The MPB is described in the documentation <\/a>as a no-code stand-alone appliance that enables the creation of custom management packs for vRealize (Aria) Operations Manager (henceforth referred to as vROps), allowing you to collect data from an external API to to then create or extend resources in vROps with new Data, Relationships, and Events where VMware, or another vendor, has not released an official management pack.<\/p>\n\n\n\n With a basic understanding of what the MPB did, I started looking for an application that was already running in my lab that had both API functionality and interesting content already, and settled on Pi-hole, an ad blocking DNS server. If you don’t already have Pi-hole deployed, you can use Brian’s deployment instructions here<\/a>. An Internet search showed me that Pi-hole uses \u201cfqdn\/admin\/api.php\u201d as the base for API calls and brought me to this page<\/a> which gave enough examples of the Pi-hole API to get started (as a side note, the API structure is not as far along as I would have guessed. We\u2019ll see an example of a shortcoming later in this article).<\/p>\n\n\n\n To explore the Pi-hole API, I started with the \u201ctype\u201d request as it does not require authentication. Since my pi-hole server is at 192.168.55.3 and I do not have a TLS certificate enabled, I entered I recorded that token, which I\u2019ll call myAPIToken through the rest of the article, and after a bit of experimenting found that a URL of If you are newer to exploring API\u2019s, like I am, it will be useful to break down the various parts of the URL that we are going to need to understand when creating and testing\/troubleshooting our Management Pack Design.<\/p>\n\n\n\n With sufficient information about the Pi-hole API, I turned to the MPB communities page noted earlier for the download and documentation links to install the appliance into my lab. Following the steps in the documentation, I deployed the MPB in my lab, accessed it via a browser, and set the admin password with no issues to call out.<\/p>\n\n\n\n The documentation does a good job of explaining the main constructs of the Management Pack that we are going to build, defining the terms Design, Object, Requests, and Relationships. For my example of building a Pi-hole MP, I identified that the Pi-hole server was going to be my Object as I have two of those to work with, and that the summary API request was going to provide enough properties and metrics to have meaningful data for this experiment. This proved mostly true except for the hostname of my Pi-hole server, which will be detailed later.<\/p>\n\n\n\n Using the Creating a Design<\/em> section of the documentation as a guide, I began a new design. The thing that would have been easier had I understood from the start about the Source<\/em> section of the design is that portions of it are for testing only, but some of it will become content in the actual MP that you build. I will note those sections below:<\/p>\n\n\n\n The URL Preview should look like: With a Source <\/em>section successfully tested against our reference environment, we move to the Requests <\/em>section of the design. As the documentation describes, this is where we define the API requests that we need to collect the data that our MP uses. We are going to create two requests, one named \u201csummary\u201d and one named \u201chostname\u201d. Let\u2019s work through these one at a time.<\/p>\n\n\n\n We determined early on that the summary API request was going to return most of the data that we would use in our MP. And we used it in our Source <\/em>section to test our reference environment. If you looked at the results of the summary request carefully, you would note that the results do not include the actual hostname of your Pi-hole server. And in fact, there is not an API request that will return the name of your Pi-hole server. If we only have one Pi-hole server this wouldn\u2019t be a horrible problem in vROps, but if we have multiple servers that we want to monitor, there\u2019s not a reliable value to identify which server is which. So, Brian came up with the following clever solution that requires a script to be created on each Pi-hole server but then allows the hostname of the server to be collected:<\/p>\n\n\n\n If you\u2019re not comfortable with linux commands, you could copy or type the following to create the get-hostname.php file:<\/p>\n\n\n\n With this file created, we can go back to the MPB UI and define the first request that will return data for our MP by clicking the Add Request button then:<\/p>\n\n\n\n Now that we have defined the Requests, we move to the Objects<\/em> section of our design where we can select the data from the API requests that we\u2019d like to include in our MP. Click the Add New Object<\/em> button and populate it as follows:<\/p>\n\n\n\n The results will look as follows:<\/p>\n\n\n\n There are no Relationships <\/em>to define, and we are not going to create any Events <\/em>for this example so we can select the Configuration <\/em>section where we can review and modify MP version as well as labels and default values for various fields. With this information complete, click the Save <\/em>button near the top of the Design then click the Build <\/em>button. Review the Identifiers and Properties and since we didn\u2019t define Relationships or Events, click Next. Click the Perform Collection button to collect sample data and review the Collection Summary to ensure the results were as expected then click Next. Lastly, click the Build button to create the MP. Look for the Build succeeded message then click the Go to build link. Click the name\/version of the MP which is a link that will start the download of the .pak file. Save this file and you are now ready to import it into vROps.<\/p>\n\n\n\n Installing the resulting .pak file is done like any other MP, from Data Sources \/ Integrations \/ Repositories with the exception that you will have to check the box to \u201cIgnore the PAK file signature checking\u201d as this MP is not signed. Once the MP is installed, you add an Account for each of your Pi-hole, which will include adding Credentials to vROps that is the API token for your server. Before long, you too can track your Pi-hole performance in vROps. I’d love for you to leave a comment below with what other apps you build a management pack for. Learn how to build a vROps Management Pack to collect data about your Pi-hole servers Continue reading http:\/\/192.168.55.3\/admin\/api.php?type<\/code> into my browser and got a returned value of {“type”:”FTL”}. This was a good start. I then attempted both the summary and summaryRaw requests, which the document says does not require authorization but found that to not be the case. I set out to determine how to authenticate to the API and found in the Pi-hole admin interface \/ Settings \/ API\/Web Interface section there is an option to \u201cShow API token\u201d, as shown here<\/p>\n\n\n\n![\"\"](\"https:\/\/enterpriseadmins.org\/blog\/wp-content\/uploads\/2023\/02\/image-1024x752.png\")
<\/a>http:\/\/192.168.55.3\/admin\/api.php?summary&auth=myAPIToken<\/code> would return the correct dataset. An example of the data from a call to the summary API in my lab is:
{“domains_being_blocked”:173812,”dns_queries_today”:93557,”ads_blocked_today”:20121,”ads_percentage_today”:21.506676,”unique_domains”:14998,”queries_forwarded”:52135,”queries_cached”:20425,”clients_ever_seen”:42,”unique_clients”:26,”dns_queries_all_types”:93557,”reply_UNKNOWN”:1018,”reply_NODATA”:19198,”reply_NXDOMAIN”:7366,”reply_CNAME”:29501,”reply_IP”:35897,”reply_DOMAIN”:149,”reply_RRNAME”:1,”reply_SERVFAIL”:10,”reply_REFUSED”:0,”reply_NOTIMP”:0,”reply_OTHER”:0,”reply_DNSSEC”:0,”reply_NONE”:0,”reply_BLOB”:417,”dns_queries_all_replies”:93557,”privacy_level”:0,”status”:”enabled”,”gravity_last_updated”:{“file_exists”:true,”absolute”:1674986048,”relative”:{“days”:1,”hours”:9,”minutes”:37}}}<\/p>\n\n\n\n\n
\n
\n
\n
\n
\n
This section took me a minute to understand that you are creating a variable, that in my case is called ${authentication.credentials.api_token}<\/code> that you then use later in place of the auth token. This value will become part of the MP<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n\n\n\n\n
\n
\n
\n
\n
http:\/\/192.168.55.3:80\/admin\/api.php?auth=%24%7Bauthentication.credentials.api_token%7D&summary=true<\/em>
This should look very much like the test we performed earlier, except for our token being replaced by the variable %24%7Bauthentication.credentials.api_token%7D<\/em>
When you click the Test button you should see a green box that says, \u201cSuccessfully connected\u201d and a Check Response<\/em> link that when you click it displays the results of the summary request. If you don\u2019t get data successfully returned here, compare the URL Preview very carefully to the URL you tested earlier to identify the difference.<\/p>\n\n\n\n\n
<?php echo '{\"hostname\":\"' . gethostname() . '\"}'; ?><\/code><\/li>\n<\/ol>\n\n\n\n\n
\n
\n
\n
With an HTTP Method of Get, the Preview should look like http:\/\/192.168.55.3:80\/get-hostname.php<\/em> and when you click the Request button, should return your Pi-hole server name. We can now click Add Request to create our second request. <\/li>\n<\/ul>\n\n\n\n\n
\n
\n
\n
\n
\n
\n
With an HTTP Method of Get, the Preview <\/em>should match what we saw in the Source section and when you click the Request button, should return a dataset.<\/li>\n<\/ul>\n\n\n\n\n
\n
\n
\n
\n
\n
\n
![\"\"](\"https:\/\/enterpriseadmins.org\/blog\/wp-content\/uploads\/2023\/02\/image-2-1024x449.png\")
<\/a>
<\/p>\n\n\n\n![\"\"](\"https:\/\/enterpriseadmins.org\/blog\/wp-content\/uploads\/2023\/02\/image-1-1024x513.png\")
<\/a>
<\/p>\n","protected":false},"excerpt":{"rendered":"