At World Wide Technology we are working with APIC-EM and recently a conversation with a customer identified a potential use case. This customer is tasked with taking over network operations for a network described as a 'spaghetti' mess of cables. They were particularly interested in automation tools and I described some of the Python modules I've written to use Ansible for automation of the Cisco ACI controller, APIC.
A point I made to this customer, however, is you can't automate what you don't understand.
To that end, we have APIC-EM installed in our Advanced Technology Center (ATC) and this customer requirement would be an good exercise in demonstrating how to use APIC-EM as the 'single source of truth' of the network inventory. APIC-EM incorporates a network discovery function with the results available via the northbound REST-API. Ansible requires an inventory file of devices as a target of the playbook. By writing an Ansible module which queries the northbound REST API of the APIC-EM controller, we are able to provide a list of discovered devices to subsequent steps of the Ansible playbook.
This integration is shown in the diagram below. Ansible runs on a virtual machine, either with the command line interface or with the Ansible Tower GUI calling the playbook. The APIC-EM virtual machine has been configured for device discovery. The management IP addresses of the discovered devices are provided to the Ansible playbook as a list of gathered facts about the network.
For more details on the code to implement the integration of Ansible and Cisco APIC-EM, see the GitHub repository and visit World Wide Technology on the web at wwt.com.