Is it possible to pull config from Cisco APIC controller using REST API from a remote server .
Cisco – Rest API to export configuration from an ACI
automationcisco
Related Solutions
Use a script to login to the WLC and run the transfer command: http://www.cisco.com/en/US/docs/wireless/controller/6.0/command/reference/cli60.html#wp1327209
You can use this to upload the config from the WLC to another server via TFTP/SFTP/FTP.
(Cisco Controller) >transfer upload mode sftp
(Cisco Controller) >transfer upload username my-osx-user
(Cisco Controller) >transfer upload password my-os-password
(Cisco Controller) >transfer upload serverip 192.168.1.10
(Cisco Controller) >transfer upload path /Users/my-osx-user/
(Cisco Controller) >transfer upload filename wlc.config
(Cisco Controller) >transfer upload datatype config
(Cisco Controller) >transfer upload start
Mode............................................. SFTP
SFTP Server IP................................... 192.168.1.10
SFTP Server Port................................. 22
SFTP Path........................................ /Users/my-osx-user/
SFTP Filename.................................... wlc.config
SFTP Username.................................... my-osx-user
SFTP Password.................................... *********
Data Type........................................ Config File
Encryption....................................... Disabled
**************************************************
*** WARNING: Config File Encryption Disabled ***
**************************************************
Are you sure you want to start? (y/N) y
SFTP Config transfer starting.
File transfer operation completed successfully.
(Cisco Controller) >
While the link points to WLC 6.0, the example was run on 7.4.
You have several options to get this type of functionality on a Cisco device. (Which one you use depends on your needs and sometimes on the device and IOS load. Some older devices/IOS loads will have different capabilities.)
EDIT: You are asking about doing this every one minute, which as you found out in our chat about this question, will bog down your router. (Especially in GNS3.) The below options are available to you for automating confirguation backup, however I would not recommend doing so every 1 minute.
You could either:
Use Cisco's Kron functionality for command scheduling. This will allow you to execute predefined commands on a scheduled basis. As you pointed out,
copy run tftp
requires file prompt confirmation. (Unless you've turned off file prompt confirmation, however I don't recommend it as a normal setting.) Redirecting does not require confirmation. So the command used in the scheduler isshow run | redirect tftp://$SERVERIP/$PATH/$FILE
Use Cisco's Archive functionality for configuration management. Archive is a way to store multiple copies of the config in a sequential fashion and roll back configs if needed to a previous version. Copying out with Kron overwrites the previous config, while Archive allows you to keep up to 14 different config versions in the specified location. See this link on the Cisco Learning network for more useful info on Archive. Specifically how to dynamically set the filename with the $h and $t tags.
In either of the below samples, you can adjust the times to your needs, these are just what I quickly pulled out of some production gear.
Sample config to have Kron write config and back it up to a tftp server once a week:
kron occurrence SaveConfig at 23:50 Mon recurring
policy-list SaveConfig
!
kron occurrence BackupRunningConfig at 23:55 Mon recurring
policy-list BackupRunningConfig
!
kron policy-list SaveConfig
cli write
!
kron policy-list BackupRunningConfig
cli show running-config | redirect tftp://10.10.10.10/configs/testswitch.txt
Sample config to have Archive back up your config to a tftp server daily:
archive
path tftp://10.10.10.10/configs/$h-$t
time-period 1440
maximum 14
Best Answer
I don't know if it's really what you're looking for, but for science you can export APIC configuration in JSON or XML format via REST.
First of all you need to obtain authentication token by running POST request to
https://{{APIC}}/api/aaaLogin.json
with JSON body:Verify that body type is
application/json
.On Python it will look like this:
Then you can do GET request to obtain
uni
child objects which will be configuration you want:https://{{APIC}}/api/node/mo/uni.json?query-target=children
query-target=children
can also be replaced withquery-target=subtree
to get even more data including existing endpoints, counters, etc...You should include authentication token in your request:
You're can also do this with Postman or another app that helps with REST API testing/troubleshooting.
===============================
It is important to note, that configuration obtained with that method cannot be counted as valid fabric backup. For backups you should use special instruments available inside APIC GUI that create snapshots and full backups and store them on APIC or external resources such as FTP/SFTP/TFTP.