12-04-2019 11:20 PM
Hi,
Has anybody tried comparing the configuration between two different APIC controllers.
Example. I just need to compare the policy config (say AEP policy) between two controllers & say if that is following the standards ?
Is there a suggestion/ideas on how this can be performed ?
Thanks
Zulfi
12-05-2019 03:13 AM
12-05-2019 05:20 AM
Hi Zulfi. Please allow me to share a little trick that is going to make this easy for you. I am not sure it is widely known, but APIC actually has a nice graphical diff function you can use for this.
A little bit of easy setup first. You will need to configure a common Remote Location for the APICs in both fabrics. You do that in the UI under "Admin > Import/Export > Remote Locations" Choose FTP, SCP, of SFTP (and of course you need a server running these protocols to receive the file).
Next, you will need to take a snapshot of whatever you have configured on APIC in fabric 1. You can do this in the UI, under "Admin > Config Rollbacks". Make sure the pulldown says "Fabric" and not "Tenant". Just save this snapshot locally on the APIC. On the OTHER APIC in the 2nd fabric, take a snapshot but instead save it to your Remote Location.
Next, back on the APIC in the first fabric, select to import a configuration from the remote location and paste in the file name of the configuration you saved from the 2nd Fabric (looks something like: ce2_defaultOneTime-2019-12-05T13-44-44_1.tar.gz).
Upon successful import in APIC from Fabric 1, you will now see your local snapshot and the snapshot imported from the other fabric.
Now, all you have to do is select the entry for the imported config, and then in the pane to the right, select your earlier local snapshot and compare.
The output is very nicely done because you will only see what differs. Green means something was added to the later config and red means something was deleted.
Hope this helps!
12-05-2019 08:37 AM
12-05-2019 05:33 AM
Hi @zulfikhar_a ,
You can go to your AEP object in each of your controllers and download it. Example below. I like to download to JSON. You can then compare the two objects. You can download either the All Properties or Configuration only (options when you select Save As..). Sample of Only Configuration output is below.
Once you have the output from both controllers you can do a text "diff" with your favorite comparison program.
If you do this all the time you can grab the config via REST and compare.
! Only Configuration | Subtree | JSON { "totalCount": "1", "imdata": [ { "infraAttEntityP": { "attributes": { "annotation": "", "descr": "", "dn": "uni/infra/attentp-SnV_corporate_external", "name": "SnV_corporate_external", "nameAlias": "", "ownerKey": "", "ownerTag": "" }, "children": [ { "infraRsDomP": { "attributes": { "annotation": "", "tDn": "uni/phys-SnV_phys" } } }, { "infraRsDomP": { "attributes": { "annotation": "", "tDn": "uni/l3dom-SnV_external_corporate" } } } ] } } ] }
12-05-2019 08:21 AM
12-05-2019 12:59 PM
Hi @zulfikhar_a,
I completely misunderstood. You are looking for something like a Cisco Validated Design for ACI to compare your builds against, if I understand correctly now.
I've not seen anything like that.
The Cisco Application Centric Infrastructure Design Guide White Paper is good and has a Best Practices summary section at the end which you have probably already seen.
Apart from that you can check out the Data Center Design guides to see if one is aligned with your design but a "validated design" that can be consumed by automation...I've yet to see such a thing but I'm hopeful. I wrote this earlier this year lamenting the lack of structure in our design data!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide