Solved: Need assistance with API calls to fetch EPG adater details

Zorrom · ‎02-01-2019

Hi Team,

I am using the below API call for generating the API token.

curl -k -X POST -H "Content-Type:application/json" -d '{"aaaUser" : {"attributes" : {"name" : "apic:myorg_Domain\\mytestuser","pwd" : "pass123"}}}' https://127.0.0.1/api/aaaLogin.json

The above command providing me the URL token, so kindly let me know how can I use that token to authenticate Cisco ACI and fetch the EPG network adapter details.

Your response is much appreciated.

Thanks and Regards,
Azhar

micgarc2 · ‎02-02-2019

Can you clarify what you are referring to by EPG adapter details? For the token we can enable the test API in root (will need TAC to get root access)

root#enable_testapi.bin <number of seconds>

OR you can try this method:

1) Create a file named credentials.xml (or whatever name you want) with the following content

2) Post credentials file to create an authenticated cookie within the local working directory

curl --cookie-jar cookie.txt --cookie cookie.txt -skX POST https://127.0.0.1/api/aaaLogin.xml -d @./credentials.xml

Then run your POST and call that cookie (here is an example of me deleting a physical domain for an EPG)

curl --cookie cookie.txt -skX POST "https://127.0.0.1/api/mo/uni/tn-MG/ap-AP1/epg-el" -d '<fvRsDomAtt tDn="uni/phys-MG-phys"

Also, run these curls in the bash shell.

Also, recommend you play around with Postman it is free online and works well if you don't want to always have to run curls for stuff like this.

Hope this helps,

Thank you for participating in the Cisco Support Forum for ACI! If you have other questions related to this post, please let us know. If this response answers your questions, please mark this post "answered" and assign a rating to the response(s) provided. This will help notify other viewers that your question(s) is answered and this helps us provide better responses for this and future questions.

Regards,

Michael G.

View solution in original post

stcorry · ‎02-04-2019

Hello Zorrom, I don't believe you would need to use any advanced API methods as in the previous answer.

You can use a normal API call to find this information. Because the Port Group name in vCenter is written as 'Tenant-Name|AP-name|EPG-Name' you can do a search for the EPGs in ACI and derive the vCenter port group name from the DN field.

Using the cookie, make another request for class EPG to find all the EPGs in the system, then use regex to parse the EPG dn field.

You can use this API call to find all the EPGs:

/api/node/class/fvAEPg.xml?

Hopefully this helps get you closer to your goal! You can use the Object Store Browser (AKA 'visore': https://{{apic-ip}}/visore.html) to help find objects and classes, and it can provide you the API call it uses as seen in the attached screenshot.

View solution in original post

micgarc2 · ‎02-02-2019

Can you clarify what you are referring to by EPG adapter details? For the token we can enable the test API in root (will need TAC to get root access)

root#enable_testapi.bin <number of seconds>

OR you can try this method:

1) Create a file named credentials.xml (or whatever name you want) with the following content

2) Post credentials file to create an authenticated cookie within the local working directory

curl --cookie-jar cookie.txt --cookie cookie.txt -skX POST https://127.0.0.1/api/aaaLogin.xml -d @./credentials.xml

Then run your POST and call that cookie (here is an example of me deleting a physical domain for an EPG)

curl --cookie cookie.txt -skX POST "https://127.0.0.1/api/mo/uni/tn-MG/ap-AP1/epg-el" -d '<fvRsDomAtt tDn="uni/phys-MG-phys"

Also, run these curls in the bash shell.

Also, recommend you play around with Postman it is free online and works well if you don't want to always have to run curls for stuff like this.

Hope this helps,

Thank you for participating in the Cisco Support Forum for ACI! If you have other questions related to this post, please let us know. If this response answers your questions, please mark this post "answered" and assign a rating to the response(s) provided. This will help notify other viewers that your question(s) is answered and this helps us provide better responses for this and future questions.

Regards,

Michael G.

Zorrom · ‎02-04-2019

Hi Michael,

We have couple of EPG adapters created based on application like the following

cisco_app1
cisco_app2

cisco_app3

And we have the same network adapter names created for these applications in our vcenter. And we will be getting the app1,app2 and app3 as variables from SNOW and using that we need to make API calls to Cisco so that we can fetch the full EPG adapter name and use it for our VM build automation

Thanks and Regards,

Azhar

micgarc2 · ‎02-07-2019

So you are looking for a way to moquery the port-groups? The adaptors on the VMs will be attached to port-groups which map back to the EPG name.

EPG = PORT GROUP

Zorrom · ‎02-08-2019

Not exactly. Now I am able to fetch my network adapter name from the EPG using the API's which you provided. What I am looking for is the Gateway details (subnet) from the Bridge domain to whom these EPG's belong. To explain in more detail, I have attached 3 pictures named with Pic 1,2 and 3 respectively

Pic 1 - Shows my EPG panel , which shows the bridge domain section of my EPG

Pic 2 - Shows my bridge domain details

Pic 3 - Shows the L3 configurations tab of the Bridge domain, which contains the gateway (subnet) range that I would need to fetch via API

Thanks and Regards,

Azhar

Zorrom · ‎02-04-2019

Hi Michael,

We have couple of EPG adapters created based on application like the following

cisco_app1
cisco_app2

cisco_app3

And we have the same network adapter names created for these applications in our vcenter. And we will be getting the app1,app2 and app3 as variables from SNOW and using that we need to make API calls to Cisco so that we can fetch the full EPG adapter name and use it for our VM build automation

stcorry · ‎02-04-2019

Hello Zorrom, I don't believe you would need to use any advanced API methods as in the previous answer.

You can use a normal API call to find this information. Because the Port Group name in vCenter is written as 'Tenant-Name|AP-name|EPG-Name' you can do a search for the EPGs in ACI and derive the vCenter port group name from the DN field.

Using the cookie, make another request for class EPG to find all the EPGs in the system, then use regex to parse the EPG dn field.

You can use this API call to find all the EPGs:

/api/node/class/fvAEPg.xml?

Hopefully this helps get you closer to your goal! You can use the Object Store Browser (AKA 'visore': https://{{apic-ip}}/visore.html) to help find objects and classes, and it can provide you the API call it uses as seen in the attached screenshot.

Zorrom · ‎02-06-2019

Hi stcorry,
This worked absolutely fine and I am able to pull our the network adapter names based on EPG selection. However I had to grep my soul out to fetch the network adapters from "dn" but overall it worked absolutely fine.Thanks a lot to you and @micgarc2 for that.
I would need one more help.
Now I can fetch the network adapter name fine, I would like to know what API calls I should use to find to which bridge domain my network adapters belong and also fetch the subnet IP range for that adapter. I need these informations because using that subnet range, I have to query my Solarwinds to fetch an available IP and then proceed with our VM build activites.
Kindly let me know if you can answer my above query in this thread or I can create a new thread for this.

Thanks and Regards,
Azhar