onePK – Building Applications and Agents on API’s Across Cisco’s Network OS’s

June 13, 2012 - 1 Comment

Cisco’s OnePK (one Platform Kit) – APIs and the accompanying SDK is finally launching this week at Cisco Live! For myself and a few friends in Cisco, it has been a long journey to this point! Our passion is opening the network operating systems in such a way that customers can collaborate directly in code with the developers of the OSes and the platforms. The greatest challenge was, and still is, crafting a set of consistent and functional APIs covering the breadth of features in our network OSes.

Anyone who knows Cisco networking knows that feature consistency and breadth are all too often not found together. The unique challenge we have had is to achieve consistency without settling for a lowest common denominator approach. Letting platforms show their strengths while still offering a consistent programming model is a great challenge, and one I hope we will live up to.

Software Defined Networking, public networking APIs and abstractions are still in their infancy. Compare where we are today to the rich history of GUI APIs that we can read about here:

Networking APIs today are at a stage analogous to where applications under MS-DOS with proprietary GUIs were in the late 80s, coming up to the 1990s, when mainstream use of the desktop API’s propelled us into a decade of innovation in GUI elements and abstractions. Are we here with Network OSs?

While I do not believe networking will ever have as large a developer community as desktops or smart phones, I am a certain that the next ten years is going to one of exciting growth and innovation for the interface between networks and applications, both in and on the network.

I am very proud of what we are launching this week. We are offering a rich and deep set of APIs with hooks into some of the most important areas of networking, spanning such diverse areas as data path access, control plane control and extension and management functions. At the same time it is humbling to know that this is just the start of the evolution of network APIs, and that in a few years we will all probably look back at these early days and our naive assumptions with a sense of humor and some disbelief.

We have built a system that, while in this release focuses on the core fundamentals of networking and devices, is carefully designed for the extension and evolution we envisage as we move forward. Especially considering the breadth of Cisco’s platforms and features we are allowing a system of extensions and service sets at many layers of abstraction. At the same time there is a consistent basic abstractions of the fundamentals.

An awesome thing about this initial phase is that we have a broad enough set of APIs that can allow customers, partners and Cisco itself to build applications that extend the functionality or modify the behavior of the network dynamically – without having to upgrade the device OS images! This will be a relief to the operations community who often need to recertify full behavior of systems elements for small feature changes.

The days of the monolithic device operating system are coming to an end for Cisco, which should add some much-needed and very welcome agility to our industry. I am eagerly anticipating the day a customer tells me they wrote a feature we should consider adding to the base OS! That is how a community grows.

This week at Cisco live we are showing four great demonstration applications, built on the network API’s.

  • “Routing for Dollars” overrides the routing table with separate routes based on dollar cost weighing. This demonstration is a great example of control plane collaboration. It shows how the API’s can read the current control plane, and then override it selectively for business logic reasons.
  • “MTU monitor” is a demonstration of the eventing system. It detects MTU mismatches on a network and then optionally dynamically fixes the MTU. It is registered for event changes to the MTU and if any changes happen in the network. The application reruns. This demonstration is running prototype images of the API system on all network OS’s with the platforms covering the CRS, ASR9k, ASR1K and ISR.
  • “Custom Crypto” this application show how an application can tap into the data path. Here we dynamically add a program that intercepts all telnet traffic between two devices and does some trivial encryption on it.
  • “RESTfull” this demonstration shows how applications can built their own abstractions and add value in layers above the onePK API’s. The demonstration shows some of our more complicated API’s like the Policy API building and manipulating QoS over HTTP.

We are currently engaged in limited Alpha tests with a number of customers. If you want to hear more or chat directly with us about the system, please contact us at

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Great post Ric and congratulations on finally getting the baby out of the house. I can’t wait to see the uses that people dream up for onePK. This is a remarkable step forward for network and application integration and a huge accomplishment for everyone that worked so hard on it.