cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
543
Views
0
Helpful
3
Replies

FMC API health policy, platform settings and group optimization

NiclasAndersen
Level 1
Level 1

Hi 

I am deploying over 900 FTD 1120 to Cisco CDO and cdFMC, doing the configuration of the device inside the cdFMC i am applying a health policy, platform settings and add the device to a device group. 

To my understanding of the API, you need to specify the total list of all devices that should have that policy at every api call. So when i need to add one device to the policy, i need to first get all devices inside a list and then send the total list to the FMC API, which can be a long and time consuming task as i come closer to the total amount of devices.

In the beginning my config part of my python script took about 100 second, but now when i have around 200 FTD inside CDO the same config time is about 180 seconds

Can anyone guide me to optimize that part?

3 Replies 3

AHack210
Cisco Employee
Cisco Employee

Hi Niclas, So is the retrieval of the device list where you see the slowness? Can you pinpoint times per-api call to see which call is the culprit?

Side note: If you are in CDO, you could get the device list from a CDO inventory endpoint, rather than from the FMC endpoint, which is quite fast, but I'm unsure on what attributes beyond name that the subsequent API call is requiring. Let me know and I can point you to that API.

It is both when i retrive the devices, and when i need to generate the total list that need to be sent to the api endpoint. I don't think the CDO api endpoint will give me the correct data, since i need the cdFMC device id in the list of devices in the api endpoint for healt policy, platform settings and device group.

 

And as a side note, every time i configure 1 device with the health policy, all the other FTDs then need a new deployment for the updated list of devices in those policies

Hi Niclas, 

Thanks for the details. So the cdFMC ID will be static for the lifetime of the cdFMC, and that ID can be extracted from the CDO inventory I believe. 

Review Cisco Networking for a $25 gift card