Try SpotterCreate or remove a Distributed vSwitch portgroup.
Authors: Joseph Callen (@jcpowermac), Philippe Dellaert (@pdellaert) <philippe@dellaert.org>
Install with ansible-galaxy collection install community.vmware:==4.2.0
collections:
- name: community.vmware
version: 4.2.0Create or remove a Distributed vSwitch portgroup.
- name: Create vlan portgroup
community.vmware.vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: vlan-123-portrgoup
switch_name: dvSwitch
vlan_id: 123
num_ports: 120
port_binding: static
state: present
delegate_to: localhost
- name: Create vlan trunk portgroup
community.vmware.vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: vlan-trunk-portrgoup
switch_name: dvSwitch
vlan_id: 1-1000, 1005, 1100-1200
vlan_trunk: true
num_ports: 120
port_binding: static
state: present
delegate_to: localhost
- name: Create private vlan portgroup
vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: private-vlan-portrgoup
switch_name: dvSwitch
vlan_id: 1001
vlan_private: true
num_ports: 120
port_binding: static
state: present
delegate_to: localhost
- name: Create no-vlan portgroup
community.vmware.vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: no-vlan-portrgoup
switch_name: dvSwitch
vlan_id: 0
num_ports: 120
port_binding: static
state: present
delegate_to: localhost
- name: Create vlan portgroup with all security and port policies
community.vmware.vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: vlan-123-portrgoup
switch_name: dvSwitch
vlan_id: 123
num_ports: 120
port_binding: static
state: present
network_policy:
inherited: false
promiscuous: true
forged_transmits: true
mac_changes: true
port_policy:
block_override: true
ipfix_override: true
live_port_move: true
network_rp_override: true
port_config_reset_at_disconnect: true
mac_management_override: true
shaping_override: true
traffic_filter_override: true
uplink_teaming_override: true
vendor_config_override: true
vlan_override: true
delegate_to: localhost
port:
default: 443
description:
- The port number of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PORT)
will be used instead.
type: int
state:
choices:
- present
- absent
description:
- Determines if the portgroup should be present or not.
required: true
type: str
vlan_id:
description:
- The VLAN ID that should be configured with the portgroup, use 0 for no VLAN.
- 'If O(vlan_trunk=true), this can be a combination of multiple ranges and numbers,
example: 1-200, 205, 400-4094.'
- The valid range is from 0 to 4094. Overlapping ranges are allowed.
- If O(vlan_private=true), the corresponding private VLAN should already be configured
in the distributed vSwitch.
required: true
type: str
hostname:
description:
- The hostname or IP address of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_HOST)
will be used instead.
type: str
net_flow:
choices:
- 'true'
- 'on'
- 'yes'
- 'false'
- 'off'
- 'no'
- inherited
description:
- Indicate whether or not the virtual machine IP traffic that flows through a vds
gets analyzed by sending reports to a NetFlow collector.
required: false
type: str
password:
aliases:
- pass
- pwd
description:
- The password of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PASSWORD)
will be used instead.
type: str
username:
aliases:
- admin
- user
description:
- The username of the vSphere vCenter or ESXi server.
- If the value is not specified in the task, the value of environment variable E(VMWARE_USER)
will be used instead.
type: str
num_ports:
description:
- The number of ports the portgroup should contain.
type: int
proxy_host:
description:
- Address of a proxy that will receive all HTTPS requests and relay them.
- The format is a hostname or a IP.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PROXY_HOST)
will be used instead.
required: false
type: str
proxy_port:
description:
- Port of the HTTP proxy that will receive all HTTPS requests and relay them.
- If the value is not specified in the task, the value of environment variable E(VMWARE_PROXY_PORT)
will be used instead.
required: false
type: int
vlan_trunk:
default: false
description:
- Indicates whether this is a VLAN trunk or not.
- Mutually exclusive with O(vlan_private) parameter.
required: false
type: bool
port_policy:
default:
block_override: true
ipfix_override: false
live_port_move: false
mac_management_override: false
network_rp_override: false
port_config_reset_at_disconnect: true
shaping_override: false
traffic_filter_override: false
uplink_teaming_override: false
vendor_config_override: false
vlan_override: false
description:
- Dictionary which configures the advanced policy settings for the portgroup.
suboptions:
block_override:
default: true
description:
- Indicates if the block policy can be changed per port.
type: bool
ipfix_override:
default: false
description:
- Indicates if the ipfix policy can be changed per port.
type: bool
live_port_move:
default: false
description:
- Indicates if a live port can be moved in or out of the portgroup.
type: bool
mac_management_override:
aliases:
- security_override
default: false
description:
- Indicates if the security policy can be changed per port.
type: bool
network_rp_override:
default: false
description:
- Indicates if the network resource pool can be changed per port.
type: bool
port_config_reset_at_disconnect:
default: true
description:
- Indicates if the configuration of a port is reset automatically after disconnect.
required: false
type: bool
shaping_override:
default: false
description:
- Indicates if the shaping policy can be changed per port.
type: bool
traffic_filter_override:
default: false
description:
- Indicates if the traffic filter can be changed per port.
type: bool
uplink_teaming_override:
default: false
description:
- Indicates if the uplink teaming policy can be changed per port.
type: bool
vendor_config_override:
default: false
description:
- Indicates if the vendor config can be changed per port.
type: bool
vlan_override:
default: false
description:
- Indicates if the vlan can be changed per port.
type: bool
type: dict
switch_name:
description:
- The name of the distributed vSwitch the port group should be created on.
required: true
type: str
mac_learning:
description:
- Dictionary which configures MAC learning for portgroup.
suboptions:
allow_unicast_flooding:
description: The flag to allow flooding of unlearned MAC for ingress traffic.
required: false
type: bool
enabled:
description: The flag to indicate if source MAC address learning is allowed.
required: false
type: bool
limit:
description: The maximum number of MAC addresses that can be learned.
required: false
type: int
limit_policy:
choices:
- allow
- drop
description: The default switching policy after MAC limit is exceeded.
required: false
type: str
type: dict
port_binding:
choices:
- static
- ephemeral
description:
- The type of port binding determines when ports in a port group are assigned to virtual
machines.
- See VMware KB 1022312 U(https://kb.vmware.com/s/article/1022312) for more details.
required: true
type: str
vlan_private:
default: false
description:
- Indicates whether this is for a private VLAN or not.
- Mutually exclusive with O(vlan_trunk) parameter.
required: false
type: bool
network_policy:
description:
- Dictionary which configures the different security values for portgroup.
required: false
suboptions:
forged_transmits:
description: Indicates whether forged transmits are allowed. Ignored if O(network_policy.inherited=true).
type: bool
inherited:
description: Inherit the settings from the switch or not.
required: true
type: bool
mac_changes:
description: Indicates whether mac changes are allowed. Ignored if O(network_policy.inherited=true).
type: bool
promiscuous:
description: Indicates whether promiscuous mode is allowed. Ignored if O(network_policy.inherited=true).
type: bool
type: dict
portgroup_name:
description:
- The name of the portgroup that is to be created or deleted.
required: true
type: str
teaming_policy:
default:
load_balance_policy: loadbalance_srcid
notify_switches: true
rolling_order: false
description:
- Dictionary which configures the different teaming values for portgroup.
suboptions:
active_uplinks:
description:
- List of active uplinks used for load balancing.
elements: str
type: list
inbound_policy:
description:
- Indicate whether or not the teaming policy is applied to inbound frames as well.
type: bool
load_balance_policy:
choices:
- loadbalance_ip
- loadbalance_srcmac
- loadbalance_srcid
- loadbalance_loadbased
- failover_explicit
default: loadbalance_srcid
description:
- Network adapter teaming policy.
type: str
notify_switches:
default: true
description:
- Indicate whether or not to notify the physical switch if a link fails.
type: bool
rolling_order:
default: false
description:
- Indicate whether or not to use a rolling policy when restoring links.
type: bool
standby_uplinks:
description:
- List of standby uplinks used for failover.
elements: str
type: list
type: dict
validate_certs:
default: true
description:
- Allows connection when SSL certificates are not valid. Set to V(false) when certificates
are not trusted.
- If the value is not specified in the task, the value of environment variable E(VMWARE_VALIDATE_CERTS)
will be used instead.
type: bool
port_allocation:
choices:
- elastic
- fixed
description:
- Elastic port groups automatically increase or decrease the number of ports as needed.
- Only valid if O(port_binding=static).
- Will be V(elastic) if not specified and O(port_binding=static).
- Will be V(fixed) if not specified and O(port_binding=ephemeral).
type: str
in_traffic_shaping:
description:
- Dictionary which configures the ingress traffic shaping settings for the portgroup.
required: false
suboptions:
average_bandwidth:
description:
- Establishes the number of bits per second to allow across a port, averaged over
time, that is, the allowed average load.
- Ignored if O(in_traffic_shaping.inherited=true).
type: int
burst_size:
description:
- The maximum number of bits per second to allow across a port when it is sending/sending
or receiving a burst of traffic.
- Ignored if O(in_traffic_shaping.inherited=true).
type: int
enabled:
description:
- Indicates whether ingress traffic shaping is activated or not.
- Ignored if O(in_traffic_shaping.inherited=true).
type: bool
inherited:
description: Inherit the settings from the switch or not.
required: true
type: bool
peak_bandwidth:
description:
- The maximum number of bytes to allow in a burst.
- Ignored if O(in_traffic_shaping.inherited=true).
type: int
type: dict
out_traffic_shaping:
description:
- Dictionary which configures the egress traffic shaping settings for the portgroup.
required: false
suboptions:
average_bandwidth:
description:
- Establishes the number of bits per second to allow across a port, averaged over
time, that is, the allowed average load.
- Ignored if O(out_traffic_shaping.inherited=true).
type: int
burst_size:
description:
- The maximum number of bits per second to allow across a port when it is sending/sending
or receiving a burst of traffic.
- Ignored if O(out_traffic_shaping.inherited=true).
type: int
enabled:
description:
- Indicates whether egress traffic shaping is activated or not.
- Ignored if O(out_traffic_shaping.inherited=true).
type: bool
inherited:
description:
- Inherit the settings from the switch or not.
required: true
type: bool
peak_bandwidth:
description:
- The maximum number of bytes to allow in a burst.
- Ignored if O(out_traffic_shaping.inherited=true).
type: int
type: dict