cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4184
Views
0
Helpful
2
Comments
amoherek
Cisco Employee
Cisco Employee

Created by Jason Gmitter

ACI programmability is rightfully getting a lot of attention lately due to its robust GUI and a RESTful API that supports both JSON and XML. ACI 's RESTful API will drastically help reduce the time it takes to deploy new network policy, update existing policy and deprovision policy for a new or existing application. Therefore, as a network engineer with 15 years in the industry and mostly only touching a CLI, I started to ask whether I should learn the GUI or learn how to leverage the RESTful API to reduce provisioning and deprovisioning times. I decided to invest my time in learning how best to take advantage of this rich API. However, I did recognize the ACI GUI is great for creating best practice configurations and verifying and testing them; but, leverage the API to automate the configurations best practices I created from the GUI for any new add, moves, changes or deletions.

I started researching the tools Cisco currently makes available to help a CLI jockey learn how to use this API. Onhttps://github.com/datacenter, I came across Arya, CobraSDK and ACIToolKit as popular tools to program ACI. Which one should I learn first?

Arya (https://github.com/datacenter/ACI/tree/master/arya) is a code generator. It essentially allows me to save APIC objects in XML or JSON format that I created in the GUI and convert them into ACI Python SDK code, where I can automate and deploy configurations in seconds. For example, I can take JSON or XML from APIC Visor, the API Inspector or a REST query, and generate Python source code to build a full configuration in seconds. There are some caveats: Arya doesn't validate configurations or perform advanced lookup logic, but it's a great way to create code from JSON or XML objects or classes that already exist. I view it as a great tool to help with creating great code with the Cobra SDK. But I wasn't ready to create code yet.

Next, I looked at the Cobra ACI Python SDK (https://github.com/datacenter/cobra). Cobra has an all-inclusive ACI object model implemented that can essentially do everything to configure an ACI fabric. It not only has a Python library that provides native bindings for all the REST functions but also a complete copy of the object model, which means data integrity can be ensured. This is important as it validates the configuration before executing it on APIC. The Cobra SDK provides methods for performing lookups or queries and object creation, modification and deletion that match the REST methods used by the GUI. What's cool is that I can take policy built in the GUI and use it as a programming template to build new code for super fast deployments for other tenants and their applications. Here's a link to the Cobra API documentation (http://cobra.readthedocs.org/en/latest/). Although I felt I wasn't quite ready for Cobra, I knew I would want to come back and learn how to use this SDK. If new to Python here is a great place to start:
http://www.pythonlearn.com/
https://docs.python.org/2/tutorial/index.html
http://www.learnpython.org/
https://developers.google.com/edu/python/

Ultimately, I decided to learn the ACIToolkit first https://github.com/datacenter/acitoolkit.

The ACIToolkit is very use-case oriented; for example, it knows how to build an EPG, but doesn't know how to manipulate all of the underlying objects and class inheritances. The ACIToolkit also provides an NXOS like CLI for ACI; therefore, I can leverage some of my CLI skills. Here is an example of some of the CLI available to configure ACI: https://github.com/datacenter/acitoolkit/blob/master/applications/cli/clicommands.txt

Take a look at a sample ACIToolkit script for building out a simple tenant and the application network profile to support a new application deployment at https://github.com/datacenter/acitoolkit/blob/master/samples/aci_demo_contract.py. I don't need to ssh or telnet to a number of switches to build this configuration, but instead I leveraged a single API where APIC distributes the policy to the fabric. You can imagine you can easily further customize this script to deploy for other applications.

If you want to evolve past the CLI samples and dive into Python, take a look at an example that leverages a simple Python script to create a tenant with a single EPG and assign it statically to 2 interfaces: http://goo.gl/cLTYlR

You can find a list of other ACIToolkit Python applications you can start to use athttps://github.com/datacenter/acitoolkit/tree/master/applications. One of my favorites is the end point tracker. It allows me to search for a mac address or IP address anywhere within the fabric. I can sort by Tenant, Application Network Profile, or by EPG. It's extremely flexible to have a single interface to configure, monitor, audit and troubleshoot the fabric.

Lastly, you can find additional examples that allow you to build out the fabric or query information from the fabric leveraging ACITookit python scripts at https://github.com/datacenter/acitoolkit/tree/master/samples. The ACIToolkit is a great way to start to evolve from what I know with CLI, move onto python scripts, and get me ready to dive into learning the ACI Python SDK next (Cobra).

In summary, I chose to start with ACIToolkit because I wanted something easy to learn.

Start here and go through the documentation: http://acitoolkit.readthedocs.org/en/latest/and let me know what you think.

You can install the ACIToolkit as a VM, Docker image or just git clone and run natively on your PC or MAC.
https://cisco.app.box.com/s/j0jlkl3b1m7yj6oqm3e5yazesfkiicsh
https://registry.hub.docker.com/u/dockercisco/acitoolkit/
https://registry.hub.docker.com/u/dockercisco/aci/

To get you started, I provided a short video to show you where to get started and a few sample demonstrations. Enjoy!

For clearer video:

2 Comments
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: