Search objects within APIC

To be able to search within the controller we must understand how the objects are stored in the managed information tree (MIT). According to APIC documentation:

"The Management Information Tree (MIT) consists of hierarchically organized managed objects (MOs) that allow you to manage the APIC. Each node in this tree is an MO and each has a unique distinguished name (DN) that identifies the MO and its place in the tree. Each MO is modeled as a Linux directory that contains all properties in an MO file and all child MOs as subdirectories. The APIC system configuration and state are modeled as a collection of managed objects (MOs), which are abstract representations of a physical or logical entity that contain a set of configurations and properties. For example, servers, chassis, I/O cards, and processors are physical entities represented as MOs; resource pools, user roles, service profiles, and policies are logical entities represented as MOs. Configuration of the system involves creating MOs, associating them with other MOs, and modifying their properties. At runtime all MOs are organized in a tree structure called the Management Information Tree, providing structured and consistent access to all MOs in the system."

As we can see, APIC objects are structured in a tree fashion. The root of that management information tree is the Uni (stands for universe) object. All other objects are children of Uni.

In the previous lesson we learnt that objects can be queried using the class name property. Other way to retrieve objects is using the distinguished name property. For instance, the following code gets all objects that are one level bellow the Uni object, which distinguished name is uni:

    
from cobra.mit.request import DnQuery
from cobra.mit.access import MoDirectory
from cobra.mit.session import LoginSession

session = LoginSession(url, user, password)
moDir = MoDirectory(session)
moDir.login()

def query_children_objects(dn_query_name):
        dn_query = DnQuery(dn_query_name)
        dn_query.queryTarget = 'children'
        child_mos = moDir.query(dn_query)
        return child_mos

query_children_objects('uni')
    

We can get any object from APIC with the distinguished name. But, how can we find the distinguished name of an specific object? We can use the Visore tool, the object browser form APIC. It can be used in order to directly query the Managed Objects (MO) when you point your browser to the IP address of one of the APICs. https://[APIC IP ADDRESS]/visore.html

A drawback of this approach is that we must specify the class name or the distinguished name to retrieve objects. What can be done if we do not have that information? According to APIC documentation, each MO is modeled as a linux directory inside the APIC. We can use the find -iname linux command to find those objects. For example, the object that we want to look for is the switch profile that is showed in the following picture:

We know that the object name is "sp-testing" and that object must be stored as a directory. If we issue the command find -iname "*sp-testing*" inside the apic bash, it should return at least one directory:

    apic1# bash
    admin@apic1:~> cd /mit/uni
    admin@apic1:uni> find -iname "*sp-testing*"
    ./infra/nprof-sp-testing
    admin@apic1:uni> cd infra/nprof-sp-testing
    admin@apic1:nprof-sp-testing> cat summary
    # Switch Profile
    name         : sp-testing
    childAction  :
    descr        :
    dn           : uni/infra/nprof-sp-testing
    lcOwn        : local
    modTs        : 2016-02-15T08:58:51.120+00:00
    monPolDn     : uni/fabric/monfab-default
    ownerKey     :
    ownerTag     :
    rn           : nprof-sp-testing
    status       :
    uid          : 15374
    admin@apic1:nprof-sp-testing>

Inside each directory, a summary file will tell us the distinguished name (dn) of that object. We can now use that dn to retrieve the object with the DNQuery class.

Lets take this searching problem a bit further. What can we do if we want to automate this query directly from Python? We can define a method that use a recursive algorithm to search within the MIT tree:

    
from cobra.mit.request import DnQuery
from cobra.mit.access import MoDirectory
from cobra.mit.session import LoginSession

session = LoginSession(url, user, password)
moDir = MoDirectory(session)
moDir.login()

def query_children_objects(dn_query_name):
        dn_query = DnQuery(dn_query_name)
        dn_query.queryTarget = 'children'
        child_mos = moDir.query(dn_query)
        return child_mos

def print_dn_by_pattern(dn_object_list, dn_pattern):
        for dn_object in dn_object_list:
            if dn_pattern in str(dn_object.dn):
                print (str(dn_object.dn))
            else:
                children = query_children_objects(dn_object.dn)
                if children is not None:
                    print_dn_by_pattern(children, dn_pattern)

object_list = query_children_objects('uni')
print_dn_by_pattern(object_list, 'sp-testing')
    

Now we can access to any object within the APIC given a String pattern. Be aware that this search may take a while (even more than ten minutes!). Avoid making the user waiting for that time using Threads. We could define several threads to search in different folders within the MIT in parallel.