A drift is identified if you modify the MD5 password through SLX, CLI command, or other management tool.
A reconcile operation pushes the intended configuration to SLX, so bringing the SLX configuration in-sync with EFA.
Note
A reconcile operation only configures the MD5 password on the device back to its original value (pre-drift) but does not clear the session and the state is not verified after the password is configured.| Field | Identity Drift | Reconcile Configuration | Idempotency |
|---|---|---|---|
md5-password |
Yes | Yes | Yes* |
* There are some caveats to idempotency. The Fabric service does not store the plain
text password you provide once the fabric is configured. It stores the encrypted
string of the user provided password, matching with the encrypted string available
on the SLX device. So, setting the same original md5-password after the
fabric is configured results in devices going into cfg-refreshed state. For the
operation to be idempotent, once the fabric is configured, the encrypted string
should be provided as the md5-password and not the original plain text password.
While the devices are in fabric setting refreshed state (meaning, fabric setting MD5 password has been updated but the fabric is not yet reconfigured), since the new password has not been configured on the devices yet, the previously configured md5 password is used for drift detection.