Nexus Dashboard MCP Server
Всесторонний сервер Model Context Protocol (MCP) для Cisco Nexus Dashboard, позволяющий AI-агентам, таким как Claude, взаимодействовать с API Nexus Dashboard для интеллектуальной автоматизации и управления сетью.
Документация
Nexus Dashboard MCP Server
A comprehensive Model Context Protocol (MCP) server for Cisco Nexus Dashboard, enabling AI agents like Claude to interact with Nexus Dashboard APIs for intelligent network automation and management.
Features
Core Capabilities
-
Complete API Coverage: Access to 638+ operations across 5 Nexus Dashboard APIs
- Manage API (146 endpoints): Fabrics, switches, VLANs, VRFs, networks, interfaces
- Analyze API: Telemetry, insights, anomalies, compliance
- Infrastructure API: System health, licensing, user management
- OneManage API: Device inventory, topology
- Orchestration API: Workflows and automation
-
Security First:
- HTTPS with self-signed certificates (auto-generated)
- Multi-user authentication with role-based access control (RBAC)
- Read-only mode by default with explicit edit mode enablement
- Fernet-encrypted credential storage
- Complete audit logging with client IP tracking
- Granular operation whitelisting per role
-
Web Management UI:
- Next.js-based management interface with HTTPS
- User and role management
- Real-time system health monitoring
- Audit log viewer with CSV export
- Cluster management with connection testing
- Security configuration dashboard
- API guidance and workflow management
-
Enterprise Ready:
- PostgreSQL database for persistence
- Docker-based deployment with host networking
- Complete audit trail for compliance
- LDAP integration support
Quick Start
Prerequisites
- Docker 20.10+ and Docker Compose 2.0+
- Cisco Nexus Dashboard 4.1+ with NDFC 12.x
- Node.js 18+ (for remote MCP access via mcp-remote)
1. Clone and Configure
git clone https://github.com/beye91/nexus-dashboard-mcp.git
cd nexus-dashboard-mcp
# Create environment file with your server's IP address
echo "CERT_SERVER_IP=YOUR_SERVER_IP" > .env
Replace YOUR_SERVER_IP with your server's actual IP address (e.g., 192.168.1.213).
2. Start Services
docker compose up -d --build
This will:
- Generate self-signed SSL certificates automatically
- Start PostgreSQL database (port 15432)
- Start Web API with HTTPS (port 8444)
- Start Web UI with HTTPS (port 7443)
- Start MCP Server for Claude integration
3. Initial Setup
-
Open your browser and navigate to:
https://YOUR_SERVER_IP:7443 -
Accept the self-signed certificate warning
-
Complete the initial admin setup:
- Username:
admin - Email:
[email protected] - Password:
Admin123!(or your preferred password)
- Username:
-
Configure your first cluster:
- Navigate to Clusters page
- Click "Add New Cluster"
- Enter your Nexus Dashboard details
- Click "Test Connection" to verify
- Save the cluster configuration
4. Configure Claude Desktop
Add to your Claude Desktop configuration:
macOS: ~/Library/Application Support/Claude/claude_desktop_config.json
Windows: %APPDATA%\Claude\claude_desktop_config.json
Linux: ~/.config/Claude/claude_desktop_config.json
Remote Deployment (Recommended)
{
"mcpServers": {
"nexus-dashboard": {
"command": "npx",
"args": [
"mcp-remote@latest",
"https://YOUR_SERVER_IP:8444/mcp/sse",
"--transport",
"sse-only"
]
}
}
}
Replace YOUR_SERVER_IP with your server's IP address.
Note: Since we use self-signed certificates, you may need to set
NODE_TLS_REJECT_UNAUTHORIZED=0in your environment or accept the certificate in your system's trust store.
Local Deployment (same machine as Docker)
{
"mcpServers": {
"nexus-dashboard": {
"command": "docker",
"args": [
"exec",
"-i",
"nexus-mcp-server",
"python",
"src/main.py"
]
}
}
}
Restart Claude Desktop, and you'll see the Nexus Dashboard tools available!
Architecture
External Clients
(Browser, Claude Desktop)
|
[HTTPS/TLS]
|
+---------------+---------------+
| |
Port 7443 Port 8444
| |
+----------+----------+ +---------------+--------------+
| Web UI | | Web API |
| (Next.js) |--->| (FastAPI) |
| HTTPS Proxy | | +----------+ +---------+ |
+---------------------+ | | REST API | | MCP SSE | |
| +----------+ +---------+ |
+---------------+--------------+
|
+----------------------+----------------------+
| | |
+--------+--------+ +--------+--------+ +--------+--------+
| PostgreSQL | | MCP Server | | Nexus Dashboard |
| Port 15432 | | (stdio) | | Clusters |
+-----------------+ +-----------------+ +-----------------+
Certificate Volume: /app/certs/ (auto-generated on first startup)
Port Summary
| Service | Port | Protocol | Description |
|---|---|---|---|
| Web UI | 7443 | HTTPS | Management interface |
| Web API | 8444 | HTTPS | REST API and MCP SSE endpoint |
| PostgreSQL | 15432 | TCP | Database (mapped from 5432) |
| Internal HTTP | 8001 | HTTP | Internal proxy communication |
Environment Variables
Required for Production
Create a .env file with:
# Your server's IP address (for SSL certificate SAN)
CERT_SERVER_IP=192.168.1.213
# Security (generate unique keys for production)
ENCRYPTION_KEY=your-unique-fernet-key
SESSION_SECRET_KEY=your-random-secret-key
# Optional: Nexus Dashboard defaults (can be configured via Web UI)
NEXUS_CLUSTER_URL=https://nexus-dashboard.example.com
NEXUS_USERNAME=admin
NEXUS_PASSWORD=YourPassword
Generate Encryption Key:
python3 -c "from cryptography.fernet import Fernet; print(Fernet.generate_key().decode())"
Optional Variables
# SSL Certificate Configuration
CERT_DAYS=365 # Certificate validity (default: 365)
CERT_CN=nexus-dashboard # Certificate common name
# Security
EDIT_MODE_ENABLED=false # Enable write operations
MCP_API_TOKEN=your-token # Optional: Require token for MCP access
# Logging
LOG_LEVEL=INFO # DEBUG, INFO, WARNING, ERROR
Security
HTTPS Configuration
Self-signed certificates are automatically generated on first startup:
- Stored in Docker volume
nexus-mcp-certs - Valid for 365 days (configurable via
CERT_DAYS) - Includes localhost, 127.0.0.1, and your server IP in SAN
To regenerate certificates:
docker volume rm nexus-mcp-certs
docker compose up -d
Multi-User RBAC
The platform supports multiple users with role-based access control:
- Admin Role: Full access to all operations
- Operator Role: Read access + specific write operations
- Viewer Role: Read-only access
Users can be managed through the Web UI under Security > Users.
Best Practices
- Change default admin password after initial setup
- Keep
EDIT_MODE_ENABLED=falseunless write operations are needed - Use strong encryption keys for production
- Review audit logs regularly for unauthorized activity
- Limit network access to the server
Documentation
- Quick Start Guide - Get up and running in 5 minutes
- Architecture Overview - System design and components
- User Guide - Comprehensive usage documentation
- Web UI Guide - Managing the system via web interface
- Claude Desktop Setup - Detailed Claude integration
- Deployment Guide - Production deployment recommendations
- Multi-User RBAC - Role-based access control
- API Guidance System - Customizing API behavior
Troubleshooting
Check Container Status
docker compose ps
docker compose logs -f
Certificate Issues
# View certificate details
docker compose exec web-api openssl x509 -in /app/certs/server.crt -text -noout
# Regenerate certificates
docker volume rm nexus-mcp-certs
docker compose up -d
Database Issues
# Connect to database
docker compose exec postgres psql -U mcp_user -d nexus_mcp
# Check tables
\dt
# View audit logs
SELECT * FROM audit_log ORDER BY timestamp DESC LIMIT 10;
Network Connectivity
# Test API endpoint
curl -k https://localhost:8444/api/health
# Test Web UI
curl -k https://localhost:7443
Development
Local Development Setup
# Clone repository
git clone https://github.com/beye91/nexus-dashboard-mcp.git
cd nexus-dashboard-mcp
# Create virtual environment
python -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
# Start database only
docker compose up postgres -d
# Run API locally
python src/api/web_api.py
# Run Web UI in dev mode
cd web-ui
npm install
npm run dev
License
This project is licensed under the Apache License 2.0 - see the LICENSE file for details.
Acknowledgments
- Anthropic - For the Claude AI platform and MCP protocol
- Cisco - For Nexus Dashboard APIs
- FastMCP - For the excellent MCP framework
Made with care for network automation