Product Documentation

Configuring Admin Partitions

Sep 01, 2016

To create an admin partition, you must perform a set of operations on the default partition. To understand this procedure, let us consider a company that has two departments each of which has an application that requires the NetScaler functionality. The NetScaler admin wants to have a different partition for each department so that there is isolation of users and configurations. The NetScaler admin must do the following (the sample shows configurations only for a single admin partition):

Note: For detailed information and best practices, see Admin Partitions.
  1. Create a partition and allocate the required resources to that partition.
    • Request:

      HTTP Method
      POST
      URL
      http://<netscaler-ip-address>/nitro/v1/config/nspartition
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Content-Type:application/json
      
      Request Payload
      { 
          "nspartition": 
          { 
              "partitionname":"partition-dept1", 
              "maxbandwidth":"10240",  
              "minbandwidth":"10240", 
              "maxconn":"1024", 
              "maxmemlimit":"10" 
          } 
      }
      
    • Response:

      HTTP Status Code on Success
      201 Created
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.
  2. Associate the appropriate users with the partition.
    • Request:

      HTTP Method
      PUT
      URL
      http://<netscaler-ip-address>/nitro/v1/config/systemuser_nspartition_binding/user1
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Content-Type:application/json
      
      Request Payload
      { 
          "systemuser_nspartition_binding": 
          { 
              "username":"user1",  
              "partitionname":"partition-dept1" 
          } 
      }
      
    • Response:

      HTTP Status Code on Success
      200 OK
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.
  3. Associate an appropriate command policy to the admin partition user.
    • Request:

      HTTP Method
      PUT
      URL
      http://<netscaler-ip-address>/nitro/v1/config/systemuser_systemcmdpolicy_binding/user1
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Content-Type:application/json
      
      Request Payload
      { 
          "systemuser_systemcmdpolicy_binding": 
          { 
              "username":"user1",  
              "policyname":"partition-admin", 
              "priority":"1" 
          } 
      }
      
    • Response:

      HTTP Status Code on Success
      200 OK
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.
  4. Specify the VLANs or bridgegroups to be associated with the partition. This step ensures network isolation of the traffic. Traffic received on the interfaces of the VLAN or bridgegroup is isolated from the traffic of other partitions.
    • Request:

      HTTP Method
      PUT
      URL
      http://<netscaler-ip-address>/nitro/v1/config/nspartition_vlan_binding/partition-dept1
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Content-Type:application/json
      
      Request Payload
      { 
          "nspartition_vlan_binding": 
          { 
              "partitionname":"partition-dept1", 
              "vlan":"2" 
          } 
      }
      
    • Response:

      HTTP Status Code on Success
      200 OK
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.
  5. Save the configurations.
    • Request:

      HTTP Method
      POST
      URL
      http://<netscaler-ip-address>/nitro/v1/config/nsconfig?action=save
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Content-Type:application/json
      
      Request Payload
      { 
          "nsconfig": 
          { 
          } 
      }
      
    • Response:

      HTTP Status Code on Success
      200 OK
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.

    The admin partition is created.

  6. Now, to configure this admin partition, you must log out of the default partition and log on again. You are automatically taken to the admin partition to which you were first bound and once there you can configure the NetScaler.
    Note: If you want to configure another admin partition, perform the switch operation given in the next step before performing this step.
  7. [Optional] If you are associated with multiple admin partitions, you can switch to the required partition.
    • Request:

      HTTP Method
      POST
      URL
      http://<netscaler-ip-address>/nitro/v1/config/nspartition?action=Switch
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Content-Type:application/json
      
      Request Payload
      { 
          "nspartition": 
          { 
              "partitionname":"partition-dept2" 
          } 
      }
      
    • Response:

      HTTP Status Code on Success
      200 OK
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.
  8. View the partitions that are available on the NetScaler appliance. If a user is associated with more than one partition, the response payload includes the "partitiontype" attribute the value of which indicates the partition to which the user is currently logged on.
    • Request:

      HTTP Method
      GET
      URL
      http://<netscaler-ip-address>/nitro/v1/config/nspartition
      Request Headers
      Cookie:NITRO_AUTH_TOKEN=<tokenvalue> 
      Accept:application/json
      
    • Response:

      HTTP Status Code on Success
      200 OK
      HTTP Status Code on Failure
      4xx <string> (for general HTTP errors) or 5xx <string> (for NetScaler-specific errors). The response payload provides details of the error.
      Response Header
      Content-Type:application/json
      
      Response Payload
      { 
          "nspartition": 
          { 
              "partitionname":"partition-dept1", 
              "partitionid": "2", 
              "partitiontype": "Current Partition", 
              "maxbandwidth":"10240",  
              "minbandwidth":"10240", 
              "maxconn":"1024", 
              "maxmemlimit":"10" 
          } 
      }