[c-nsp] Monitoring Nexus 7000 platform
Lincoln Dale
ltd at cisco.com
Fri Aug 14 02:17:19 EDT 2009
On 14/08/2009, at 8:09 AM, Justin C. Darby wrote:
>
> The XML interface is very, very well documented. Each revision of NX-
> OS ships with a new XML spec package to describe the interfaces. You
> can do a lot more than just monitor things with the XML interfaces -
speaking from the cisco side of the fence, the real benefit of Netconf/
XML is that its pretty much anything you can do in CLI config or exec
command wise is available in NetConf/XML "for free". its not like
SNMP where one has to create MIBs and write code especially to
populate the MIBs.
in essence, any output from the switch in CLI can be 'tokenized' into
XML.
so: in essence, the literally thousands of CLI commands can all be
used via CLI or XML, giving you the equivalent of 100% like for like
with CLI. its unlikely that SNMP on any box or platform will never
have parity - ever - just by virtue of the time/effort and resources
required to do so.
> e.g. automate port provisioning tasks in an in-house product/app.
> We're planning to use some of this functionality to integrate switch
> configurations into our inventory system (eventually).
beginning with NX-OS 4.2 we've now also allow some variations on XML
that makes for (easier) script building.
many people like CLI commands for their simplicity - and NX-OS has
always allowed preshared ssh keys to be specified in the configuration
such that you can 'ssh' into the switch without needing a password or
passphrase.[conf t ; username (your_name) sshkey (insert_your_~/.ssh/
identity.pub_here) ]
i.e.
lincoln-dales-macbook:~ lincolndale$ ssh ltd at ltd-n7010-1 "show
module" | head -6
Mod Ports Module-Type Model Status
--- ----- -------------------------------- ------------------
------------
1 48 10/100/1000 Mbps Ethernet Module N7K-M148GT-11 ok
2 32 10 Gbps Ethernet Module N7K-M132XP-12 ok
5 0 Supervisor module-1X N7K-SUP1 ha-
standby
6 0 Supervisor module-1X N7K-SUP1
active *
lincoln-dales-macbook:~ lincolndale$
expanding on this concept, with NX-OS 4.2, we've added a couple of new
things:
1. the ability to specify multiple CLI commands via ssh, e.g.
# remove vlan 5 from trunk port ethernet2/1
lincoln-dales-macbook:~ lincolndale$ ssh ltd at ltd-n7010-1 "conf t ;
int ethernet2/1 ; switchport trunk allowed vlan remove 5"
lincoln-dales-macbook:~ lincolndale$
# show vlan membership of ethernet2/1 with output in text format
lincoln-dales-macbook:~ lincolndale$ ssh ltd at ltd-n7010-1 "show int
eth2/1 trunk"
--------------------------------------------------------------------------------
Port Vlans Allowed on Trunk
--------------------------------------------------------------------------------
Eth2/1 1-4,6-3967,4048-4093
2. the ability to take CLI commands IN to the switch but for the
switch to output in XML:
# show vlan membership of ethernet2/1 with output in XML
lincoln-dales-macbook:~ lincolndale$ ssh ltd at ltd-n7010-1 "show int
eth2/1 trunk | xml"
<?xml version="1.0" encoding="ISO-8859-1"?>
<nf:rpc-reply xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0"
xmlns="if_manager">
<nf:data>
<show>
<interface>
<ethernet>Ethernet2/1</ethernet>
<trunk>
<TABLE_stp_forward>
<ROW_stp_forward>
<interface>Ethernet2/1</interface>
</ROW_stp_forward>
</TABLE_stp_forward>
<TABLE_interface>
<ROW_interface>
<native>1</native>
<status>trunking</status>
<portchannel>--</portchannel>
</ROW_interface>
</TABLE_interface>
<TABLE_stp_forward>
<ROW_stp_forward>
<interface>Ethernet2/1</interface>
</ROW_stp_forward>
</TABLE_stp_forward>
<TABLE_allowed_vlans>
<ROW_allowed_vlans>
<allowedvlans>1-4,6-3967,4048-4093</allowedvlans>
</ROW_allowed_vlans>
</TABLE_allowed_vlans>
...
why one would ever touch SNMP willingly after using the above is
beyond me. :)
however, we aren't religious in that regard, if you wish to use SNMP
there is support there.
cheers,
lincoln.
More information about the cisco-nsp
mailing list