Hi @raza555 ,
Where I was planning to lead was a similar path to @ecsnnsls - except using icurl instead of moquery (I keep finding bugs in moquery) and using json output
So - here is @ecsnnsls 's answer re-worked: Note the bash prompt - you'll have trouble typing the ? character if you don't exit to bash.
apic1# bash
chris@apic1:~> icurl -s -k "https://localhost/api/class/fvAEPg.json?rsp-subtree=full&rsp-prop-include=config-only"
or if you want it pretty:
chris@apic1:~> icurl -s -k "https://localhost/api/class/fvAEPg.json?rsp-subtree=full&rsp-prop-include=config-only" | jq '.'
But to extract just the bits you want form above, you'll need to use the jq (JSON Query) utility
So try this (then guess how I spent my rainy Sunday!)
chris@apic1:~> icurl -s -k "https://localhost/api/class/fvAEPg.json?rsp-subtree=full&rsp-prop-include=config-only" \
| jq --raw-output \
'.imdata[].fvAEPg | .attributes.name, .children[].fvRsBd.attributes.tnFvBDName, .children[].fvRsDomAtt.attributes.tDn, .children[].fvRsPathAtt.attributes.tDn, .children[].fvRsPathAtt.attributes.encap, .children[].fvRsPathAtt.attributes.mode | select( . != null )'
Now the output is not perfect by any stretch of the imagination. Here are the flaws I've noticed:
- My output is NOT in Excel or even a suitable .csv format as you asked for
- If the same EPG exists in multiple tenants, there is no indication of which tenant the EPG belongs to. This could be fixed (if not elegantly) by changing .attributes.name to.attributes.dn in the line above
- The path for a VPC doesn't reveal the port numbers, but does reveal the VPC Interface Policy Group (you asked for both)
- The path for a single port reveals the port number, but I didn't extract the Access Port Policy Group - and that would take another iteration somewhere. That's in the "too hard" basket for now.
- Although I have a VMM Domain configured, I didn't have any active VMs, so I didn't get to chase that bit either before Sunday ran out. Possibly also in the "too hard" basket.
- If an EPG has multiple static paths, the paths, encapsulation and mode don't get grouped. In my example output below, the WebServers_EPG has two paths, the first mapped to vlan-2084 tagged (regular) on a VPC, the second mapped to a FEX port on vlan-2082 untagged.
WebServers_EPG Web_BD uni/vmmp-VMware/dom-T08:vC_VMM.Dom uni/phys-T09:MappedVLANs_PhysDom topology/pod-1/protpaths-2201-2202/pathep-[T08:L2201..2202:1:38_VPCIPG] topology/pod-1/paths-2202/extpaths-192/pathep-[eth1/18] vlan-2084 vlan-2082 regular untagged
I would have been happier if I'd been able to get the query to produce the above as
WebServers_EPG
Web_BD
uni/vmmp-VMware/dom-T08:vC_VMM.Dom
uni/phys-T08:MappedVLANs_PhysDom
topology/pod-1/protpaths-2201-2202/pathep-[T09:L2201..2202:1:38_VPCIPG]
vlan-2084
regular
topology/pod-1/paths-2202/extpaths-192/pathep-[eth1/18]
vlan-2082
untagged
But I'll leave that as an exercise for the reader (BTW - if you manage it, DO let us know how you did it)
Bonus Addendum!
What you are seeking might already be available in graphical form rather than Excel format. Did you know about the Policy Viewer App for the Cisco APIC?
It will give you a graphical representation of all the things you asked for.
To install and use this App, download the app to your local PC, then log into the APIC with admin rights and navigate to the Apps > Installed Apps, then stare at the screen for five minutes (: until you spot the highly-obscure and un-obvious Add Application icon on the right-hand side that enables you to upload the app to the APIC.
You access the Policy Viewer via the Tenant - look for an extra sub-menu on the right hand side of several Tenant objects.
However, no matter how pretty this looks, it doesn't delver you an Excel spreadsheet.
To achieve that goal, I believe you are going to have to write a program of some sort.
And to do that, you'll need to understand the relationships between the objects, which aren't necessarily as simple as the above diagram might suggest. And a good learning tool to assist with this is another APIC App - the APIC Managed Object Browser and for this one you'll need to read the documentation carefully.
[Edit: Updated http:// to https://]
