Cisco ACI MCP Server

A comprehensive MCP server for configuring and managing Cisco ACI (Application Centric Infrastructure) fabrics through the APIC REST API.

GitHub

ACI Model Context Protocol (MCP) Server

A comprehensive MCP server for configuring and managing Cisco ACI (Application Centric Infrastructure) fabrics through the APIC REST API.

Overview

This MCP server provides 35+ tools for complete ACI fabric management, including:

  • Tenant Management: Create, list, get, update, and delete tenants
  • Application Profiles: Manage application profiles within tenants
  • Endpoint Groups (EPGs): Configure and manage endpoint groups
  • Bridge Domains: Create and manage Layer 2 domains
  • VRFs: Manage Virtual Routing and Forwarding instances
  • Contracts: Define and manage security policies
  • Health Monitoring: Monitor fabric health and faults
  • Node Management: Manage fabric nodes and interfaces

Installation

Prerequisites

  • Node.js 18+ and npm
  • Access to a Cisco APIC controller
  • Valid APIC credentials (username/password or certificate)

Setup

  1. Clone and Install:

    cd aci-mcp-server
npm install

  2. Configure Authentication:

    Option A: Environment Variables

    cp .env.example .env
# Edit .env with your APIC details
export ACI_APIC_URL="https://your-apic.domain.com"
export ACI_USERNAME="admin"
export ACI_PASSWORD="your_password"

    Option B: Configuration Files

    cp aci-config.json.example aci-config.json
# Edit aci-config.json with your settings

    Option C: Certificate Authentication

    export ACI_APIC_URL="https://your-apic.domain.com"
export ACI_USERNAME="admin"
export ACI_CERT_NAME="your-cert-name"
export ACI_PRIVATE_KEY_PATH="/path/to/private.key"

  3. Build the Server:

    npm run build

  4. Test Connection:

    npm start
# Should connect to APIC and display available tools

Configuration

Authentication Methods

The server supports two authentication methods:

  1. Username/Password: Standard APIC login
  2. Certificate: X.509 certificate-based authentication (recommended for production)

Tool Configuration

Configure which tools are available using aci-mcp-config.json:

{
  "serverConfig": {
    "name": "aci",
    "toolSelectionMode": "whitelist",
    "enableAllTools": false,
    "tenantFocus": "production"
  },
  "toolConfiguration": {
    "enabledTools": ["list_tenants", "get_fabric_health", ...],
    "disabledTools": []
  }
}

Tool Modes:

  • core: Essential tools (35 tools) - Default
  • all: All available tools (50+ tools)

Environment Variable Configuration:

export ACI_TOOL_MODE=core          # or 'all'
export ACI_TENANT_FOCUS=production # Focus on specific tenant

Available Tools

Tenant Management (5 tools)

  • list_tenants - List all tenants
  • get_tenant - Get specific tenant details
  • create_tenant - Create new tenant
  • update_tenant - Update tenant configuration
  • delete_tenant - Delete tenant

Application Profile Management (5 tools)

  • list_application_profiles - List application profiles
  • get_application_profile - Get specific application profile
  • create_application_profile - Create new application profile
  • update_application_profile - Update application profile
  • delete_application_profile - Delete application profile

Endpoint Group Management (6 tools)

  • list_endpoint_groups - List endpoint groups
  • get_endpoint_group - Get specific EPG details
  • create_endpoint_group - Create new EPG
  • update_endpoint_group - Update EPG configuration
  • delete_endpoint_group - Delete EPG
  • get_endpoint_group_stats - Get EPG statistics

Bridge Domain Management (5 tools)

  • list_bridge_domains - List bridge domains
  • get_bridge_domain - Get specific bridge domain
  • create_bridge_domain - Create new bridge domain
  • update_bridge_domain - Update bridge domain
  • delete_bridge_domain - Delete bridge domain

VRF Management (5 tools)

  • list_vrfs - List VRFs
  • get_vrf - Get specific VRF details
  • create_vrf - Create new VRF
  • update_vrf - Update VRF configuration
  • delete_vrf - Delete VRF

Contract Management (8 tools)

  • list_contracts - List contracts
  • get_contract - Get contract details
  • create_contract - Create new contract
  • update_contract - Update contract
  • delete_contract - Delete contract
  • list_filters - List filters
  • create_filter - Create new filter
  • delete_filter - Delete filter

Health & Monitoring (8 tools)

  • get_fabric_health - Get overall fabric health
  • list_faults - List fabric faults
  • get_fault_summary - Get fault summary by severity
  • list_nodes - List fabric nodes
  • get_node_health - Get node health status
  • list_interfaces - List fabric interfaces
  • get_interface_stats - Get interface statistics
  • get_system_info - Get APIC system information

Related Servers