XML APIs to Manage Cisco Nexus 1000V

If you’ve been following my blog, you may remember I wrote Cisco Nexus 1000V in VMware vSphere API about half year ago. The Cisco Nexus 1000V actually has another APIs based on XML. Interestingly, it’s implemented over SSH, but not HTTP or HTTPS.

The Nexus 1000V APIs follows two ITEF standards: RFC 4741 NETCONF Configuration Protocol, and RFC 4742 Using the NETCONF Configuration Protocol over Secure SHell (SSH). The first one is pretty long with close to 100 pages, but fortunately Wikipedia has a much shorter introduction. The RFC 4742 is just 8 pages and pretty easy to browse through.

Bothered by SLOW Web UI to manage vSphere? Want to manage ALL your VMware vCenters, AWS, Azure, Openstack, container behind a SINGLE pane of glass? Want to search, analyze, report, visualize VMs, hosts, networks, datastores, events as easily as Google the Web? Find out more about vSearch 3.0: the search engine for all your private and public clouds.


The basic idea behind NETCONF can be illustrated by the following diagram from the RFC doc. On top of the basic transport protocol, it defines 3 layers for XML RPC request and reply. The operations include <get>, <get-config>, <edit-config>, <copy-config>, <delete-config>, <lock>, <unlock>, <close-session>, <kill-session>.  The content layer is defined by vendors and device specific. More with Cisco Nexus 1000V comes in next section.

       Layer                            Example
   +-------------+      +-------------------------------------------+
   |   Content   |      |     Configuration data                    |
   +-------------+      +-------------------------------------------+
             |                           |
   +-------------+      +-------------------------------------------+
   | Operations  |      |<get-config>, <edit-config>, <notification>|
   +-------------+      +-------------------------------------------+
             |                           |                    |
   +-------------+      +-----------------------------+       |
   |     RPC     |      |    <rpc>, <rpc-reply>       |       |
   +-------------+      +-----------------------------+       |
             |                           |                    |
   +-------------+      +-------------------------------------------+
   |  Transport  |      |   BEEP, SSH, SSL, console                 |
   |  Protocol   |      |                                           |
   +-------------+      +-------------------------------------------+

RFC 4742 mostly defines a standard ending for each request and reply when SSH is used – every request and reply must add ]]>]]> at the end of XML message. Note that the “]]>]]>” has nothing to do with XML, but a simple tag signaling the end of request or reply. For that reason, the RFC 4742 is short.

A Sample Request of Cisco Nexus 1000V XML API

With the above introduction in mind, you will find the Cisco Nexus 1000V XML Management Interface User Guide is easy. The key is to understand the content part of the NETCONF protocol.

The following is a sample request from the User Guide that creates a port group:

<?xml version="1.0"?>
<nf:rpc xmlns="<a href="http://www.cisco.com/nxos:1.0:ppm">http://www.cisco.com/nxos:1.0:ppm</a>" xmlns:nf="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="110">
<nxos:configure xmlns:nxos="<a href="http://www.cisco.com/nxos:1.0:ppm">http://www.cisco.com/nxos:1.0:ppm</a>">
<__XML__PARAM_value isKey="true">testppf</__XML__PARAM_value>
<enabled />
<shutdown />

To send this request, it’s assumed the SSHv2 session has been established to the Cisco Nexus 1000V.

You can actually achieve the same with the CLIs of Nexus 1000V in much cleaner syntax as follows:

#config t
#port-profile testppf
#description portprofile-test-description
#vmware port-group portprofile-test
#state enabled
#no shut

There are several more samples in the user guide. For complete list of requests and replies, you have to get the schema definitions. I didn’t find API reference type of documents unfortunately.

If you want to manually configure Nexus 1000V, you wouldn’t want to use this XML APIs because it’s just too verbose. The real value of this XML APIs is for building automation scripts and applications. If using Java, you can build a clean and easy-to-use APIs using SSH APIs like JSCH which is pure Java implementation of SSH v2 and open-sourced under BSD type of license.

XML Server Management

The Nexus 1000V runs a daemon to serve the APIs calls from clients. The daemon is called either XML server or XML agent. To start the server, just type in the following command in the console over SSH session:


You can also include the command together with SSH command remotely:

#sh username@ip-address -s xmlagent

You can manage the XML Server via command lines in the following ways. If you are interested in the real commands, you can check out the User Guide.

  • Change the maximum of concurrent sessions allowed. The default is 8 which is the maximum supported by the system.
  • Change the session timeout, which defaults to 1200 seconds.
  • Terminate a session.
  • Save changes for next reboot.

This entry was posted in Virtualization and tagged , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.


  1. Posted September 30, 2012 at 2:51 pm | Permalink

    XML APIs to Manage Cisco Nexus 1000V (DoubleCloud) http://t.co/u3ddGM56

  2. Posted September 30, 2012 at 3:01 pm | Permalink

    XML APIs to Manage Cisco Nexus 1000V (DoubleCloud) http://t.co/6qkKCgsa

  3. Posted September 30, 2012 at 10:00 pm | Permalink

    XML APIs to Manage #Cisco Nexus 1000V http://t.co/JxHQzZLb (via @sjin2008)

  4. Posted October 1, 2012 at 8:30 am | Permalink

    XML APIs to Manage #Cisco Nexus 1000V http://t.co/5w5fCJKP (via @sjin2008)

  5. Posted October 1, 2012 at 11:51 am | Permalink

    XML APIs to Manage #Cisco Nexus 1000V http://t.co/1LBWf9i1 (via @sjin2008)

Post a Comment

Your email is never published nor shared. Required fields are marked *


You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>


    My company has created products like vSearch ("Super vCenter"), vijavaNG APIs, EAM APIs, ICE tool. We also help clients with virtualization and cloud computing on customized development, training. Should you, or someone you know, need these products and services, please feel free to contact me: steve __AT__ doublecloud.org.

    Me: Steve Jin, VMware vExpert who authored the VMware VI and vSphere SDK by Prentice Hall, and created the de factor open source vSphere Java API while working at VMware engineering. Companies like Cisco, EMC, NetApp, HP, Dell, VMware, are among the users of the API and other tools I developed for their products, internal IT orchestration, and test automation.