Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
843
Views
5
Helpful
5
Replies

ACI accesses parser

ksarek
Level 1
Level 1

‎12-14-2021 02:37 AM

Hello colleagues!

 

Im trying to parse all accesses between endpoints in ACI via API (including vzAny accesses). 

 

Now, I have got enormous script with a lot of consecutive steps of filling dictionaries:

1. dictionary with contracts used in vzAny objects;

2. dictionary with matching EPGs and Tenants;

3. dictionary with matching contracts and filters;

4. dictionary with matching filters and entries (ports);

5. dictionary with matching EP IPs and EPGs;

6. dictionary with list of providers/consumers for each contract;

 

Next I am using it in huge cycle and collecting all accesses. It's looking ugly and heavy.

Could you share your experience with such task?

Labels:
0 Helpful
5 Replies 5

Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎12-14-2021 05:31 AM - edited ‎12-14-2021 05:31 AM

Hi @ksarek 

By "accesses" you mean which EPG can talk with which EPG (or which EP can talk with which EP)?

If this is what you are trying to obtain, then I think it would be sufficient to have two dictionaries:

1. {"EPG": {"consumed contracts": [], "provided_contracts": []}}

2. {"EP": "EPG it belongs to"}

If you are asked if two EPs can talk, you simply search if there are any common items between ( EPG1_consumed_contracts, EPG2_provided_contracts) and  ( EPG2_consumed_contracts, EPG1_provided_contracts).

vzAny will be a special condition, but is similar with the logic above.

OFC you will have to keep in mind that there are other special conditions which you need to check - part of same EPG, EPG configured or not with intra-epg isolation, uEPG, ESGs.

 

Stay safe,

Sergiu

0 Helpful

ksarek
Level 1
Level 1
In response to Sergiu.Daniluk

‎12-14-2021 05:52 AM

Hello, thank you for reply!

 

>>>By "accesses" you mean which EPG can talk with which EPG (or which EP can talk with which EP)?

I mean EP-to-EP accesses

 

>>>If this is what you are trying to obtain, then I think it would be sufficient to have two dictionaries:

1. {"EPG": {"consumed contracts": [], "provided_contracts": []}}

2. {"EP": "EPG it belongs to"}

Yes, I have used close structure, but I need additional dictionaries for vzAny cases, filters and entries matching.

 

>>>OFC you will have to keep in mind that there are other special conditions which you need to check - part of same EPG, EPG configured or not with intra-epg isolation, uEPG, ESGs.

OFC, there are many special conditions here...

 

What about my structure in general? Is it optimal approach or I can find something more graceful?

0 Helpful

Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to ksarek

‎12-14-2021 06:15 AM

Depending on the code it can be more or less optimal. But keeping in mind of so many different exceptions, I do not see a straight forward way to do it, other then checking each first for intersection of contracts, then look for exceptions.

 

Cheers,

Sergiu

0 Helpful

ksarek
Level 1
Level 1
In response to Sergiu.Daniluk

‎12-14-2021 06:45 AM

I just thought about "secret" url in object browser for optimal API request;)

So, I will optimise my code then. Thank you!

0 Helpful

Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to ksarek

‎12-14-2021 08:13 AM

Nah, that would be too easy, right? ^_^

 

Cheers,

Sergiu

Customers Also Viewed These Support Documents