sick patrol
Hello folks, I'm currently renovating the access control of our OnTAP NASes and was wondering about something.
In the Harvest docs, there is info to provision REST and ZAPI user and roles, but... is it OK to only provision the REST user and skip the ZAPI one + role entirely, or will we be missing data that might still require ZAPI access ?
Have a nice day !
quaint basin
Hi Matthieu. Some inputs here : https://netapp.github.io/harvest/25.11/architecture/rest-strategy/
fresh flare
hi @sick patrol for the most part, you can completely switch to REST. There are few exceptions - e.g. ONTAP does not include FlexCache metrics via RestPerf. As the FlexCache dashboard mentions, the Zapi/ZapiPerf or the Rest/StatPerf Collector is required. So even in that case, if you enable the StatPerf collector, you can avoid Zapi for it (unless you're monitoring FSx, since the StatPerf collector does not work on FSx). We track these discrepancies with the ontap-pending tag on GitHub
sick patrol
Hi guys, thanks for the info ! Since we do not use either FlexCache nor FSx, I think I'll go full REST and finish upgrading our other monitoring stuff so we don't have to think about ZAPI's EOL afterwards.
btw, https://netapp.github.io/harvest/25.11/architecture/rest-strategy/ indicates that ZAPI is fully removed in 9.18.1, but as stated in CPC-00410, "Upon reassessment and recognizing our customers' continued reliance on ONTAPI, we have decided to prolong offering ONTAPI. Consequently, the EOA for ONTAPI is now deferred until further communication."
Would you like a PR to update this page ?
covert arrow
Thanks. It will be updated via PR https://github.com/NetApp/harvest/pull/4039/files