Having recently read the Cisco Press book on network Programming and Automation and as part of my NP-DEV studies, scripting on the Nexus platform was not something I had attempted. As with learning anything it always helps to have an actual use case, otherwise you end up stuck in mindless versions of helloworld!
Finally one arrived in the a forum port on the Cisco Support Community.
- Log onto a series of Nexus chassis
- Check status of interfaces, looking interfaces in a ‘notconnected’ state
- Place these interfaces into a non-routable VLAN, and shutdown the interface
For the Nexus 5596UP which I am working on, you will need at least version 7.2(0)N1(1) of NX-OS installed.
Configuring the NX-API on the switch is blissfully easy, and the options are fairly sparse:
! feature nxapi nxapi https port 8080 !
It is worth noting that once enabled, the nxapi service listens on all Layer3 interfaces configured on the Nexus. This is where the lack of nxapi commands, not even a vrf one, falls short of the mark. Configure ACLs to secure this as required.
The nxapi also has a sandbox feature which provides a webGUI showing how to construct REST messages in various formats containing cli commands of your own specification, and also the returned response containing live data.
This is enabled with the following command:
! nxapi sandbox !
The python script can be summarised:
- Iterates of a list of IP addresses, calling the method create_config_commands() on each one.
- This builds a payload data structure of the format shown in the sandbox screenshot above. The Request.response is iterated through looking for matches of the “state” key value.
- A string config_commands is then constructed, appending each matched interface.
- config_commands is then used in another nxapi POST call, this time of type “cli_conf“, to apply the config to the target switch.
The full source code can be found here: