Solved: Re: ACI Contract Check (Host / Port)

PJ_Williams · ‎02-03-2022

Hi

I have been programmming my own Python script to list EPG's, The Associated Subjects and Filters. If push this a bit more I could maybe write a connectivity check between two EPG's.

Before I go down this road which will be painful (I am a Python noob) I want to check it does not exist. Here the goal.

Given two endpoints (IP or EPG) and a port, check if the required ACI contracts are present. Maybe only within the same VRF for now.

I know the APIC Gui has something, but it's slow, heavy and the output is confusing. I want something I can run as an app and provide a service. We are always having to check ACI contracts which means finding the EPG, looking at the contracts that "may" provide access based on the name, check they are setup as a cons/prov on the correct EPG'g and then checking filters.

Sergiu.Daniluk · ‎02-05-2022

Simply type 'contract_parser.py' from ibash (the regular shell on the Leaf)

View solution in original post

Sergiu.Daniluk · ‎02-03-2022

I am not aware of a EP-to-EP checker, but here you have half of the intelligence, where you can check between two EPGs:

https://github.com/agccie/aci-contract-parser

In other words, you just need to build the EP-to-EPG verification, and then use the contract parser to check for existing contracts between epgs.

Hope it helps,

Sergiu

PJ_Williams · ‎02-04-2022

Thanks Sergiu, this looking amazing. On a different planet to anything I could create.

We are running ACI 4.2 and the python script is not in bootflash, has it been removed or moved somewhere else?

Sergiu.Daniluk · ‎02-05-2022

Simply type 'contract_parser.py' from ibash (the regular shell on the Leaf)

PJ_Williams · ‎02-07-2022

This is brilliant, I am sure many many companies would benefit form this but are not aware.

Many thanks.