Robert Krohn is Cisco vice president of the Open Networking Environment (ONE) and embedded manageability organization in the Network Operating Systems Technology Group. He leads development efforts for onePK (ONE Platform Kit), which recently became generally available.
Congratulations on reaching general availability with onePK. It’s been in limited release for a while, so there is a lot of curiosity around it. Let’s start with a quick overview of what onePK does.
Krohn: The purpose of onePK is to provide a broad offering of APIs for network device programmability and configuration automation. OnePK makes SDKs (software development kits), automation, and a rich set of APIs generally available. We’re building stacks of software on top of Cisco devices, and onePK is the pervasive API behind them.
Now that we’ve gone general availability with onePK, it’s supported on a number of platforms, and we’re going to keep rolling it out across more. Anyone can download it and play with it. We also deliver an all-in-one virtual machine that allows developers to try out APIs within a VM [virtual machine] using a network simulator. We’re trying to reduce the friction for developers to come and innovate with our APIs.
In fact, one very important element to onePK is the community we are building around this effort. We have a dedicated website called DevNet that has one-stop shopping for developers. It has documentation, SDKs, the virtual machine, and an informed community to get questions answered in minutes or hours. You just need to register, and you’re off and running.
What kind of applications or use cases have you seen for onePK?
Krohn: There are two main buckets of programmability: One is around extending capabilities of devices; the other includes things like configuration and operations. OnePK has functionality for automating the second bucket, but it’s focused on the first one because that’s where we can really leverage SDN to make the network more powerful.
For example, let’s say someone wants to create their own specialized routing protocol, or segment the network in a certain way based on metrics or qualities in another part of the network. They can customize routing protocols to segment and apply policies based on what they know and push them out into the network.
Another way to extend device capability is manipulating packets themselves. Say you want to create our own encryption mechanism. You now can get the payload, manipulate it, and put it back into the device. Or let’s say you have a complicated payload and an existing set of networking gear that is very difficult to replace. It may have software that can’t be upgraded but needs to talk to another part of the system. Now you can use onePK to modify that to bring it inline to talk to more modern systems. There are protocols, believe it or not, that we don’t support and onePK provides the ability to extend the devices to support those.
On the automation side, onePK helps automate tasks that have been historically difficult to do with broad range of different commands such CLI, show commands, SNMP, etc. OnePK is not intended to replace the configuration commands of the device, but it provides mechanisms to do that with automation.
Some real examples that our partners have demonstrated recently include:
- Using OnePK to provide network visibility and enable transaction routing
- Improving query performance in Big Data
- IT automation to manage dynamic infrastructure
You recently had a contest which I’ve heard referenced as an “inverse-hackathon”. What kinds of entries did you see, and what was the winning application?
Stay tuned for the winner. Essentially, we’ve encouraged developers and customers to submit suggestions for onePK use case ideas and we, Cisco, will select a favorite or “winner.” Then, after we code the idea, it will be featured in the Developer Kiosk, which is part of the Cisco ACI Booth in our World of Solutions, Cisco Campus area. The winner will get a free CiscoLive pass and have access to classes, keynotes and, of course, the Customer Appreciation Event. We have a website with all of the details.
If I write an application with onePK, where does it live in the network?
Krohn: The application you write can sit inside the box, on a blade in the box, or outside the box. It could be a controller talking to the device via onePK, or it could be a custom application outside or inside the box. We give developers lots of flexibility and offer language bindings for C, Java, and Python.
We also have plug-ins that sit on top of onePK. OnePK is used as a substrate for other functionalities. OpenFlow, Puppet, Chef, and others can all be built on top of onePK, offering the ability to build a set of functionality that conforms to another standard.
CCIEs and network guys everywhere are wondering how this will affect them. What resources are available to help them get started?
Krohn: We value the networking professionals we work with all over the world. They are a huge asset for customers and for us, and we invest a lot in training those professionals. To that end, we’ve started to create training and certification around programmability. We want to help our body of professionals expand into this space and provide a way to help them learn about it.
The DevNet site is obviously the place to start. As part of it, we have a step-by-step guide on how to set up a small, simulated network with use cases and examples. I have done it myself, which is really saying something. I downloaded the VM, ran the tutorial, and ran the examples myself. It’s not that hard. We’ve made it easy by providing sets of APIs — we call them service sets — to cover the different areas of functionality. There are tutorials on the packet processing service set, the data path service set, etc., available to everyone.
Also, for the first time, we’re going to have a dedicated developer area of CiscoLive called DevNet Zone. The next CiscoLive is coming up soon May 18-22 in San Francisco at Moscone Center, and in addition to the DevNet Zone we have a roster of partners who will demonstrate solutions using onePK that they have brought to market.
Sounds like there’s a lot going on with onePK. What kind of response have you seen to onePK from the market? Are you seeing any momentum behind it?
Krohn: Absolutely. Earlier in the year, when we first started to expose APIs on DevNet under controlled availability, people started to get a sense of the SDK but couldn’t get access to all the pieces of it. We knew we needed to wait on general availability to make sure we got it right, but in the meantime there was pent-up frustration from general network developers because they were banging on the doors and we only let in a small handful. Now that we’ve opened it up, we’re seeing a good response.
At the last three CiscoLives, attendance at presentations and panels on programmability has been surging. We did a Python coding workshop at CiscoLive in Milan, and it was overflowing. More and more people who have historically been working with networks are recognizing this is important.
We use onePK as a platform for our own developers. I always encourage our professional services arm to use onePK to solve the problems they encounter. We handle all the main operating systems for Cisco, and we get asked all the time for this feature or that. If we can do it on top of onePK, that gets us to market faster than trying to put it into an operating system and waiting. It’s another vehicle for solving problems even by our own staff.
Thank you for your time today.
Krohn: Thank you for having me.