Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
5027
Views
0
Helpful
6
Comments

REST API Troubleshooting

mtimm
Cisco Employee
Cisco Employee

‎08-21-2014 07:05 AM - edited ‎03-01-2019 06:01 AM

REST API Troubleshooting

Introduction

 

Every interface to the APIC goes through the REST API - CLI, GUI, Python SDK, etc.  When something does not appear to be working properly with the REST API, it can have significant impact on the system as a whole because it is the ONLY interface we have to the APIC.  Knowing how to debug and troubleshoot the REST API can be extremely useful.

 

This document will detail some little known REST API query strings as well as indicate which logs on the APIC can be monitored to see what is going on with the REST API.

 

REST API Troubleshooting

 

All REST API queries go through the web server on node.  Logs for web server are saved on the specific APIC or nodes that the REST APIC queries are being run against at:

 

On the APIC:
/var/log/dme/log/nginx.bin.log
On fabric nodes:
/var/log/dme/log/nginx.log

These logs role over, so if something occurred a while ago you may have to go back in time and look at files that are compressed.

 

Having the REST API return what was modified by the POST request

 

You can have POST requests return what was modified rather than an empty imdata post using a rsp-subtree option set to full (it will return the entire modified Mo), modified (it will return only what was modified), or no (the default behavior of returning nothing).  This can be useful in cases beyond debugging as well where you need the results of a dynamic configuration.  This does have limits though.  For example you can not get a full subtree for the polUni Mo for both GET or POST.

 

Here is an example -

 

POST:

 

https://10.10.10.1/api/mo/uni.xml?rsp-subtree=modified
<fvTenant name="Test3" />

Response:

 

<imdata>
    <fvTenant childAction="deleteNonPresent" 
        descr="" dn="uni/tn-Test3" 
        lcOwn="local" modTs="2014-07-16T18:27:11.408+00:00" 
        monPolDn="" 
        name="Test3" ownerKey="" ownerTag="" rn="" status="created" uid="15374">                 
        <fvRsTenantMonPol 
            childAction="deleteNonPresent" forceResolve="no" lcOwn="local" 
            modTs="2014-07-16T18:27:11.408+00:00" 
            monPolDn="" rType="mo" rn="rsTenantMonPol"
            state="unformed" stateQual="none" status="created" 
            tCl="monEPGPol" tContextDn="" tDn="" tRn="" 
            tType="name" tnMonEPGPolName="" uid="0" />
    </fvTenant>
</imdata>

Having the REST API return what is configured on a MO

 

You can have a GET request return just the configuration of a Managed Object (MO) by using the rsp-subtree=full&rsp-prop-include=config-only options.

 

For example:

 

GET:

 

https://10.10.10.1/api/node/mo/uni/tn-Test3.xml?rsp-subtree=full&rsp-prop-include=config-only

 

Response:

 

<imdata totalCount="1">
    <fvTenant descr="" dn="uni/tn-Test3" name="Test3" ownerKey="" ownerTag="">
        <fvRsTenantMonPol tnMonEPGPolName="" />
    </fvTenant>
</imdata>

 

Labels:
0 Helpful
Comments
odahlqvist
Level 4
Level 4
‎03-12-2015 04:45 PM

Hi Expert 

Great Post , this helped me to get a REST GET in Postman to work , where can i get more info about this details to learn how to ask the APIC after information about exampels Teanant and interface info like VPC or mac addres tables it seems quiet hard tto get this info out of the APIC if you don´t have read the whole SDK

Sebastian Pesic
Level 1
Level 1
‎03-13-2015 06:22 AM

Hi,

Maybe this will help:

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/api/rest/b_APIC_RESTful_API_User_Guide.pdf - at least from page 49 and forward.

 

You can also use the API Inspector from the GUI to get more familiarized with the structure if you haven't already, the first part describes how to use it effectively.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/api/rest/b_APIC_RESTful_API_User_Guide/b_IFC_RESTful_API_User_Guide_chapter_0100.html

 

sarabsin
Level 1
Level 1
‎11-08-2018 10:16 AM

Hello,

How can i see contents log file ? 

 

/var/log/dme/log/nginx.bin.log

 

MykolasB74835
Level 1
Level 1
‎06-15-2020 06:21 AM

Hi, how to solve nginx which seems to be down?

 

ACIxxx# netstat -ant | grep 443

ACIxxx# icurl -k -v https://localhost
* About to connect() to localhost port 443 (#0)
* Trying 127.0.0.1...
* Connection refused
* couldn't connect to host at localhost:443
* Closing connection #0
curl: (7) couldn't connect to host at localhost:443

 

MykolasB74835
Level 1
Level 1
‎06-17-2020 01:34 AM

I had to open TAC, seems a special temporary password is required to access root shell and restart nginx

pn2020
Level 1
Level 1
‎09-12-2020 08:40 AM

Can I also see REST API request logs on ACI APIC GUI?

 

 

----------------

 

All REST API queries go through the web server on node.  Logs for web server are saved on the specific APIC or nodes that the REST APIC queries are being run against at:

 

On the APIC:
/var/log/dme/log/nginx.bin.log
On fabric nodes:
/var/log/dme/log/nginx.log

These logs role over, so if something occurred a while ago you may have to go back in time and look at files that are compressed.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card