Try SpotterBind EPGs to Domains on Cisco ACI fabrics (fv:RsDomAtt)
| "added in version" 2.4 of ansible.builtin"
Authors: Swetha Chunduri (@schunduri), Dag Wieers (@dagwieers), Jacob Mcgill (@jmcgill298)
preview | supported by community
pipInstall with pip install ansible==2.4.3.0.post1
Bind EPGs to Physical and Virtual Domains on Cisco ACI fabrics.
More information from the internal APIC class I(fv:RsDomAtt) at U(https://developer.cisco.com/media/mim-ref/MO-fvRsDomAtt.html).
ap:
aliases:
- app_profile
- app_profile_name
description:
- Name of an existing application network profile, that will contain the EPGs.
epg:
aliases:
- epg_name
description:
- Name of the end point group.
host:
aliases:
- hostname
description:
- IP Address or hostname of APIC resolvable by Ansible control host.
- If the value is not specified in the task, the value of environment variable C(ACI_HOST)
will be used instead.
required: true
type: str
port:
description:
- Port number to be used for REST connection.
- The default value depends on parameter C(use_ssl).
- If the value is not specified in the task, the value of environment variable C(ACI_PORT)
will be used instead.
type: int
encap:
choices:
- range from 1 to 4096
description:
- The VLAN encapsulation for the EPG when binding a VMM Domain with static encap_mode.
- This acts as the secondary encap when using useg.
state:
choices:
- absent
- present
- query
default: present
description:
- Use C(present) or C(absent) for adding or removing.
- Use C(query) for listing an object or multiple objects.
domain:
aliases:
- domain_name
- domain_profile
description:
- Name of the physical or virtual domain being associated with the EPG.
tenant:
aliases:
- tenant_name
description:
- Name of an existing tenant.
netflow:
choices:
- disabled
- enabled
default: disabled
description:
- Determines if netflow should be enabled.
- The APIC defaults new EPG to Domain binings to C(disabled).
timeout:
default: 30
description:
- The socket level timeout in seconds.
- If the value is not specified in the task, the value of environment variable C(ACI_TIMEOUT)
will be used instead.
type: int
use_ssl:
default: true
description:
- If C(no), an HTTP connection will be used instead of the default HTTPS connection.
- If the value is not specified in the task, the value of environment variable C(ACI_USE_SSL)
will be used instead.
type: bool
password:
description:
- The password to use for authentication.
- This option is mutual exclusive with C(private_key). If C(private_key) is provided
too, it will be used instead.
- If the value is not specified in the task, the value of environment variables C(ACI_PASSWORD)
or C(ANSIBLE_NET_PASSWORD) will be used instead.
type: str
username:
aliases:
- user
default: admin
description:
- The username to use for authentication.
- If the value is not specified in the task, the value of environment variables C(ACI_USERNAME)
or C(ANSIBLE_NET_USERNAME) will be used instead.
type: str
owner_key:
description:
- User-defined string for the ownerKey attribute of an ACI object.
- This attribute represents a key for enabling clients to own their data for entity
correlation.
- If the value is not specified in the task, the value of environment variable C(ACI_OWNER_KEY)
will be used instead.
type: str
owner_tag:
description:
- User-defined string for the ownerTag attribute of an ACI object.
- This attribute represents a tag for enabling clients to add their own data.
- For example, to indicate who created this object.
- If the value is not specified in the task, the value of environment variable C(ACI_OWNER_TAG)
will be used instead.
type: str
use_proxy:
default: true
description:
- If C(no), it will not use a proxy, even if one is defined in an environment variable
on the target hosts.
- If the value is not specified in the task, the value of environment variable C(ACI_USE_PROXY)
will be used instead.
type: bool
allow_useg:
choices:
- encap
- useg
default: encap
description:
- Allows micro-segmentation.
- The APIC defaults new EPG to Domain bindings to use C(encap).
annotation:
description:
- User-defined string for annotating an object.
- If the value is not specified in the task, the value of environment variable C(ACI_ANNOTATION)
will be used instead.
type: str
encap_mode:
choices:
- auto
- vlan
- vxlan
default: auto
description:
- The ecapsulataion method to be used.
- The APIC defaults new EPG to Domain bindings to C(auto).
domain_type:
aliases:
- type
choices:
- phys
- vmm
description:
- Determines if the Domain is physical (phys) or virtual (vmm).
output_path:
description:
- Path to a file that will be used to dump the ACI JSON configuration objects generated
by the module.
- If the value is not specified in the task, the value of environment variable C(ACI_OUTPUT_PATH)
will be used instead.
type: str
private_key:
aliases:
- cert_key
description:
- Either a PEM-formatted private key file or the private key content used for signature-based
authentication.
- This value also influences the default C(certificate_name) that is used.
- This option is mutual exclusive with C(password). If C(password) is provided too,
it will be ignored.
- If the value is not specified in the task, the value of environment variable C(ACI_PRIVATE_KEY)
will be used instead.
type: str
vm_provider:
choices:
- microsoft
- openstack
- vmware
description:
- The VM platform for VMM Domains.
output_level:
choices:
- debug
- info
- normal
default: normal
description:
- Influence the output of this ACI module.
- C(normal) means the standard output, incl. C(current) dict
- C(info) adds informational output, incl. C(previous), C(proposed) and C(sent) dicts
- C(debug) adds debugging output, incl. C(filter_string), C(method), C(response),
C(status) and C(url) information
- If the value is not specified in the task, the value of environment variable C(ACI_OUTPUT_LEVEL)
will be used instead.
type: str
primary_encap:
choices:
- range from 1 to 4096
description:
- Determines the primary VLAN ID when using useg.
validate_certs:
default: true
description:
- If C(no), SSL certificates will not be validated.
- This should only set to C(no) when used on personally controlled sites using self-signed
certificates.
- If the value is not specified in the task, the value of environment variable C(ACI_VALIDATE_CERTS)
will be used instead.
type: bool
certificate_name:
aliases:
- cert_name
description:
- The X.509 certificate name attached to the APIC AAA user used for signature-based
authentication.
- If a C(private_key) filename was provided, this defaults to the C(private_key) basename,
without extension.
- If PEM-formatted content was provided for C(private_key), this defaults to the C(username)
value.
- If the value is not specified in the task, the value of environment variable C(ACI_CERTIFICATE_NAME)
will be used instead.
type: str
deploy_immediacy:
choices:
- immediate
- lazy
default: lazy
description:
- Determines when the policy is pushed to hardware Policy CAM.
- The APIC defaults new EPG to Domain bindings to C(lazy).
resolution_immediacy:
choices:
- immediate
- lazy
- pre-provision
default: lazy
description:
- Determines when the policies should be resolved and available.
- The APIC defaults new EPG to Domain bindings to C(lazy).