Cisco ACI Programmability
As discussed in previous sections, ACI uses an advanced object model that represents network configuration with application-based semantics that can be consumed and posted against using a well-documented REST API. In addition to providing this interface into the object model, ACI also provides a number of access methods to read and manipulate this data, at a variety of levels that will cater to the level of comfort the user has with programming, all of which use open standards and open source.
APIC is very flexible in terms of how it can accept configuration and provide administrative and operable states, in addition to and how it extends that configuration into subordinate components. Two primary categories of interfaces facilitate these functions: the northbound REST API and the southbound programmatic interfaces.
The northbound REST API is responsible for accepting configuration as well as providing access to management functions for the controller. This interface is a crucial component for the GUI and CLI and also provides a touch point for automation tools, provisioning scripts and third-party monitoring and management tools. The REST API is a singular entry point to the fabric for making configuration changes, and as such, it is a critical aspect of the architecture for being able to provide a consistent programmatic experience.
Southbound interfaces on APIC allow for the declarative model of intent to be extended beyond the fabric, into subordinate devices. This is a key aspect to the openness of the ACI fabric, in that policy can be programmed once via APIC and then pushed out to hypervisors, L4–L7 devices, and third-party partner devices such as F5, Citrix Embrane, Palo Alto, A10, Sourcefire, and so on, without the need to individually configure those devices.
OpFlex is designed to allow a data exchange of a set of managed objects defined as part of an informational model. OpFlex itself does not dictate the information model and can be used with any tree-based abstract model in which each node in the tree has a universal resource identifier (URI) associated with it. The protocol is designed to support XML and JSON (as well as the binary encoding used in some scenarios) and to use standard remote procedure call (RPC) mechanisms such as JSON-RPC over TCP.
For northbound and southbound API references and tools, Cisco DevNet offers a single central repository. On this site, you can find learning materials for network programmability basics, APIs, tools, a developer sandbox, sample code on GitHub (which includes scripts and libraries for developers of Cisco ACI), and so on. Also, you can use this site to find communities of interest, get access to support, and find more topics on this subject. You can register for Cisco DevNet at https://developer.cisco.com/.