WebARENA Indigo API
WebARENA Indigo is one of the cheapest VPS services in Japan. It can be controlled via Rest-API for some functions.
create API key and API secret key
Before you use the Rest-API, you have to access controle panel and create API key and API secret key.
- access Indigo ダッシュボード
- click API鍵の管理 on the left side menu then select API鍵
- click API鍵の作成 on the top of right side
- write down API鍵 and API秘密鍵
If you'd like to do so, set them as environment variable
$ cat << END > ~/.webarena_secret
> export IndigoApiKey=xxxx
> export IndigoApiPrivateKey=xxxx
> END
$ chmod 600 ~/.webarena_secret
$ cat << END >> ~/.bashrc
> if [ -f ~/.webarena_secret ]; then
> . ~/.webarena_secret
> fi
> END
create API token
After create API key and API secret key, you can create API token. You need this API token to call other Rest-APIs.
IndigoToken=$(curl -s -X POST \
https://api.customer.jp/oauth/v1/accesstokens\
-H 'Content-Type: application/json' \
-d '{
"grantType": "client_credentials",
"clientId": "'${IndigoApiKey}'",
"clientSecret": "'${IndigoApiPrivateKey}'",
"code": ""
}' | jq -r .accessToken)
The output of this API includes "expiresIn": "3599". I have not confirmed but it would expire in about 3600 seconds.
register ssh key
ssh key will be installed in ~/.ssh/authorized_keys of login user when the instance will be created. You can register your own ssh public key instead of create it.
curl -s -X POST \
https://api.customer.jp/webarenaIndigo/v1/vm/sshkey \
-H "Authorization: Bearer ${IndigoToken}" \
-d '{
"sshName": "testkey",
"sshKey": "ssh-rsa xxxx"
}'
When I tested to upload "ed25519" public key but I got error message like below. It seems they don't allow ed25519 keys.
{"success":false,"errorMessage":"Invalid SSH key.","errorCode":"I10034"}
retrieve information to create instance
list ssh keys
curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/vm/sshkey \
-H "Authorization: Bearer ${IndigoToken}" | jq .
list regions
instanceTypeId=$(curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/vm/instancetypes \
-H "Authorization: Bearer ${IndigoToken}" | jq '.instanceTypes[] | select(.name == "instance") | .id')
curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/vm/getregion?instanceTypeId=${instanceTypeId} \
-H "Authorization: Bearer ${IndigoToken}" | jq .
list os
curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/vm/oslist?instanceTypeId=${instanceTypeId} \
-H "Authorization: Bearer ${IndigoToken}" | jq .
list instance plans
curl -s -X GET \
'https://api.customer.jp/webarenaIndigo/v1/vm/getinstancespec?instanceTypeId='${instanceTypeId}'&osId=xx' \
-H "Authorization: Bearer ${IndigoToken}" | jq .
create instance
curl -s -X POST \
https://api.customer.jp/webarenaIndigo/v1/vm/createinstance \
-H "Authorization: Bearer ${IndigoToken}" \
-d '{
"sshKeyId": xxxx,
"regionId": x,
"osId": xx,
"instancePlan": x,
"instanceName": "xxxx"
}'
list instances
curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/vm/getinstancelist \
-H "Authorization: Bearer ${IndigoToken}"
When you create an instance, "instancestatus" will be "OS installation In Progress". After a while it will become "Stopped". It is a time to start your instance.
curl -s -X POST \
https://api.customer.jp/webarenaIndigo/v1/vm/instance/statusupdate \
-H "Authorization: Bearer ${IndigoToken}" \
-d '{"instanceId":"xxxx","status":"start"}'
After you start your instance, "instancestatus" will become "Running"
firewall
The rule is a allow list. When you create a firewall rule and apply it to your instance, others will be denied.
create firewall rule
curl -s -X POST \
https://api.customer.jp/webarenaIndigo/v1/nw/createfirewall \
-H "Authorization: Bearer ${IndigoToken}" \
-d '{
"name":"xxxx",
"inbound":[
{"type":"Custom","protocol":"TCP","port":"22","source":"x.x.x.x"}
],
"instances":["xxxx"]
}'
Above rule only allow ssh connection from x.x.x.x. All other inbound connection will be denied. Since there are no outbound rules, all outbound connection will be allowed
list firewall
curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/nw/getfirewalllist \
-H "Authorization: Bearer ${IndigoToken}"
describe a firewall rule
curl -s -X GET \
https://api.customer.jp/webarenaIndigo/v1/nw/gettemplate/xxxx \
-H "Authorization: Bearer ${IndigoToken}"
update firewall
curl -s -X PUT \
https://api.customer.jp/webarenaIndigo/v1/nw/updatefirewall \
-H "Authorization: Bearer ${IndigoToken}" \
-d '{
"templateid":"xxxx",
"name":"xxxx",
"inbound":[
{"type":"Custom","protocol":"UDP","port":"123","source":"0.0.0.0"},
{"type":"Custom","protocol":"TCP","port":"22","source":"x.x.x.x"}
],
"instances":["xxxx"]
}'
snapshot
- stop instance
- create/restore snapshot
- start instance
When start instance after restore from snapshot, the boot process may stack at GRUB. You can confirm the situation at QEMU console.
How to access the console:
- access Indigo ダッシュボード
- click instance management on the left side menu then select instance.
- click select on the right side of the target instance and select access.
- click "start console"
- If it has stacked at GRUB, click force stop of the left side. After stop, start it again.