Overview - cisco.com · Overview •ProgrammabilityOverview,onpage1 •StandardNetworkManageabilityFeatures,onpage2 •AdvancedAutomationFeature,onpage2 •ProgrammabilitySupport,onpage4

Overview

• Programmability Overview, on page 1• Standard Network Manageability Features, on page 2• Advanced Automation Feature, on page 2• Programmability Support, on page 4

Programmability OverviewThe Cisco NX-OS software running on the Cisco Nexus 9000 Series devices is as follows:

• Resilient

Provides critical business-class availability.

• Modular

Has extensions that accommodate business needs.

• Highly Programmatic

Allows for rapid automation and orchestration through Application Programming Interfaces (APIs).

• Secure

Protects and preserves data and operations.

• Flexible

Integrates and enables new technologies.

• Scalable

Accommodates and grows with the business and its requirements.

• Easy to use

Reduces the amount of learning required, simplifies deployment, and provides ease of manageability.

With the Cisco NX-OS operating system, the device functions in the unified fabric mode to provide networkconnectivity with programmatic automation functions.

Cisco NX-OS contains Open Source Software (OSS) and commercial technologies that provide automation,orchestration, programmability, monitoring, and compliance support.

Overview1

For more information on Open NX-OS, see https://developer.cisco.com/site/nx-os/.

Standard Network Manageability Features• SNMP (V1, V2, V3)

• Syslog

• RMON

• NETCONF

• CLI and CLI scripting

Advanced Automation FeatureThe enhanced Cisco NX-OS on the device supports automation. The platform includes support for Power OnAuto Provisioning (POAP).

The enhanced Cisco NX-OS on the device supports automation. The platform includes the following featuresthat support automation:

• Power On Auto Provisioning (POAP) support

• Chef and Puppet integration

• OpenStack integration

• OpenDayLight integration and OpenFlow support

Power On Auto Provisioning SupportPower On Auto Provisioning (POAP) automates the process of installing and upgrading software images andinstalling configuration files on Cisco Nexus devices that are being deployed in the network for the first time.It reduces the manual tasks that are required to scale the network capacity.

When a Cisco Nexus device with the POAP feature boots and does not find the startup configuration, thedevice enters POAPmode. It locates a DHCP server and bootstraps itself with its interface IP address, gateway,and DNS server IP addresses. The device obtains the IP address of a TFTP server or the URL of an HTTPserver and downloads a configuration script that enables the device to download and install the appropriatesoftware image and configuration file.

Chef and Puppet IntegrationChef and Puppet are two intent-based infrastructure automation frameworks.

Chef allows you to define your intent with a recipe. A recipe is a reusable set of configuration or managementtasks. Chef allows the recipe to be deployed on numerous devices. When deployed on a Nexus 9000, a recipetranslates into a network configuration or a set of commands for gathering statistics and analytics information.A recipe provides a way for automated configuration and management of a Nexus 9000 switch.

Overview2

OverviewStandard Network Manageability Features

Puppet provides a similar intent definition construct that is called a manifest. When deployed on a Nexus9000 switch, a manifest translates into a network configuration or a set of commands for gathering informationfrom the switch.

The Cisco Nexus 9000 switch supports both the Puppet and Chef frameworks. The Puppet client and the Chefclient are both integrated into the enhanced NX-OS on the Nexus 9000 switch.

OpenStack IntegrationThe Cisco Nexus 9000 Series devices support the Cisco Nexus plug-in for OpenStack Networking, also knownas Neutron (http://www.cisco.com/web/solutions/openstack/index.html). The plug-in allows you to build aninfrastructure as a service (IaaS) network and to deploy a cloud network. With OpenStack, you can build anon-demand, self-service, multitenant computing infrastructure. However, implementing OpenStack's VLANnetworking model across virtual and physical infrastructures can be difficult.

The OpenStack Networking extensible architecture supports plug-ins to configure networks directly. However,when you choose a network plug-in, only the target technology of that plug-in is configured. When you arerunning OpenStack clusters across multiple hosts with VLANs, a typical plug-in configures either the virtualnetwork infrastructure or the physical network, but not both.

The Cisco Nexus plug-in solves this difficult problem by including support for configuring both the physicaland virtual networking infrastructure.

The Cisco Nexus plug-in accepts OpenStack Networking API calls and uses the Network ConfigurationProtocol (NETCONF) by default or the RESTAPI to configure Cisco Nexus devices and Open vSwitch (OVS)that runs on the hypervisor. The Cisco Nexus plug-in configures VLANs on both the physical and virtualnetwork. It also allocates scarce VLAN IDs by deprovisioning them when they are no longer needed andreassigning them to new tenants whenever possible. VLANs are configured so that virtual machines that runon different virtualization (compute) hosts that belong to the same tenant network transparently communicatethrough the physical network. In addition, connectivity from the compute hosts to the physical network istrunked to allow traffic only from the VLANs that are configured on the host by the virtual switch.

We recommend configuring the REST API driver. For more configuration details, go to:

http://docwiki.cisco.com/wiki/Neutron_ML2_Driver_For_Cisco_Nexus_Devices_Ocata_Release

Note

The following table lists the features of the Cisco Nexus plug-in for OpenStack Networking:

Table 1: Summary of Cisco Nexus Plug-In Features for OpenStack Networking (Neutron)

Cisco Nexus Plug-InDescriptionConsiderations

Accepts networking API calls andconfigures both physical and virtualswitches.

VLANsmust be configured on bothphysical and virtual networks.OpenStack Networking supportsonly a single plug-in at a time. Youmust choose which parts of thenetworks to manually configure.

Extension of tenant VLANs acrossvirtualization hosts

Overview3

OverviewOpenStack Integration

Cisco Nexus Plug-InDescriptionConsiderations

Efficiently uses limited VLAN IDsby provisioning and deprovisioningVLANs across switches as tenantnetworks are created and destroyed.

Static provisioning of VLAN IDson every switch rapidly consumesall available VLAN IDs. This limitsscalability and makes the networkvulnerable to broadcast storms.

Efficient use of scarce VLAN IDs

Dynamically provisionstenant-network-specific VLANs onswitch ports that are connected tovirtualization hosts through theNexus plug-in driver.

You must statically provision allavailable VLANs on all physicalswitches. This process is manualand error prone.

Easy configuration of tenantVLANs in a top-of-rack (ToR)switch

Configures switch ports that areconnected to virtualization hostsonly for the VLANs thatcorrespond to the networksconfigured on the host. This featureenables accurate port and VLANassociations.

Switch ports that are connected tovirtualization hosts are configuredto handle all VLANs. Hardwarelimits are reached quickly.

Intelligent assignment of VLANIDs

Supports Cisco Nexus 2000 SeriesFabric Extenders to enable large,multirack deployments andeliminates the need for anaggregation switch VLANconfiguration.

When compute hosts run in severalracks, you must fully meshtop-of-rack switches or manuallytrunk aggregation switches.

Aggregation switch VLANconfiguration for large multirackdeployments.

OpenDayLight Integration and OpenFlow SupportCisco Nexus 9000 switches support integration with the open source OpenDayLight project. OpenDayLighthelps meet some of the requirements of operators and application developers for infrastructure:

• Real-time orchestration and operation of integrated virtual compute, application, and network.

• Simple interface to the network. An underlying detail such as a router, switch, or topology can be madeabstract and more simple.

For OpenDayLight orchestration of CiscoNexus 9000 switches, support is also available for other programmaticinterfaces, such as NETCONF, that OpenDaylight can use in the southbound flow.

Cisco Nexus 9000 switches also support OpenFlow to enable use cases such as network TAP aggregation.

Programmability SupportCisco NX-OS on Cisco Nexus 9000 devices support several capabilities to aid programmability.

Overview4

OverviewOpenDayLight Integration and OpenFlow Support

NX-API SupportCisco NX-API allows for HTTP-based programmatic access to the Cisco Nexus 9000 platform. This supportis delivered by NX-API, an open source webserver. NX-API provides the configuration and managementcapabilities of the Cisco NX-OS CLI with web-based APIs. The device can be set to publish the output of theAPI calls in XML or JSON format. This API enables rapid development on the Cisco Nexus 9000 platform.

Python ScriptingCisco Nexus 9000 devices support Python v2.7.5 in both interactive and noninteractive (script) modes.

The Python scripting capability on the devices provides programmatic access to the switch CLI to performvarious tasks, and to Power-On Auto Provisioning (POAP) and Embedded Event Manager (EEM) actions.Responses to Python calls that invoke the Cisco NX-OS CLI return text or JSON output.

The Python interpreter is included in the Cisco NX-OS software.

Tcl ScriptingCisco Nexus 9000 Series devices support Tcl (Tool Command Language). Tcl is a scripting language thatenables greater flexibility with CLI commands on the switch. You can use Tcl to extract certain values in theoutput of a show command, perform switch configurations, run Cisco NX-OS commands in a loop, or defineEEM policies in a script.

Broadcom ShellThe Cisco Nexus 9000 Series device front panel and fabric module line cards contain Broadcom NetworkForwarding Engine (NFE). You can access the Broadcom command-line shell (bcm-shell) from these NFEs.

BashCisco Nexus 9000 devices support direct Bourne-Again Shell (Bash) access. With Bash, you can access theunderlying Linux system on the device and manage the system.

Bash Shell Access and Linux Container SupportThe Cisco Nexus 9000 switches support direct Linux shell access and Linux containers. With Linux shellaccess, you can access the underlying Linux system on the Nexus 9000 switch and manage the underlyingsystem. You can also use Linux containers to securely install your own software and to enhance the capabilitiesof the Nexus 9000 switch. For example, you can install bare-metal provisioning tools like Cobbler on a Nexus9000 device to enable automatic provisioning of bare-metal servers from the top-of-rack switch.

Guest ShellThe Cisco Nexus 9000 Series devices support a guest shell that provides Bash access into a Linux executionspace on the host system that is decoupled from the host Cisco Nexus 9000 NX-OS software. With the guestshell, you can add software packages and update libraries as neededwithout impacting the host system software.

Overview5

OverviewNX-API Support

Container Tracker SupportCisco NX-OS is configured to communicate with the Kubernetes API Server to understand the capabilitiesof the containers behind a given switch port.

The following commands communicate with the Kubernetes API Server:

• The show containers kubernetes command obtains data from kube-apiserver using API calls overHTTP.

• The kubernetes watch resource command uses a daemon to subscribe to requested resources and processstreaming data from kube-apiserver.

• The action assigned in the watch command is performed on pre-defined triggers. (For example, Add orDelete of a Pod.)

Overview6

OverviewContainer Tracker Support