APIC-EM – licenseHarvest

During a recent Nexus 5k upgrade task Layer3 features were preventing non-disruptive ISSU’s from taking place. It became apparent that some N5Ks had unused features/ applications installed and the licenses deployed across the estate were unknown. So I wrote a Python APIC-EM script to audit and download this information.

The script has the following flow/ logic:

  • Retrieve device IDs from APIC-EM of either all devices or those with the tag ‘licensed’.
  • def get_apic_tag_association(apic, tag_name):
        all_ids = []
        if tag_name is None:
            apicResponse = apic.networkdevice.getAllNetworkDevice()
            apicResponse = apic.tag.getTagsAssociation(tag=tag_name)
        for tag in apicResponse.response:
        return all_ids
  • SSH onto each device in turn and create a object . License information is done by scraping SSH output and creating the relevant license object (, ).
  • def get_license_state(ssh_session, current_device):
        if current_device.platform_type == "IOS":
        elif current_device.platform_type == "IOS-XE":
            output_lic_rtu = ssh_session.send_command("sh license right-to-use summary | \ inc Lifetime").splitlines()
            for l in output_lic_rtu:
                ar = l.split()
                license_obj = IOSXELicense(ar)
        elif current_device.platform_type == "NX-OS" :
            output_lic_file = ssh_session.send_command("show license br").splitlines()
            for line in output_lic_file:
                license_obj = NXLicense(line)
                output_lic_file_detail = ssh_session.send_command("show license file \ {0}".format(line)).splitlines()
                for l in output_lic_file_detail:
                    if l.find("INCREMENT") != -1:
                        license_feature = NXLicenseFeature(l.split()[1])
                        output_lic_feature = ssh_session.send_command("show license usage \ {0}".format(license_feature.feature_name))
                        if len(output_lic_feature) > 0:
                            license_feature.applications = output_lic_feature.splitlines()[2:-1]

    If a device is found to have licenses installed copy them to an FTP server and mark the device in APIC-EM with the tag ‘licensed’. NX-OS has commands for backing up licenses whereas IOS-XE does not, it also has interactive prompts during the copy command.

    def apply_apic_device_tag(apic, device, tag_id):
        apic.tag.addTagToResource(tagDto={"id": tag_id, "resourceId": device.id, "resourceType": \    "network-device"})

    Finally write the text representation of all the objects and store them on the FTP server.

        with open("temp.txt", "w") as text_file:
        ftp_session.storlines("STOR device_details.txt", open("temp.txt", "br"))
    The latest version of the script can be found here:


    Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out /  Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out /  Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out /  Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out /  Change )


    Connecting to %s

    Blog at WordPress.com.

    Up ↑

    %d bloggers like this: