In the above example, devices reside at the lowest layer of the hierarchy, with applications and controllers using APIs to communicate with the device to achieve some desired functionality.

An important thing to consider at this layer is that visibility and scope of influence is generally limited to a single device. APIs at this layer are used to control device configurations and functions, as well as to capture information about things that are controlled by or visible to the device.

Because NX-OS is based on Linux and provides access to a Bash shell, it's possible for APIs to be leveraged not only by devices external to the switch, but also directly on the switch. In the following example, a Python script using an API library is executed "off-box" to perform a function on one or more switches:

Running User Logic Outside the Switch on a Server or VM

In this example, a Python script using an API library is executed "on-box" to perform the same function. The target of this script is the local switch, but there is nothing preventing a script executed on one Nexus switch from using APIs to manipulate other switches in the network.

Running the User Logic Within the Switch, Natively or in a Container

Running the User Logic Within the Switch, Natively or in a Container

The ability to execute a script "on-box" can offer significant value, particularly when actions must be taken while a switch is not reachable by traditional access methods.

For example, it might be desirable that the access ports on a switch be held in a down state until uplink connectivity has been established. A Python script can configure these access ports in an administratively down state at boot. When the uplinks become active, a Python script triggered by the Embedded Event Manager (EEM) could then bring the access ports online.

Low-Level Device APIs

It is also possible for applications to control a subset of switch functionality by interacting with an autonomous subsystem within the device. For example, some of the ASICs that perform low-level packet switching may expose an API that can be leveraged by scripts to expose low-level counters or affect low-level packet forwarding functions:

Using APIs Exposed by ASICs on Network Devices

Using APIs Exposed by ASICs on Network Devices