During a recent Nexus 5k upgrade task Layer3 features were preventing non-disruptive ISSU’s from taking place. It became apparent that some N5Ks had unused features/ applications installed and the licenses deployed across the estate were unknown.
So I wrote a Python APIC-EM script to audit and download this information.
The script has the following flow/ logic:
- Retrieve device IDs from APIC-EM of either all devices or those with the tag ‘licensed’.
def get_apic_tag_association(apic, tag_name):
all_ids = []
if tag_name is None:
apicResponse = apic.networkdevice.getAllNetworkDevice()
else:
apicResponse = apic.tag.getTagsAssociation(tag=tag_name)
for tag in apicResponse.response:
all_ids.append(tag.id)
return all_ids
- SSH onto each device in turn and create a object . License information is done by scraping SSH output and creating the relevant license object (, ).
def get_license_state(ssh_session, current_device):
if current_device.platform_type == "IOS":
print("IOS")
elif current_device.platform_type == "IOS-XE":
output_lic_rtu = ssh_session.send_command("sh license right-to-use summary | inc Lifetime").splitlines()
for l in output_lic_rtu:
ar = l.split()
license_obj = IOSXELicense(ar)
current_device.licenses.append(license_obj)
elif current_device.platform_type == "NX-OS" :
output_lic_file = ssh_session.send_command("show license br").splitlines()
for line in output_lic_file:
license_obj = NXLicense(line)
output_lic_file_detail = ssh_session.send_command("show license file {0}".format(line)).splitlines()
for l in output_lic_file_detail:
if l.find("INCREMENT") != -1:
license_feature = NXLicenseFeature(l.split()[1])
output_lic_feature = ssh_session.send_command("show license usage {0}".format(license_feature.feature_name))
if len(output_lic_feature) > 0:
license_feature.applications = output_lic_feature.splitlines()[2:-1]
license_obj.features.append(license_feature)
current_device.licenses.append(license_obj)
If a device is found to have licenses installed copy them to an FTP server and mark the device in APIC-EM with the tag ‘licensed’. NX-OS has commands for backing up licenses whereas IOS-XE does not, it also has interactive prompts during the copy command.
def apply_apic_device_tag(apic, device, tag_id):
apic.tag.addTagToResource(tagDto={"id": tag_id, "resourceId": device.id, "resourceType": "network-device"})
Finally write the text representation of all the objects and store them on the FTP server.
try:
print(ftp_session.pwd())
with open("temp.txt", "w") as text_file:
text_file.write(device_str)
ftp_session.storlines("STOR device_details.txt", open("temp.txt", "br"))
finally:
os.remove("temp.txt")
ftp_session.quit()
The latest version of the script can be found here:
https://github.com/sebrupik/srupik-apic-em-tools/blob/master/frozenPony/src/licenceHarvest.py
Leave a Reply