: DELETE |
| Description: Deletes the node of the given serial number from the cluster. |
Example:
Request:
curl http://192.168.0.1:8000/restapi/v1/system/configuration_cluster/354425 -u 'eyJldCI6IjEzODQ1NDE4ODUiLCJwYXNzd29yZCI6IjEwZDgzMGI5ZmQ5OTExYmYwYTIxNWIzYzJm\nZDZiZDdjIiwidXNlciI6ImFkbWluIn0=\n:' -X DELETE
Response:
{"msg":"Configuration Updated","token":"eyJldCI6IjEzODQ1NDE4OTEiLCJwYXNzd29yZCI6ImZkZDEyMjc5Nzg3MzlhNzE4YWE1NDhkZjYw\nZTQ1NGRiIiwidXNlciI6ImFkbWluIn0=\n"}