You are on page 1of 36

Network Programmability with Cisco

ACI

Devarshi Shah Technical Marketing Engineer, INSBU


DEVNET-2000
Agenda

Introduction
System Overview
ACI REST API
ACI Python SDK
References
ACI API Layers
TEST CLI GUI

REST API

Application
API

Network
API

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
System Access Methods
All access is implemented over the REST API

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Cisco ACI: Object Model
The Object Model and use of definition files
Model based network automation
Objects are hierarchically organized

Distributed Managed Information Tree (dMIT) contains


comprehensive system information
discovered components
system configuration
operational status including statistics and faults

Class identifies object type


Card, Port, Path, EPG

Class Inheritance
Access port is a subclass of port.
Full unified description
A leaf node is a subclass of fabric node.
of entities.

No artificial separation Set of attributes


of configuration, state, identity states descriptions
runtime data.
references lifecycle

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Management Information Tree (MIT)

Objects within APIC are structured in tree-based


hierarchy
Objects referred to as Managed Objects (MO)
Packages identify the functional area
e.g., fv = fabric virtualization, vz = virtual
zones, fabric = physical fabric, etc
Every object has a parent, with exception of
top:Root (top of tree)
Relationships exist between objects

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Uniquely Identified Objects
Distinguished Names
A DN is used as a globally unique identifier for an object in the MIT

Formed by getting relative name (RN) and appending it to parent RN until reaching topRoot

A RN naming property depends on object

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
Cisco ACI: REST API
The REST API exposes the object model
API schema follows Object Model containment

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Supported REST API Methods
Create, read, update and delete

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
REST API: Authentication

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
REST API: Create/Update Operations

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
REST API: READ Operations

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
REST API: Query Target Filters

self children subtree

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
REST API: Subscriptions

With any query API REST client can ask for push notification for any change in the response
Push notification is sent via websocket protocol (RFC 6455)
Example:
GET http://192.0.20.123/api/class/fvTenant.json?subscription=yes

In order to receive the notifications client has to open a websocket


Example using javascript:
var Socket = new WebSocket(http://192.0.20.123/socket<current API session cookie>);

Subscription response:

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Object Store Browsers
Moquery and Visore
admin@apic3:~> cd aci
The APIC CLI provides the ability admin@apic3:aci> ls
APIC has built in object browser
to navigate the MIT and browse admin fabric l4-l7-services system to navigate the object tree and
tenants vm-networking
MOs and MO directories. inspect the state of objects

Point the web browser to Visore:


http://<apic>/visore.html

Search for a particular object or


dn (fvTenant, topSystem,
topology/pod-1/node-101)

The mo file contains the admin@apic1:MyTenant> cat mo


configurable properties of the # tenant

MO. name : MyTenant


description : Created via API code
ownerkey :
ownertag :
monitoring-policy :
epg-address-pool :

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
Postman and Curl
Graphical and command line interface tools for API interaction
www.getpostman.com
Chrome plugin that enables rapid testing of REST
based queries
GET request to
http://apic/api/class/fvTenant.xml will
return the object configuration for all fvTenant classes
GET request to http://apic/api/mo/uni/tn-
common.xml will return the specific object referenced
by DN uni/tn-common as XML
POST request to http://apic/api/mo/uni/.xml
with a payload will create a tenant.
<fvTenant name="test"/>

DELETE request to
http://apic/api/mo/uni/tn-test.xml will
delete tenant test. Deletes tenant and children

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Invoking the API from a Python Program

Using the Python requests module, you can send API messages from a Python program:

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
APIC REST to Python Adapter

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
ACI Python SDK
ACI Python SDK

Cobra is a native Python language binding for APIC REST API


Supports lookups, creations, modifications, deletions
Objects in Cobra are a 1:1 representation of objects in the MIT
As a result, policy created via GUI/JSON/XML can be used as a programming template,
for more rapid development
All data has client side consistency checks performed
Packaged as .egg, install with easy_install

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
ACI Python SDK: Authentication
Define an APIC to
which we will login
import cobra.mit.access
import cobra.mit.session

LoginSession
stores URI and
ls = cobra.mit.session.LoginSession( credentials
'http://apic', 'username', 'password')
md = cobra.mit.access.MoDirectory(ls)
md.login()
Link the
credentials to
the APIC

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
ACI Python SDK: Object Lookup

lookupByDn
uniMo = md.lookupByDn('uni') Look up a restaurant by street address
(find me the restaurant at 1335 N 1st
Street, San Jose, CA)
lookupByClass
uniMo = md.lookupByClass('polUni')
Look up a restaurant by cuisine (find
me any Japanese restaurants)

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
Getting started: Object Creation
Use Visore to
import cobra.model.fabric find the class
# Advice: Dont hardcode Dns.

topMo = md.lookupByDn('uni/controller/nodeidentpol')

leaf1IdentP = cobra.model.fabric.NodeIdentP(

topMo, serial='TEP-1-17', nodeId='17', name='leaf1')

spine1IdentP = cobra.model.fabric.NodeIdentP(

topMo, serial='TEP-1-19', nodeId='19', name='spine1')

Note These objects are created locally only, to save them to the APIC
use a ConfigRequest.

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
Getting started: Committing configuration
Change a hard coded Dn
import cobra.mit.request into a lookupByClass() call
topMo = md.lookupByClass('fabricNodeIdentPol')[0]

# Dn is no longer hard coded.

leaf1IdentP = cobra.model.fabric.NodeIdentP(

topMo, serial='TEP-1-17', nodeId='17', name='leaf1')

spine1IdentP = cobra.model.fabric.NodeIdentP(

topMo, serial='TEP-1-19', nodeId='19', name='spine1')

c = cobra.mit.request.ConfigRequest()

c.addMo(topMo) # Add and commit the most top level object that makes sense

md.commit(c)

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Sample tenant creation with Cobra

from cobra.model.fv import Tenant


from cobra.model.pol import Uni
from cobra.mit.request import ConfigRequest
uniMo = Uni('') # Uni is a static Mo, so we dont need to look it up
t = Tenant(uniMo, 'Tenant1') # We create a tenant as a child of the universe
c = ConfigRequest() # Create a ConfigRequest to contain our new object
c.addMo(t) # Add our tenant to the ConfigRequest
moDir.commit(c) # Commit our configuration request

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
Sample simple three tier app with Cobra

from cobra.model.fv import *


from cobra.model.pol import Uni
uniMo = Uni('')
t = Tenant(uniMo, 'Tenant1')
ap = Ap(t, 'Exchange')
epg1 = AEPg(ap, 'OWA')
epg2 = AEPg(ap, 'FrontEnd')
epg3 = AEPg(ap, 'MailBox')
ep = RsPathAtt(epg1, tDn=topology/pod-1/paths-17/paths-[eth1/1], mode=regular,
encap=vlan-10)
c = ConfigRequest()
c.addMo(t)
moDir.commit(c)
Note Bridge Domain configuration omitted for
brevity. Please see the Cobra SDK or APIC
Configuration Guide for a complete configuration

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
References
Documentation and code examples
Cisco APIC REST API User Guide
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-
x/api/rest/b_APIC_RESTful_API_User_Guide.html

SDK Source Code and Documentation


https://github.com/datacenter/cobra
https://cobra.readthedocs.io

Generic Code examples


https://github.com/datacenter/aci

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
Complete Your Online Session Evaluation
Please complete your Online
Session Evaluations after each
session
Complete 4 Session Evaluations &
the Overall Conference Evaluation
(available from Thursday) to receive
your Cisco Live T-shirt
All surveys can be completed via
the Cisco Live Mobile App or the
Dont forget: Cisco Live sessions will be available
Communication Stations for viewing on-demand after the event at
CiscoLive.com/Online

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
Continue Your Education
Devnet https://developer.cisco.com/site/aci/
Demos in the Cisco campus
Walk-in Self-Paced Labs
Lunch & Learn
Meet the Engineer 1:1 meetings
Related sessions

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Network Programmability Cisco Education Offerings
Course Description Cisco Certification
Integrating Business Applications with Network Learn networking concepts, and how to deploy and troubleshoot Cisco Business Application
Programmability (NIPBA); programmable network architectures with these self-paced courses. Engineer Specialist Certification
Integrating Business Applications with Network
Programmability for Cisco ACI (NPIBAACI)

Developing with Cisco Network Programmability Learn how to build applications for network environments and effectively Cisco Network Programmability
(NPDEV); bridge the gap between IT professionals and software developers. Developer Specialist Certification
Developing with Cisco Network Programmability
for Cisco ACI (NPDEVACI)

Designing with Cisco Network Programmability Learn how to expand your skill set from traditional IT infrastructure to Cisco Network Programmability
(NPDES); application integration through programmability. Design Specialist Certification
Designing with Cisco Network Programmability
for Cisco ACI (NPDESACI)

Implementing Cisco Network Programmability Learn how to implement and troubleshoot open IT infrastructure Cisco Network Programmability
(NPENG); technologies. Engineer Specialist Certification
Implementing Cisco Network Programmability
for Cisco ACI (NPENGACI)

For more details, please visit: http://learningnetwork.cisco.com


Questions? Visit the Learning@Cisco Booth or contact ask-edu-pm-dcv@cisco.com

DEVNET-2000 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
Thank You