WLAN Configurations
Workflows tutorials for Central WLAN configurations
This guide presupposes general knowledge of how to use HPE Aruba Networking's Central APIs, and how to execute workflow scripts. Please see here for detailed information on installing pycentral and getting setup to execute workflow scripts.
WLAN Configuration workflows are used to create and manage WLANs in a Central UI group. For example, normally WLANs are created manually using Central's UI wizard. This collection includes a workflow to automate that process using input file configurations instead.
WLAN config workflows use the “configuration/full-wlan” API endpoints of Aruba Central. These endpoints are not operational on every account. You can reach out to your HPE Aruba Networking representative/SE to get access to this API. Please see here for the API documentation. Please see troubleshooting for help resolving bad response codes.
Setup
For step-by-step installation guide please navigate to the Github and follow the readme.
-
Clone this repository and
cd
into the workflow directory:git clone https://github.hpe.com/hpe/central-python-workflows.git cd central-python-workflows/wlan_config
-
A config file containing credential information for your Central account is required to run this workflow. This guide will help setup configuration files for Central authorization. One common method is to use a token only approach for your credential file which can be found here. The config filename should be passed as a CLI argument during execution.
The Central authorization filename is set as a CLI argument to the workflow as shown below:
--central_auth <"filepath">
-
Install the requirements.
Installation Best Practices
Setting up a virtual environment can be a great way to compartmentalize installations and keep your work isolated form the rest of your working configurations. This guide is a helpful resource for setting up workflow execution in a virtual environment with python!
Create SSID
The create SSID Workflow is used to create new SSIDs for a target group/guid/serial.
Workflow Functionality
- This workflow should be used to create new SSIDs.
- Workflow can create batches of SSIDs
- SSIDs are created at designated group/guid/serial.
- Workflow prints message on each creation success and error.
- Failure to create an individual SSID will not stop the rest of the batch creation.
Configuration Setup
Providing configuration details for SSID creation is mandatory.
-
SSID details must be specified in a config yaml file.
-
Config yaml file path needs to be set using the config_path CLI argument shown here:
--config_path <"filepath">
-
The body structure for the YAML file is as follows:
Legend: "target": string value for group name, guid, or device serial number to add new SSID to. "wlan": wlan configuration details. targets: - wlan-testing-group wlans: - wlan: settings here
You can add multiple targets and WLANs to be created to the config file as follows:
targets: - <"group-name"> - <"group-name-2"> - <"group-name-3"> wlans: - wlan: settings here - wlan: settings here - wlan: settings here
Sample Configurations
A directory of sample configurations has been provided as a reference on the Github.
- Note: Not all values are mandatory. Some settings can be contingent on other settings. You can view the limited API reference here.
-
Alternatively you can create basic personal wpa2 WLANs using the "configuration/v2/wlan" using the WLAN body shown below. The rest of the config file structure remains the same. See below:
- wlan: essid: <name> type: <type> hide_ssid: <value> vlan: '' zone: '' wpa_passphrase: <password> wpa+passphrase_changed: true is_locked: <value> captive_profile_name: <name> bandwidth_limit_up: '' bandwidth_limit_down: '' bandwidth_limit_peruser_up: '' bandwidth_limit_peruser_down: '' access_rules: - action: <value> netmask: <netmask> protocol: <protocol> sport: '' eport: '' match: <match> service_name: <servicename> service_type: <network> throttle_upstream: '' throttle_downstream: ''
The full reference for this endpoint can be found here
Executing The Workflow
-
With the yaml file configured the workflow can now be executed.
$ python create_ssid_workflow.py --central_auth <"/central/token/path"> --config_path <"/create/config/path">
This will create the new SSIDs at target location(s) provided in the yaml file. The workflow will print any errors to the terminal in addition to verification messages on successful creation.
Saving Time
Any job requirement that includes building and tearing down WLANs often is a fantastic use for this workflow. Creating configuration files for commonly used WLAN configurations will save considerable time in the short and long term.
Delete SSID
The delete SSID workflow is used to delete one or multiple SSIDs in a Central group.
Workflow Functionality
-
Should be used to delete an existing SSID at a designated location.
-
Deletes each SSID in the delete list at each target.
-
Optionally delete all SSIDs in a Central group via CLI flag.
-
Workflow will print a success or error message for each WLAN designated in the config file.
-
Failure to delete an individual SSID will not stop the rest of the workflow from running.
Configuration Setup
The workflow requires a yaml configuration file for use.
-
SSIDs for deletion and their Central group name must be specified in the config file.
-
Config file is set through CLI argument as follows:
--config_path <"path/to/config/file">
-
The structure for a delete yaml is as follows:
Legend: "target": string value for group name, guid, or device serial number to add new SSID to. "delete_list": list of SSIDs to delete at a target targets: - group1 - group2 delete_list: - ssid - ssid2 - ssid3
Sample Configurations
Here is an example configuration file to delete multiple SSIDs at multiple Central groups. Alternatively to delete all SSID in a group(s) see this configuration.
Executing the Workflow
-
With the yaml file configured the workflow can now be executed.
$ python delete_ssid_workflow.py --central_auth <"/central/token/path"> --config_path <"/delete/config/path">
This will delete each SSID at target location(s) provided in the yaml file. The workflow will print any errors to the terminal in addition to verification messages on successful deletion.
-
You can additionally run the workflow to delete all SSIDs in a Central group by setting the -a flag. For this the config file structure is the same, except the workflow only requires the targets.
$ python delete_ssid_workflow.py -a --central_auth <"/central/token/path"> --config_path <"/delete/config/path">
Danger!
The delete all functionality cannot be reversed. Use with caution.
Documentation:
- Python package documentation: pycentral module documentation
- Use-Cases and Workflows: HPE Aruba Networking Developer Hub
- Create a new WLAN API reference: Basic WLAN DevHub Reference
- Create FULL WLAN API reference: Full WLAN DevHub Reference
- Delete WLAN API reference: Delete WLAN DevHub Reference
Troubleshooting Issues
- If you encounter module import errors, make sure that the package has been installed correctly.
- Devices on operating systems older than AOS10 cannot use serial number as target value.
Create SSID Troubleshooting
In the case of a bad response the workflow will print the error message to the terminal.
Common error message types and how to fix:
- Bad request for create_full_wlan() SSID: 'ssid-name' at target: 'group', response code: 500. Invalid type for JSON key: 'key'
- For these cases the data type for the key is incorrect and needs to be changed.
- Try adding '' around the value
- Bad request for create_full_wlan() SSID: 'ssid-name' at target: 'group', response code: 500. 'bandwidth_limit_peruser_up'
- For cases such as this the key in quotes is missing and needs to be added.
- This can happen when a setting is set that requires additional information not provided in the config file.
- In this case the key 'bandwidth_limit_peruser_up' needs to be added to that WLAN configuration.
- Bad request for create_full_wlan() SSID: 'ssid-name' at target: 'group', response code: 500. wpa_passphrase is not present in JSON
- This error type means the key exists in the config file, but there is not value to it.
- This would look as follows in the config file:
wpa_passphrase: ''
Troubleshooting full_wlan can be tricky. There are often situations where enabling or editing an existing setting can require additional dependencies to be added/changed.
Updated 3 months ago