Thanks to everyone who joined SDxCentral for its latest DemoFriday featuring Cisco on optimizing network programmability. This event shows how to leverage the power of Object Model/NX-API REST used in ACI and of the Cisco NX-OS to provide an advanced framework for network control and achieve true network programmability. As a result, organizations can accelerate the DevOps model approach and respond more quickly to business demands. After the network programmability demo, Ranga and the Cisco team took questions from the audience. Read the whole Q&A from the Cisco DemoFriday on network programmability below.
Can I say object is a set of CLIs for particular user operations or use cases?
Cisco: Object is not a set for CLIs. It is a set of attributes in XML/JSON for a particular switch process. It’s not a specific CLI.
Can there be a sequence of objects to achieve some particular operation? If yes, in that case, users need to be aware of this, but at higher level. Correct?
Cisco: You can send all attributes you want to apply using a single REST call to the object store by specifying the DN of the object, at whatever granularity you choose.
Is the login process cleartext and over HTTP?
Cisco: We support HTTP and HTTPS. Access to all network objects is authenticated, encrypted, and authorized with AAA (TACACS and RADIUS).
Can I configure SFLOW using REST?
Cisco: You can currently configure SFLOW using NX-API CLI, not NX-API REST.
Speaking of the NX-API, will it work with any controller or the Cisco controller only?
Cisco: This is independent of controllers. This capability is embedded in NX-OS.
Do you use both XML and JSON? Can you use both dialects?
Cisco: Today our NX-API REST implementation uses JSON input/output.
What is the mode of connection that REST is using to interact with the switch?
Cisco: HTTP/HTTPS. Access to all network objects is authenticated, encrypted and authorized with AAA (Tacacs and Radius).
Can user construct the object from a working configuration queried from GET operation? Is there any other easy way to construct the object?
Cisco: If you do a GET on a particular object, you can edit the schema and then POST whatever changes you want to make to the object in a subsequent REST POST request.
How about MIB related CLIs? Specifically looking for IFMIB.
Cisco: MIBs are typically accessed via SNMP. We support SNMP on the switch as well.
Where can we find a list of the defined distinguished names that are available for use?
Why not use NetConf/YANG for all types of configurations and management?
Cisco: YANG is something we’re looking at for a subsequent software release.
I read that access to NX-API is only through Nexus’ dedicated management interfaces. Is that true?
Cisco: NX-API CLI and NX-API REST both will typically connect using the management interface on the switch.
Is there a publicly available demo environment that I can get my hands on without buying Nexus 9000?
Cisco: We have a virtual N9K OVA you could utilize for testing of your automation, it’s available today by requesting access from your Cisco account manager.
Do you have to subscribe for each individual object to get notifications? Just thinking to what extent this can replace SNMP traps.
Cisco: It could potentially be architected to replace SNMP notifications.
Cisco: We support OpenFlow on Nexus 9000 in 7.0(3)I2(1). Please refer to release notes of that release for further specifics on support.
Will the web socket client login time out at some point?
Cisco: Yes it will, but you can use a refresh thread to solve this.
Is there any specific configuration required on 9000 to be able to use REST client against it?
Cisco: No REST access is enabled in our code by default. 7.0(3)I2(1) is the NX-OS version to install to get the Open NX-OS capabilities.
Where to get the Nexus 9000 OVA?
Cisco: Please request access via your Cisco Account Manager and we will provide access for testing.
What is Ignite?
Cisco: Ignite is an open source tool to enable you to operationalize POAP and bootstrap your network in a more seamless fashion.
What percentage/functionality of CLI is REST based?
When should I use NX-API CLI vs. NX-API REST?
Cisco: If the switch process doesn’t support NX-API REST, then NX-API CLI can be used for automation of that function.
What objects are supported today?
Cisco: We have a list of objects supported today. Please refer to theprogrammability guide.
Can customers contribute to GitHub?
Cisco: Yes, and we encourage contribution from customers.
What advantage does the publish/subscribe model of NX-API REST give us?
Cisco: Redundant switch polling in automation, switch can send you event updates only when an event actually occurs.