mikewiebe / mikewiebe.ndfc / 2.1.3 / module / dcnm_policy DCNM Ansible Module for managing policies. | "added in version" 1.1.0 of mikewiebe.ndfc" Authors: Mallik Mudigonda(@mmudigon)mikewiebe.ndfc.dcnm_policy (2.1.3) — module
Install with ansible-galaxy collection install mikewiebe.ndfc:==2.1.3
collections: - name: mikewiebe.ndfc version: 2.1.3
DCNM Ansible Module for Creating, Deleting, Querying and Modifying policies
# States: # This module supports the following states: # # Merged: # Policies defined in the playbook will be merged into the target fabric. # # The policies listed in the playbook will be created if not already present on the DCNM # server. If the policy is already present and the configuration information included # in the playbook is either different or not present in DCNM, then the corresponding # information is added to the policy on DCNM. If an policy mentioned in playbook # is already present on DCNM and there is no difference in configuration, no operation # will be performed for such policy. # # Deleted: # Policies defined in the playbook will be deleted in the target fabric. # # WARNING: Deleting a policy will deploy all pending configurations on the impacted switches. # # Query: # Returns the current DCNM state for the policies listed in the playbook. # CREATE POLICY # NOTE: In the following create task, policies identified by template names template_101, # template_102, and template_103 are deployed on ansible_switch2 where as policies # template_104 and template_105 are the only policies installed on ansible_switch1. - name: Create different policies cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: merged deploy: true config: - name: template_101 # This must be a valid template name create_additional_policy: false # Do not create a policy if it already exists priority: 101 - name: template_102 # This must be a valid template name create_additional_policy: false # Do not create a policy if it already exists description: 102 - No piority given - name: template_103 # This must be a valid template name create_additional_policy: false # Do not create a policy if it already exists description: Both description and priority given priority: 500 - switch: - ip: "{{ ansible_switch1 }}" policies: - name: template_104 # This must be a valid template name create_additional_policy: false # Do not create a policy if it already exists - name: template_105 # This must be a valid template name create_additional_policy: false # Do not create a policy if it already exists - ip: "{{ ansible_switch2 }}"
# CREATE POLICY (including arguments) # NOTE: The actual arguments to be included depends on the template used to create the policy - name: Create policy including required variables cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" config: - name: my_base_ospf # This must be a valid template name create_additional_policy: false # Do not create a policy if it already exists priority: 101 policy_vars: OSPF_TAG: 2000 LOOPBACK_IP: 10.122.84.108 - switch: - ip: "{{ ansible_switch1 }}"
# MODIFY POLICY # NOTE: Since there can be multiple policies with the same template name, policy-id MUST be used # to modify a particular policy. - name: Modify different policies cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: merged deploy: true config: - name: POLICY-101101 # This must be a valid POLICY ID create_additional_policy: false # Do not create a policy if it already exists priority: 101 - name: POLICY-102102 # This must be a valid POLICY ID create_additional_policy: false # Do not create a policy if it already exists description: 102 - No piority given - name: POLICY-103103 # This must be a valid POLICY ID create_additional_policy: false # Do not create a policy if it already exists description: Both description and priority given priority: 500 - switch: - ip: "{{ ansible_switch1 }}" policies: - name: POLICY-104104 # This must be a valid POLICY ID create_additional_policy: false # Do not create a policy if it already exists - name: POLICY-105105 # This must be a valid POLICY ID create_additional_policy: false # Do not create a policy if it already exists - ip: "{{ ansible_switch2 }}"
# DELETE POLICY # NOTE: In the case of deleting policies using template names, all policies using the template name # will be deleted. To delete specific policy, policy-ids must be used - name: Delete policies using template name cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: deleted # only choose form [merged, deleted, query] config: - name: template_101 # name is mandatory - name: template_102 # name is mandatory - name: template_103 # name is mandatory - name: template_104 # name is mandatory - name: template_105 # name is mandatory - switch: - ip: "{{ ansible_switch1 }}" - ip: "{{ ansible_switch2 }}"
- name: Delete policies using policy-id cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: deleted # only choose form [merged, deleted, query] config: - name: POLICY-101101 # name is mandatory - name: POLICY-102102 # name is mandatory - name: POLICY-103103 # name is mandatory - name: POLICY-104104 # name is mandatory - name: POLICY-105105 # name is mandatory - switch: - ip: "{{ ansible_switch1 }}" - ip: "{{ ansible_switch2 }}"
# QUERY # NOTE: In the case of Query using template names, all policies that have a matching template name will be # returned - name: Query all policies from the specified switches cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: query config: - switch: - ip: "{{ ansible_switch1 }}" - ip: "{{ ansible_switch2 }}"
- name: Query policies matching template names cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: query config: - name: template_101 - name: template_102 - name: template_103 - switch: - ip: "{{ ansible_switch1 }}"
- name: Query policies using policy-ids cisco.dcnm.dcnm_policy: fabric: "{{ ansible_it_fabric }}" state: query config: - name: POLICY-101101 - name: POLICY-102102 - name: POLICY-103103 - switch: - ip: "{{ ansible_switch1 }}"
state: choices: - merged - deleted - query default: merged description: - The required state of the configuration after module completion. required: false type: str config: description: - A list of dictionaries containing policy and switch information elements: dict suboptions: create_additional_policy: default: true description: - A flag indicating if a policy is to be created even if an identical policy already exists required: false type: bool description: default: '' description: - Description of the policy. The description may include the details regarding the policy i.e. the arguments if any etc. required: false type: str name: description: - This can be one of the following a) Template Name - A unique name identifying the template. Please note that a template name can be used by multiple policies and hence a template name does not identify a policy uniquely. b) Policy ID - A unique ID identifying a policy. Policy ID MUST be used for modifying policies since template names cannot uniquely identify a policy required: true type: str policy_vars: default: {} description: - A set of arguments required for creating and deploying policies. The arguments are specific to each policy and depends on the tmeplate that is used by the policy. required: false type: dict priority: default: 500 description: - Priority associated with the policy required: false type: str switch: description: - A dictionary of switches and associated policy information. All switches in this list will be deployed with only those policies that are included under "policies" object i.e. 'policies' object will override the list of policies for this particular switch. If 'policies' object is not included, then other policies specified in the configurstion will be deployed to these switches. elements: dict suboptions: ip: description: - IP address of the switch where the policy is to be deployed. This can be IPV4 address, IPV6 address or hostname required: true type: str policies: default: [] description: - A list of policies to be deployed on the switch. Note only policies included here will be deployed on the switch irrespective of other polcies included in the configuration. elements: dict required: false suboptions: create_additional_policy: default: true description: - A flag indicating if a policy is to be created even if an identical policy already exists required: false type: bool description: default: '' description: - Description of the policy. The description may include the details regarding the policy required: false type: str name: description: - This can be one of the following a) Template Name - A unique name identifying the template. Please note that a template name can be used by multiple policies and hence a template name does not identify a policy uniquely. b) Policy ID - A unique ID identifying a policy. Policy ID MUST be used for modifying policies since template names cannot uniquely identify a policy required: true type: str policy_vars: default: {} description: - A set of arguments required for creating and deploying policies. The arguments are specific to each policy and that depends on the tmeplate that is used by the policy. required: false type: dict priority: default: 500 description: - Priority associated with the policy required: false type: str type: list type: list type: list deploy: default: true description: - A flag specifying if a policy is to be deployed on the switches required: false type: bool fabric: description: - Name of the target fabric for policy operations required: true type: str