Cisco Blogs

Cisco Blog > TechWiseTV

Open NX-OS featured on TechWiseTV

Only on TechWiseTV

Only on TechWiseTV

This is the first in a multi-part series where we cover ‘programmability’ for networking.  The idea is to fully review the programming options now available inside the Nexus switches, (3000, 9000).  This first episode covers new access with Linux tools, NX-API and more. Further shows will be diving into the details around Object Models and orchestration partners.

The primary point for any of these is to understand how Cisco Open NX-OS extensibility exposes greater programmability and automation capabilities.  It is fascinating and full of new learning opportunities.  It does not come without a few career questions of course…usually, something along the lines of: do network engineers need to become programmers now too?  

Two answers:  Yes.  It depends.

Networking knowledge and skill should not be undersold here.  Programming capabilities should be additive.  They are useful in just about any tech career and obviously affecting the networking space.  I think it’s foolish to ever quit learning but it does depend on your aspirations, your current level of satisfaction and perhaps how narrowly defined your skill set might be.

Full disclosure: I am not a programmer. I have been learning the fundamentals of python and a few others as I work on this series but I am not hire-able for this skill by any means. But the distinct feeling I get, and the feedback I hear from you guys: its not that hard.  You are probably well versed in scripting for various CLI operations…take it up a few notches and work on some of these ‘readable’ languages that will have similar syntax.  This will give you the ability to judge the appeal of what we are offering with ACI and other solutions much more credibly…and I guarantee you will find ways to get rid of redundant crap and stupid errors you may be fighting with yourself or your team.


Live, interactive, never dull.

September 21, 2015

Programmable networks will forever change the way you manage infrastructure enabling you to dramatically accelerate configuration and deployment of your network, automate time consuming manual tasks, and allocate IT resources far more efficiently.  Are you ready for the revolution?  

Discover how to create a programmable network as we discuss and demonstrate the NX-API and NX-API REST (Object Model) in detail. Understand how Cisco Open NX-OS extensibility exposes greater programmability and automation capabilities that eliminate costly manual errors.

– You can sign up at the workshop tab when the date gets a bit closer,


Nicolas Delecroix in the TechWiseTV Lab

Nicolas Delecroix in the TechWiseTV Lab

TechWiseTV 176: Open NX-OS: Programmability


Two great experts on this episode.

Six Key Points: What OPEN means for NX-OS

Six Key Points: What OPEN means for NX-OS

Shane Corban shares Six Key Points: What OPEN means for NX-OS

Changes made across the software stack to address Extensibility, Openness, Programmability.

  1. Auto Deployment (Bootstrap and Provisioning)
    • Added support for PXE server, operationalize NX-OS software to match an existing server environment
  2. Extensibility – how we package software
    • We did not use to expose much beyond a bash shell
    • Now you can install native RPM’s, and third party applications running processes as they would on a Linux server
  3. Open Interfaces
    • We are now adding support to leverage Linux like tools for debugging, configuration and troubleshooting…manipulate those front panel ports as native Linux interfaces within our switch software stack.
  4. Application Integration (Adaptable SDK)
    • Published an SDK, a build environment that you can install on any Linux server, download the build agent, and put your source into that directory structure and build into an RPM for installation and run it natively.
    • Build your own custom automation apps, monitoring agents, and have them run natively on our platform
  5. Programmability Tool Choice
    • Sandbox
    • We have a native Python shell today that has a Native Cisco Library that you can utilize for automation
    • NX-API – the ability to embed CLI commands and structured data (JSON, XML) for execution on the switch via HTTP/HTTPS Interface to get back structured data back on show commands.
  6. Management Tools
    • Support for Chef and Puppet
    • Agents will be publicly available on the enterprise sites
    • Support for Open Stack, Neutron

NX-OS is now more modular, more open, more capable of third party integration providing a  wide variety of programmability choices ideal for Dev-Ops environments.  

Five case study examples

Five case study examples

Nicolas provides five case study examples. 

  1. Checking Software Version
  2. Using Python script with NXAPI and JSON to pull version numbers
  3. Python script to query multiple switches to check compliance against a specific version
  4. VLAN Provisioning
  5. Checking for proper VLAN provisioning

Special thanks behind the scenes to Rami Rammaha and Mark Jackson


More Reading:

Cisco Nexus 9000 Programmability Guide

Matt Oswalt is a great writer. You should follow his blog: Keeping it Classless.   I enjoy his angles on things.  Read up on his blog entry: Evolution of Network Programmability, Nexus 9000 NX-API,NX-API Update.

Some Learning Basics:

What do you think still needs to be covered?  I would love any thoughts on how the rest of this series should be shaped.  Leave your comments below and just to make sure…tag me on twitter.  We are diving into Object Models (taping next week) and then some angle with the Orchestration Partners.   Case in point: Puppet Labs is making available today a native Puppet NX-OS agent and Cisco Puppet Module.

Let me know!


Tags: , , , , , , , , , , , ,

Three Things I Learned at the OpenStack Summit – Day Two

  1. Your love of OpenStack is not enough.

You’ve had your “Aha moment.” You get the OpenStack value proposition. You’ve listened to other customers talk about their success with it. You can see the problems it’s going to solve for your organization. You are all in.

But it’s not enough. Just know that. Even if you’re the decider-in-chief, and you can make the call to start an OpenStack initiative at your company tomorrow, you’ve got another, bigger job on your hands, and that’s changing your company culture.

So say the panelists that were speaking at a Cisco-sponsored session yesterday about their experiences with OpenStack. They agreed unanimously that the technology is not the challenge when deploying an OpenStack-based private cloud. It’s changing the company culture. Giving developers more freedom and trusting them to do great things (which a proper cloud will in fact enable them to do), vs. controlling them tightly in a traditional IT environment. It’s embracing the “Fail fast, fail small, fail often,” model that allows for quick learning and innovation.

One panelist said, “The technology is there. It works. It’s easy to use. But changing how people use it is the hard part.” Another pointed out that it’s even harder if you’re in an established (non-startup) company with yearly CapEx cycles and capacity planning. “It’s difficult to get groups to buy in on an OpEx model and move away from their established processes,” he said, with a look that suggested he’s been down that road. A third mentioned “dragging them kicking and screaming” as part of his strategy to get his company there.

Read More »

Tags: , ,

Introducing the ACI Toolkit

Cisco, in its quest to embrace programmability, has created what is called the ACI Toolkit, which is basically a combination of an NX-OS like CLI and some custom python scripts. Although this toolkit doesn’t allow you to do all configurations within ACI, it can be used to create and show the common configuration and administrative actions that may be used daily. It’s also great for someone who is just starting to migrate to a more programmatic way of doing things, as it’s easily understandable to folks used to common networking commands.

If you’re not familiar with ACI, check out this short video to get a brief understanding of some of the basic constructs used and for a deeper dive go to These concepts will help you to understand some of the configuration options available with the ACI Toolkit.

ACI - Toolkit

The toolkit’s python libraries are all available on and it’s fairly simple to access. All you need to do is open a terminal window on your computer and enter the following command:

git clone

This command will download the necessary libraries to use the ACI Toolkit syntax. Then to run CLI commands from your APIC type:

python -l admin -p password -u https://APIC_IP

This will connect you to your APIC so you may run commands that will help you build your application network profiles as shown in the three tier application in the picture above. We can do things such as switching tenants, creating contexts, creating bridge domains, and creating end point groups (EPGs).

Here are some examples of the common commands we might use to create these logical objects.

Switch to a tenant configuration mode:

  • fabric# switchto tenant <tenant-name>
  • fabric-tenant# switchback

Create a Context and don’t enforce contracts on it:

  • fabric-tenant(config)# [no] context <context-name>
  • fabric-tenant(config-ctx)# [no] allow-all

Create a bridge domain and assign it to a context:

  • fabric-tenant(config)# [no] bridgedomain <bd-name>
  • fabric-tenant(config-bd)# [no] context <context-name>

Create a subnet under the bridge domain:

  • fabric-tenant(config-bd)# [no] ip address <ip-address>/<masklength> [name <subnet-name>]


As you can see from these examples the syntax will be very familiar to network engineers. We can also use the ACI Toolkit combined with the Python SDK to actually script these things. It makes scripting a little easier because we’re again using simpler syntax. Below is an example of configuring a tenant using Python in conjunction with the toolkit:

from acitoolkit import *

from credentials import *

tenant = Tenant (‘Customer1’)

context = Context (‘customer1-router’, tenant)

bd = BridgeDomain(‘BD1’, tenant)



app = AppProfile(‘web-and-ordering’, tenant)

vlan10 = EPG(‘VLAN10’, app )


vlan20 = EPG(‘VLAN20’, app )


Currently the ACI Toolkit may not be used to create service graphs, VMM Domains, SPAN, Atomic Counters, and or to see most telemetry and health score information. However, the toolkit still gives us a lot to work with and automate as far as basic configurations go. For more information please see the guide found here (

Tags: , , ,

Engineers Unplugged S6|Ep4: onePK

In this week’s episode of Engineers Unplugged, we welcome for the first time (and not the last) guest host Janel Kratky (follow her @jlkratky)! She’s hosting Jason Pfeifer and Glue Network’s Gregg Wyant as they discuss onePK and how to apply it to the real world. You don’t want to miss this one, it ends with a Glunicorn.

If you would like to become Internet Famous, and strut your unicorn talents, join us for our next filming session at VMworld 2014. Tweet me for details!

This is Engineers Unplugged, where technologists talk to each other the way they know best, with a whiteboard. The rules are simple:

  1. Episodes will publish weekly (or as close to it as we can manage)
  2. Subscribe to the podcast here:
  3. Follow the #engineersunplugged conversation on Twitter
  4. Submit ideas for episodes or volunteer to appear by Tweeting to @CommsNinja
  5. Practice drawing unicorns

Join the behind the scenes by liking Engineers Unplugged on Facebook.

Tags: , , , , ,

The Napkin Dialogues: Nexus Programmability, Part II

When last we left our hero, he (that is, me, or I) was getting a crash course in Nexus programmability and trying to understand what all of this stuff meant. I had plied Jim* with beer in order to get him to explain to me – using the available napkins in the bar – what the technology was, what it meant, and why I should care. Read More »

Tags: , , , , , ,