Cisco Modeling Labs (CML) is a virtual network simulation platform that lets engineers create, test, and troubleshoot network topologies in a sandboxed environment. While the user interface is intuitive, the underlying engine is driven by a sophisticated API layer that powers everything from device emulation to resource orchestration. Understanding the type of API that CML relies on is crucial for developers who want to integrate it with other tools, automate deployments, or extend its capabilities.
Why the API Matters for CML Users
- Automation – Scripts can spin up labs, run tests, and tear down environments in seconds.
- Integration – APIs allow CML to talk to CI/CD pipelines, monitoring tools, or cloud platforms.
- Extensibility – Custom plugins or dashboards can be built on top of the native API.
- Scalability – The API handles concurrent requests, ensuring that multiple users can work simultaneously without performance degradation.
The Core API Architecture of Cisco Modeling Labs
CML’s API is a RESTful interface, built on top of HTTP/HTTPS protocols and JSON payloads. This design choice aligns with modern web standards and makes it straightforward for developers to consume the API from any programming language or platform Small thing, real impact..
Key Characteristics
| Feature | Description |
|---|---|
| Stateless | Each request contains all information needed; no session state is stored on the server. Now, |
| Resource‑Oriented | Endpoints represent entities such as labs, nodes, connections, and sessions. Consider this: |
| Versioned | URLs include a version segment (e. g.On top of that, , /v1/labs) to allow backward‑compatible updates. |
| Authentication | Uses token‑based authentication (Bearer tokens) issued after a login request. Which means |
| Rate Limiting | Enforced per‑user or per‑API‑key to prevent abuse. On top of that, |
| Event Hooks | Webhooks can notify external services when lab events occur (e. Even so, g. , node state changes). |
Typical API Endpoints
- Authentication
POST /api/v1/auth/login– Returns a JWT token.
- Lab Management
GET /api/v1/labs– List all labs.POST /api/v1/labs– Create a new lab.GET /api/v1/labs/{labId}– Retrieve lab details.PUT /api/v1/labs/{labId}– Update lab configuration.DELETE /api/v1/labs/{labId}– Delete a lab.
- Node Operations
GET /api/v1/labs/{labId}/nodes– List nodes in a lab.POST /api/v1/labs/{labId}/nodes– Add a node.PUT /api/v1/labs/{labId}/nodes/{nodeId}– Modify node settings.
- Connection Management
POST /api/v1/labs/{labId}/connections– Create a link between nodes.DELETE /api/v1/labs/{labId}/connections/{connId}– Remove a link.
- Session Control
POST /api/v1/labs/{labId}/sessions– Start a lab session.DELETE /api/v1/labs/{labId}/sessions/{sessionId}– Stop a session.
- File Operations
POST /api/v1/labs/{labId}/files– Upload configuration files.GET /api/v1/labs/{labId}/files/{fileId}– Download a file.
These endpoints expose the full breadth of CML’s functionality, from creating a topology to running a complex BGP experiment.
Underlying Technologies and Protocols
While the API surface is RESTful, the engine that powers CML uses several other technologies:
1. Docker and Containerization
Each virtual network device (router, switch, firewall) runs inside a Docker container. The API interacts with Docker’s Docker Engine API to spin up, configure, and tear down these containers on demand Took long enough..
- Container Orchestration – The API translates lab definitions into Docker Compose files, which are then deployed via the Docker API.
- Resource Allocation – CPU, memory, and network bandwidth are allocated per container, ensuring isolation between labs.
2. gRPC for Internal Communication
Within the CML server, components communicate over gRPC. This high‑performance, binary protocol is ideal for:
- Device Emulation – The emulation engine receives commands from the API via gRPC streams.
- Real‑Time Events – Node status updates are pushed to the web UI in real time using gRPC callbacks.
3. WebSocket for Live Interaction
The front‑end web interface establishes a WebSocket connection to the server. Through this channel, the API pushes real‑time telemetry, console output, and event notifications to the browser, enabling instant feedback during lab sessions But it adds up..
4. Database Layer
CML stores metadata (lab definitions, user accounts, logs) in a relational database (PostgreSQL). The REST API performs CRUD operations against this database, ensuring persistence across restarts Worth knowing..
Security Considerations
Because the API exposes powerful network manipulation capabilities, security is critical Easy to understand, harder to ignore..
- HTTPS Everywhere – All traffic is encrypted with TLS 1.2 or higher.
- JWT Tokens – Tokens are short‑lived (typically 30 minutes) and can be refreshed with a refresh token.
- Role‑Based Access Control (RBAC) – Permissions are granular: admin, editor, viewer, etc.
- Audit Logging – Every API call is logged with user, timestamp, and payload for compliance.
Extending CML with the API
Developers can make use of the API to build custom tools:
- Automated Test Harnesses – Write scripts that create labs, apply configurations, run diagnostics, and report results.
- CI/CD Pipelines – Integrate CML into GitHub Actions or Jenkins to automatically test network changes before deployment.
- Custom Dashboards – Use the API to fetch lab status and display it in a corporate intranet or monitoring system.
- ChatOps Bots – Build Slack or Teams bots that trigger lab sessions or fetch console logs on demand.
Sample Python Snippet
import requests
BASE = 'https://cml.example.com/api/v1'
TOKEN = 'Bearer YOUR_JWT_TOKEN'
headers = {'Authorization': TOKEN, 'Content-Type': 'application/json'}
# Create a new lab
lab_payload = {
"name": "Demo Lab",
"description": "Automated lab creation"
}
response = requests.post(f'{BASE}/labs', json=lab_payload, headers=headers)
lab_id = response.json()['id']
# Add a router node
node_payload = {
"name": "Router1",
"type": "iosv",
"image": "cisco/iosv:latest"
}
node_resp = requests.post(f'{BASE}/labs/{lab_id}/nodes', json=node_payload, headers=headers)
node_id = node_resp.json()['id']
print(f'Lab {lab_id} created with node {node_id}')
This snippet demonstrates how quickly a lab can be instantiated programmatically.
Common Questions About the CML API
| Question | Answer |
|---|---|
| **Is the API documented?That's why | |
| **What about rate limits? ** | Default limits are 100 requests per minute per user, but they can be adjusted by the administrator. But ** |
| **Can I host CML on the cloud? Here's the thing — | |
| **Is there an SDK? But ** | Absolutely. Since it’s RESTful and JSON‑based, any language that can make HTTP requests works. In real terms, ** |
| Can I use the API with any language? | Cisco offers unofficial SDKs in Python and JavaScript, but the official documentation remains the primary resource. |
Conclusion
Cisco Modeling Labs is powered by a RESTful API that exposes a rich set of endpoints for managing labs, nodes, connections, and sessions. Think about it: under the hood, Docker containers, gRPC, WebSockets, and a PostgreSQL database collaborate to deliver a responsive, secure, and scalable virtual networking platform. Whether you’re a network engineer automating lab setups or a developer building a custom integration, the CML API provides the flexibility and robustness needed to bring network experimentation into the modern DevOps pipeline Simple as that..
Worth pausing on this one.
Advanced Automation Patterns
Beyond basic lab creation, the CML API enables sophisticated orchestration workflows. Another powerful pattern is multi-lab orchestration, where a single script spins up several interconnected labs to simulate large-scale enterprise or service provider environments. This leads to for example, you can validate a network topology before deployment by programmatically checking for IP conflicts, routing loops, or suboptimal paths. This is invaluable for testing disaster recovery plans or validating multi-domain protocols like BGP confederations.
Consider a scenario where you need to benchmark network performance under load. That's why you could use the API to:
- Which means instantiate a lab with traffic-generating nodes (e. g., IPERF3 servers and clients). Because of that, 2. Still, configure interfaces and start traffic flows via API calls. 3. Think about it: query real-time interface statistics and CPU utilization from devices. 4. Automatically tear down the lab after data collection, saving costs.
Short version: it depends. Long version — keep reading It's one of those things that adds up..
Such end-to-end automation transforms CML from a manual testing tool into an autonomous testbed for continuous validation.
Operational Best Practices
To maximize reliability and security when using the CML API at scale, consider these practices:
- Token Management: Use short-lived JWT tokens with minimal required scopes. Rotate credentials regularly and avoid hardcoding them in scripts—apply secret managers like HashiCorp Vault or cloud KMS.
- Idempotency: Design scripts to be idempotent. Because of that, since network labs can be expensive to run, ensure your automation can safely retry failed requests without creating duplicate resources. - Error Handling & Logging: Implement solid error handling to catch API rate limits, authentication failures, or resource constraints. Log all API interactions for audit trails and debugging.
Still, - Resource Cleanup: Always include a cleanup phase in your automation to delete labs after use, especially in shared or cloud environments where unused resources incur charges. - Version Pinning: Specify API version explicitly in your requests (e.g.,
/api/v1/) to avoid breaking changes when Cisco updates the platform.
Conclusion
The Cisco Modeling Labs API is more than a management interface—it is the central nervous system for modern network automation. Now, by exposing every facet of lab lifecycle management through a clean, RESTful design, it empowers engineers to embed network validation directly into DevOps pipelines, CI/CD workflows, and operational platforms. From quick scripted lab setups to complex, multi-domain orchestration, the API scales with your needs, whether you’re a solo engineer prototyping a design or an enterprise orchestrating thousands of virtual devices.
As networks evolve toward greater automation and programmability, tools like CML with dependable APIs will become indispensable. They bridge the gap between traditional network engineering and software-driven operations, enabling a culture of continuous testing, rapid iteration, and reliable deployment. Embracing the CML API means not just simulating networks, but actively building a more resilient and agile infrastructure—one automated lab at a time.
