EMAIL SUPPORT

dclessons@dclessons.com
LOCATION
 
AF
(/) (mailto:dclessons@dclessons.com)

ACI AUTOMATION & SCRIPTING

ACI Automation & Scripting TABLE OF

Posted on May 10, 2021  (0) CONTENTS

ACI Automation & Scripting  Introduction to

ACI & Its Fabric
While using Scripting and Orchestration there are common benefits
observed which include following:  ACI Fabric
Traffic
Fast, rapid and Consistent changes across ACI fabric Forwarding

• Provides simple method for Automation  Designing the

• It reduces chances of Human Error Tenant Network
• It helps in making network & policy changes on Fly
 Designing
• It reduces the time over quick recovery after disaster
external L2
• Cost reduction for Network Changes by using Automation &
Network
Orchestration.
 Designing
In ACI Automation & Orchestration, REST API plays a major role, we can
External Layer 3
learn here what is the REST API and how it works via Postman APP.
Connectivity

REST API  ACI PREMIUM

LABS
REST is Representational State Transfer protocol, based on client/ Server
communication method, which uses TCP based HTTP/HTTPS protocol. In  ACI Scripting
the Client request to a server and in response Server transfer the actual  ACI Advance
status of Server resource or information which client has requested. Concepts
REST API accepts and return HTTP or HTTPS message via JSON or XML  ACI Network
document. Mgmt &
Monitoring
RSET API uses request which contains following fields: 
 ACI Multi-Site
• HTTP(S): Defines the operation to be performed
Concepts
• Header: It contains Client request and it allow this request to pass
along it.  Remote Leaf in
• Path: It identifies the location of a resource. ACI
• Message Body: It contains DATA

Below are three HTTP(S) method which is used by client to send request:
RECENT POSTS
• GET: It retrieves a set of information or resource which has been
asked by client.  Cisco SASE
• POST: It send some parameters, that is used to configure ACI fabric, it Architecture
either create or updates any resource. (https://www.dclessons.com
• DELETE: It removes certain parameters or delete any particular /viptela/cisco-sase-
resource. architecture)

In POST & DELETE methods, even though they are called multiple times,  SASE vs SD-WAN
there will be no effect and hence are termed as idempotent. In GET method, (https://www.dclessons.com
even though it is executed multiple times, there will be no change in MIT /internet-of-things-
object model and hence it is termed as nullipotent. iot/sase-vs-sd-wan)

While using REST API, the Correct URI must be provided, in order to get valid  What is SASE
and correct response. (https://www.dclessons.com
/internet-of-things-
As Example, if we want to get information about tenant DCLESSONS, we
iot/what-is-sase)
need to use following URI:
 Accessing Amazon S3
https://{{apic-host-or-ip}}/api/mo/uni/tn-DCLESSONS.json using AWS private Link
if we want to pull some information, from a node managed object, we need in Secure hybrid
to use below URI, where the resource path contains the DN of managed method.
Object. (https://www.dclessons.com
/aws/accessing-
https://{{apic-host-or-ip}}/api/mo/topology/pod-1/node-101/sys
amazon-s3-using-
/ch/ftslot-1.json
aws-private-link-in-
secure-hybrid-
ACI basic Automation tools method)
ACI provides some tools, through which we can do basic Automation, these  Cisco Smart Licensing
tools are some where described below and as shown in figure. Policy
• API Inspector (https://www.dclessons.com
• Object Save As /nexus/cisco-smart-
• Visore licensing-policy)
• MOQuery  Cisco Certification – A
 Closer Deep-Dive Look
(https://www.dclessons.com
/lisp/cisco-
certification-a-closer-
deep-dive-look)

 Cisco DNA-Spaces :
Monitoring IOT
Network
(https://www.dclessons.com
/internet-of-things-
iot/cisco-dna-spaces-
monitoring-iot-
network)

 Compute in AWS Cloud

(https://www.dclessons.com
API Inspector: whatever you configure in ACI via APIC, API Inspector, /aws/compute-in-
captures every packet. When any task is performed in APIC, GUI sends aws-cloud)
internal API message to operating system to execute the task.
 Understanding Key
You can copy those syntaxes and can also use it for further automation or to Datacenter
perform repetitive task. API inspector captures the API message only in Technologies and
JSON format. Solutions
(https://www.dclessons.com
In order to open the API inspector, open APIC GUI, go to right side corner of
/sdn/understanding-
window, right click on circular help & Tool button and click on API inspector
key-datacenter-
Tab. Now try to create any configuration via APIC, as example create any
technologies-and-
Tenant, and in the API you will see that timestamp for this task has been
solutions)
executed by APIC using HTTPS method and same has been recorded in API
inspector. Below figure shows you only example for it.  SDN Protocols
(https://www.dclessons.com
/sdn/sdn-protocols)

MEMBERSHIP

PLAN

$100/Monthly

You need to understand the JSON script, before you start your scripting.
Below is the body of JSON format.

$200/6 Months

The JSON format in ACI starts with a curly bracket ({), followed by “Parent-

Object-Class” with double quotes and a colon (:). Then, “attributes” of
“Parent-Object-Class” starts with double quotes and a colon followed by
$350/Year
each of the object property key/value pairs, in the
form {“property1”:”value”, “property2”:”value”}.

The properties of the child object class start with the key word “children” in
double quotes and a colon followed by a square bracket ([).

Then the properties of each “Child-Object-Class” start with a curly bracket

in double quotes and a colon. The “attributes” of “Child-Object-Class” start
with double quotes and a colon followed by each of the object property
key/value pairs in the form {“property1”:”value”, “property2”:”value”},”
children”: []}}.

The last child object class does not have a comma at the end but rather a
closing square bracket and curly brackets for the top-level parent object
class(es).

Object Save as
With this method, you can download the configuration payload via XML also
other than Json format.

Below figure shows how a particular configuration payload can be saved in

xml format.
To do that, you need to right click any object whose payload you want to
download, and then select the save as after choosing appropriate fields. In
this method, you have option to choose XML or JSO format.

Now, once you save the configuration, it will not give you URL. So you need
to build the URL for any certain managed object.

https://<apic_IP>/api/node/mo/

Visore (Object Store Browser)

Visore is a tool, which is used to provide view of entire MIT. This tool can be
used to query a MO or class of object. A Visore can be accessed using OOB
IP address of APIC:

https://<APIC IP address >/visore.html.

it can also be opened by using APIC GUI, by clicking circular icon in top-right
corner of the window and selecting Object Store Browser.

Once done, you will be asked to provide APIC credentials to login in to it. In
below figure you can see Visore (Object store Browser) where you can query
any class of object or DN of managed Object in entire MIT.
In above figure, we have queried bridge domain class fvBD. Visore will pull
out all 47 managed object and their properties.

We can also query property of an object of a certain class. Let say, we want
to pull all the objects that contain certain EPG via query EPG object class
fvAEPg.

MOQuery
MOQuery is a CLI based tool which is used to browse objects in MIT. It is not
only used for automation scripts but also used for troubleshooting events.

In order to find the MOQuery command line Help we should use following
commands.
Command to find a Class (-C)
MOQuery to find the a DN (-d)
MOQuery to find an EPG Class and Filtering on name DCLESSONS-WEB-Epg

MOQuery to find a BD Class and use filter on name containing Dclessons-

WEB-DB and ARP folloing disable
Postman Scripting for ACI
POSTMAN is an HTTP web user interface client that allow you to make
HTTP calls. Postman is a google chrome application which provides an easy
way interface for interacting with REST API. Postman can be added in
google chrome extension like this.

(https://www.dclessons.com/register)
Comment
You are will be the first.

LEAVE A COMMENT
Please login here (https://www.dclessons.com/login) to comment.

ABOUT TRENDING MORE LINKS CONTACT US

DCLESSONS COURSES
• Home (/)  AF
DClessons is premier • NEXUS (/category • Courses (/courses)  dclessons@dclessons.com
online portal which /courses/nexus) • Register (mailto:dclessons@dclessons.c
provides Cloud & • VXLAN (/category (https://www.dclessons.com
Networking Engineers to /courses/vxlan) /register) (https://www.facebook.co
learn topics related like • ACI (/category • Terms & Conditions /dclessonss)
Datacenter, Cloud, SDN, /courses/aci) (/terms-condition)
(https://twitter.com
Loadbalancer-F5, • SD-WAN (/category
VMware, Scripting, /courses/viptela) /dclessons21/)
SDWAN, Security, SD- • AWS (/category (https://www.linkedin.com
Access, Docker, Internet /courses/aws)
/company/dc-lessons/
of Things, Intent Based
Networking.  (https://www.youtube.com
/channel
/UCnmiViVILvS22GcyRWkxnww

© Copyright - 2017 DCLessons.Com