- Added 3rd EPG Tier and Unique Contracts
- Added L3 External Route via Shared Services (Common)
- ACI Fabric 1.0(3f)+
- Python Requests Library
- aci_context - manage private networks, contexts, in an aci fabric
- aci_filter - manages top level filter objects
- aci_filter_entry - manages filter entries that will be assigned to a filter
- aci_bridge_domain - manages bridge domains in an aci fabric
- aci_dhcp_association - manages DHCP Relay Labels in bridge domains
- aci_l3Out - manages L3 out association to bridge domains in an aci fabric
- aci_contract - manages initial contracts (does not include contract subjs)
- aci_contract_subject - manages contract subjects
- aci_tenant - manage tenants in an aci fabric
- aci_anp - manage top level application network profile objects
- aci_epg - manages aci end point groups and related contracts
- aci_epr - manages end point retention policies
- aci_fiber_channel_policy - manages fiber channel policies
- aci_l2_interface_policy - manages l2 interface policies
- aci_lldp_interface_policy - manages lldp interface policies
- aci_login_domain - manages login domains
- aci_monitoring_policy - manages monitoring policies
- aci_mcp_interface - manages mcp interface policies
- aci_port_channel_interface - manages port channel interface policies
- aci_port_security - manages port security
- aci_route_tag_policy - manages route tag policy
- aci_span_dst_group - manages span destination groups
- aci_span_src_group - manages span source groups
- aci_taboo_contracts - manages taboo contracts
- aci_action_rule_profile - manages action rule profiles
- aci_aep - manages attachable entity profile
- aci_epg_domain_binding - manages epg physical domain binding
- aci_rest - direct access to the apic api
- aci_fabric_inventory - Fetch fabric topology data
Manage private networks, contexts, in an aci fabric
- Synopsis
- Options
- Examples
Offers ability to manage private networks. Each context is a private network associated to a tenant, i.e. VRF
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| host | no | IP Address or hostname of APIC resolvable by Ansible control host | ||
| protocol | yes | https |
|
Dictates connection protocol |
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | unspecified | Name of the Tenant | |
| vrf_name | yes | Name of the Context | ||
| policy_control_direction | no | ingress |
|
The preferred policy control in relation to where the policy will be applied |
| policy_control_preference | no | enforced |
|
The preferred policy control |
| descr | no | Description for the filter entry |
-aci_context:
action: "{{ action }}"
vrf_name: "{{ vrf_name }}"
tenant_name: "{{ tenant_name }}"
policy_control_direction: "{{ policy_control_direction }}"
policy_control_preference: "{{ policy_control_preference }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant must be exist prior to using this module
Manages top level filter objects
- Synopsis
- Options
- Examples
Manages top level filter objects, i.e. not each entry
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| filter_name | yes | name of the filter the entry will be a part of | ||
| entry_name | yes | name of the filter entry | ||
| tenant_name | yes | name of the tenant this filter will be a part of | ||
| descr | no | description of filter entry |
aci_filter:
action: "{{ action }}"
filter_name: "{{ filter_name }}"
tenant_name: "{{ tenant_name }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant must be exist prior to using this module
Manages filter entries that will be assigned to a filter
- Synopsis
- Options
- Examples
Manages filter entries that will be assigned to an already created filter
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| filter_name | yes | name of the filter the entry will be a part of | ||
| tenant_name | yes | name of the tenant this filter will be a part | ||
| entry_name | yes | name of the entry | ||
| ether_type | no | unspecified |
|
EtherType of the filter entry |
| icmp_msg_type | no | unspecified |
|
ICMP Message Type |
| descr | no | description of filter |
aci_filter_entry:
action: "{{ action }}"
filter_name; "{{ filter_name }}"
entry_name: "{{ entry_name }}"
tenant_name: "{{ tenant_name }}"
ether_name: "{{ ether_name }}"
icmp_msg_type: "{{ icmp_msg_type }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant and Filter must exist prior to using this module
Manages bridge domains in an ACI fabric
- Synopsis
- Options
- Examples
Manages bridge domains within an ACI fabric
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| bd_name | yes | Name of the bridge domain | ||
| tenant_name | yes | Name of the Tenant the bridge domain will be a part of | ||
| vrf_name | yes | Name of the context the bridge domain will be associated to | ||
| descr | no | description of bridge domain | ||
| arp_flooding | no | yes |
|
Enable or Disable ARP flooding |
| l2_unknown_unicast | no | proxy |
|
L2 Unknown Unicast |
| l3_unknown_multicast | no | flood |
|
L3 Unknown Multicast |
| multi_dest | no | bd-flood |
|
Multi Destination Flooding |
| gateway_ip | yes | IP address of the gateway | ||
| subnet_mask | yes | subnet mask value | ||
| scope | no | private | Scope of the subnet |
aci_bridge_domain:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
bd_name: "{{ bd_name }}"
vrf_name: "{{ vrf_name }}"
arp_flooding: "{{ arp_flooding }}"
l2_unknown_unicast: "{{ l2_unknown_unicast }}"
l3_unknown_multicast: "{{ l3_unknown_multicast }}"
multi_dest: "{{ multi_dest }}"
gateway_ip: "{{ gateway_ip }}"
subnet_mask: "{{ subnet_mask }}"
scope: "{{ scope }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
-
Tenant and context must exist prior to using this module
-
One subnet can be added per task (per module call)
Associating DHCP Relay Labels to Bridge Domains
- Synopsis
- Options
- Examples
Manages DHCP Relay Labels in bridge domains within an ACI fabric
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| bd_name | yes | Name of the bridge domain | ||
| tenant_name | yes | Name of the Tenant the bridge domain will be a part of | ||
| dhcp_name | yes | Name of the DHCP Relay Label | ||
| dhcp_scope | no | infra |
|
Scope of the DHCP Relay label |
aci_dhcp_association:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
bd_name: "{{ bd_name }}"
dhcp_name: "{{ dhcp_name }}"
dhcp_scope: "{{ dhcp_scope }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
- Tenant and context must exist prior to using this module
Associating L3 Out to Bridge Domains
- Synopsis
- Options
- Examples
Manages L3 Out in bridge domains within an ACI fabric
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| bd_name | yes | Name of the bridge domain | ||
| tenant_name | yes | Name of the Tenant the bridge domain will be a part of | ||
| l3_out | yes | L3 out association with the Bridge Domain |
aci_l3Out:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
bd_name: "{{ bd_name }}"
l3_out: "{{ l3_out }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
- Tenant and bridge domain must exist prior to using this module
Manages initial contracts (does not include contract subjs)
- Synopsis
- Options
- Examples
Manages contract resource
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| contract_name | yes | Name of the contract | ||
| tenant_name | yes | name of tenant this contract will be part of | ||
| priority | no | unspecified |
|
priority (qosclass) of contract |
| target | no | unspecified | Contract Target | |
| scope | no | context |
|
scope of contract |
| descr | no | description of contract |
aci_contract:
action: "{{ action }}"
contract_name: "{{ contract_name }}"
tenant_name: "{{ tenant_name }}"
priority: "{{ priority }}"
scope: "{{ scope }}"
target: "{{ target }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant must exist prior to using this module
Manages initial contracts subjects
- Synopsis
- Options
- Examples
Manages contract subjects
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| subject_name | yes | Contract Subject name | ||
| contract_name | yes | Name of the contract which will contain the subject | ||
| tenant_name | yes | name of tenant this contract will be part of | ||
| priority | no | unspecified |
|
priority (qosclass) of contract subject |
| reverse_filter | no | yes |
|
Enable or Disable Reverse Filter |
| target | no | unspecified | Contract subject Target | |
| filter_name | yes | name of the filter chain | ||
| directive | no | none |
|
Filter chain directive can be none and/or log |
| descr | no | description of contract subject |
aci_contract_subjects:
action: "{{ action }}"
subject_name: "{{ subject_name }}"
contract_name: "{{ contract_name }}"
tenant_name: "{{ tenant_name }}"
priority: "{{ priority }}"
reverse_filter: "{{ reverse_filter }}"
filter_name: "{{ filter_name }}"
directive: "{{ directive }}"
target: "{{ target }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant and contract must exist prior to using this module
Manage tenants in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage tenants
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of tenant | ||
| descr | no | description of tenant |
aci_tenant:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
Manage application network profile in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Application Network profiles
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of tenant the Application profile will be a part of | ||
| app_profile_name | yes | Name of the Application profile | ||
| descr | no | description of applciation profile |
aci_anp:
action: "{{ action }}"
app_profile_name: "{{ app_profile_name }}"
tenant_name: "{{ tenant_name }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant must exist prior to using this module
Manage end point groups in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage end point groups
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of tenant the Application profile will be a part of | ||
| app_profile_name | yes | Name of the Application profile the EPG will be a part of | ||
| epg_name | yes | Name of the end point group | ||
| descr | no | description of end point group | ||
| bd_name | yes | Bridge Domain the EPG is being associated with | ||
| priority | no | unspecified |
|
priority (qosclass) of epg |
| intra_epg_isolation | no | unenforced |
|
Intra EPG isolation |
| contract_type | no |
|
the type of contract being attached to the epg | |
| contract_name_provider | no | Name of the provider contract | ||
| priority_provider | no | unspecified |
|
priority (qosclass) of provider contract |
| contract_name_consumer | no | Name of the consumer contract | ||
| priority_consumer | no | unspecified |
|
priority (qosclass) of consumer contract |
aci_epg:
action: "{{ action }}"
epg_name: ""{{ epg_name }}"
app_profile_name: "{{ app_profile_name }}"
tenant_name: "{{ tenant_name }}"
bd_name: "{{ bd_name }}"
priority: "{{ priority }}"
contract_type: "{{ contract_type }}"
contract_name_provider: "{{ contract_name_provider }}"
contract_name_consumer: "{{ contract_name_consumer }}"
priority_provider: "{{ priority_provider }}"
priority_consumer: "{{ priority_consumer }}"
intra_epg_isolation: "{{ intra_epg_isolation }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant, Application Profile and Bridge Domain must exist prior to using this module
- Contract name and priority for Provider will only need to be provided if the contract type is provider/both
- Contract name and priority for Consumer will only need to be provided if the contract type is consumer/both
- Not entering the Contract type will create a EPG with BD associated without assigning contracts
Manage end point retention policy
- Synopsis
- Options
- Examples
Offers ability to manage end point retention policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of tenant the policy will be a part of | ||
| epr_name | yes | Name of the End point retention policy | ||
| descr | no | description of EPR | ||
| bounce_age | no | 630 | Bounce Entry Aging Interval in seconds | |
| hold_interval | no | 300 | hold interval in seconds | |
| local_ep_interval | no | 900 | Local end point aging interval in seconds | |
| remote_ep_interval | no | 300 | Remote end point aging interval in seconds | |
| move_frequency | no | 256 | Move Frequency per second |
aci_epr:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
epr_name: "{{ epr_name }}"
bounce_age: "{{ bounce_age }}"
hold_interval: "{{ hold_interval }}"
local_ep_interval: "{{ local_ep_interval }}"
remote_ep_interval: "{{ remote_ep_interval }}"
move_frequency: "{{ move_frequency }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
- Tenant must exist prior to using this module
Manage fiber channel policy in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage fiber channel policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| fc_policy | yes | Name of fiber channel policy | ||
| port_mode | no | f |
|
Port Mode |
| descr | no | description of fiber channel policy |
aci_fiber_channel_policy:
action: "{{ action }}"
fc_policy: "{{ fc_policy }}"
port_mode: "{{ port_mode }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage L2 Interface Policy in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage L2 interface Policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| l2_policy | yes | Name of L2 interface policy | ||
| vlan_scope | no | gloabl |
|
Scope of VLAN |
| descr | no | description of L2 interface policy |
aci_l2_interface_policy:
action: "{{ action }}"
l2_policy: "{{ l2_policy }}"
vlan_scope: "{{ vlan_policy }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage LLDP Interface Policy in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage LLDP interface policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| lldp_policy | yes | Name of LLDP interface policy | ||
| receive_state | no | enabled |
|
Receive State |
| transmit_state | no | enabled |
|
Transmit State |
| descr | no | description of LLDP interface policy |
aci_lldp_interface_policy:
action: "{{ action }}"
lldp_policy: "{{ lldp_policy }}"
receive_state: "{{ receive_state }}"
transmit_state: "{{ transmit_state }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage Login Domain for an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Login Domain
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| login_domain | yes | Name of Login Domain | ||
| descr | no | description of login domain |
aci_login_domain:
action: "{{ action }}"
login_domain: "{{ login_domain }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage monitoring policy in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Monitoring policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of tenant , the monitoring policy will be a part of | ||
| monitoring_policy | yes | Name of the monitoring policy | ||
| descr | no | description of Monitoring policy |
aci_monitoring_policy:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
monitoring_policy: "{{ monitoring_policy }}"
descr: "{{ descr }}"
host= "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
- Tenant must exist prior to using this module
Manage MCP Interface policy in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage MCP Interface Policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| mcp_interface | yes | Name of MCP interface policy | ||
| descr | no | description of MCP Interface policy | ||
| admin_state | no | enabled |
|
Enable or Disable admin state |
aci_mcp_interface:
action: "{{ action }}"
mcp_interface: "{{ mcp_interface }}"
admin_state: "{{ admin_state }}"
descr: "{{ descr }}
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol:"{{ protocol }}"
Manage Port Channel Interface in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Port channel interface
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| port_channel | yes | Name of the port channel interface | ||
| max_link | no | 16 | Maximum number of links [1-16] | |
| min_link | no | 1 | Mininum number of links [1-16] | |
| mode | no | off |
|
Mode of the port channel |
| descr | no | description of Port channel interface |
aci_port_channel_interface:
action: "{{ action }}"
port_channel: "{{ port_channel }}"
max_link: "{{ max_link }}"
min_link: "{{ min_link }}"
mode: "{{ mode }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage Port Security in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Port Security
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| port_security | yes | Name of the port security | ||
| max_end_points | no | 0 | Maximum number of end points allowed [0-12000] | |
| descr | no | description of Port Security |
aci_port_security:
action: "{{ action }}"
port_security: "{{ port_security }}"
max_end_points: "{{ max_end_points }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage Route Tag Policy in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Route Tag policy
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of the tenant, the RTP will be a part of | ||
| rtp_name | yes | Name of the Route Tag Policy | ||
| tag | no | 4294967295 | Tag for Route Tag Policy | |
| descr | no | description of Route Tag Policy |
aci_route_tag_policy:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
rtp_name: "{{ rtp_name }}"
tag: "{{ tag }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
- Tenant must exist before using this module
Manage SPAN Destination Group in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage SPAN Destination Group
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of the tenant, the SPAN destination group will be a part of | ||
| dst_group | yes | Name of the SPAN Destination Group | ||
| descr | no | description of SPAN Destination Group |
aci_span_dst_group:
action:"{{ action }}"
tenant_name:"{{ tenant_name }}"
dst_group:"{{ dst_group }}"
descr:"{{ descr }}"
host:"{{ inventory_hostname }}"
username:"{{ username }}"
password:"{{ password }}"
protocol: "{{ protocol }}"
- Tenant must exist before using this module
Manage SPAN Source Group in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage SPAN Source Group
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of the tenant, the SPAN source group will be a part of | ||
| src_group | yes | Name of the SPAN Source Group | ||
| dst_group | yes | Name of the SPAN Destination Group | ||
| admin_state | no | enabled |
|
Enable or Disable admin state |
| descr | no | description of SPAN Source Group |
aci_span_src_group:
action:"{{ action }}"
tenant_name:"{{ tenant_name }}"
src_group:"{{ src_group }}"
dst_group:"{{ dst_group }}"
admin_state:"{{ admin_state }}"
descr:"{{ descr }}"
host:"{{ inventory_hostname }}"
username:"{{ username }}"
password:"{{ password }}"
protocol: "{{ protocol }}"
- Tenant and SPAN destination group must exist before using this module
Manage Taboo Contracts in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Taboo Contracts
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of the tenant, the Taboo Contract will be a part of | ||
| taboo_contract | yes | Name of the Taboo Contract | ||
| descr | no | description of Taboo Contract |
aci_taboo_contracts:
action:"{{ action }}"
tenant_name:"{{ tenant_name }}"
taboo_contract:"{{ taboo_contract }}"
descr:"{{ descr }}"
host:"{{ inventory_hostname }}"
username:"{{ username }}"
password:"{{ password }}"
protocol: "{{ protocol }}"
- Tenant must exist before using this module
Manage Action Rule Profile in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Action Rule Profile
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of the tenant, the action rule profile will be a part of | ||
| action_rule_name | yes | Name of the Action Rule Profile | ||
| descr | no | description of Action Rule Profile |
aci_action_rule_profile:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
action_rule_name: "{{ action_rule_name }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
- Tenant must exist before using this module
Manage Attachable Entity Profile in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Attachable Entity Profile
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| aep_name | yes | Name of the Attachable Entity Profile | ||
| descr | no | description of Attachable Entity Profile |
aci_aep:
action: "{{ action }}"
aep_name: "{{ aep_name }}"
descr: "{{ descr }}"
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
protocol: "{{ protocol }}"
Manage Physical domain binding to EPGs in an ACI fabric
- Synopsis
- Options
- Examples
Offers ability to manage Physical domain binding to EPGs
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol |
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| tenant_name | yes | Name of the tenant, the EPG is a part of | ||
| app_profile_name | yes | Name of the Application profile that contains the EPG | ||
| epg_name | yes | Name of the EPG to which the Physical Domain will be associated | ||
| encap | yes | VLAN Encapsulation | ||
| domain | no | phys |
|
Domain type |
| domain_profile | yes | Name of the Physical domain profile | ||
| immediacy | no | immediate |
|
Immediacy |
aci_epg_domain_binding:
action: "{{ action }}"
tenant_name: "{{ tenant_name }}"
app_profile_name: "{{ app_profile_name }}"
epg_name: "{{ epg_name }}"
encap: 1
domain: "{{ domain }}"
domain_profile: "{{ domain_profile }}"
immediacy: "{{ immediacy }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
- Tenant , Application Profile and EPG must exist before using this module
Direct access to the APIC API
- Synopsis
- Options
- Examples
Offers direct access to the APIC API
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| username | yes | admin | Username used to login to the switch | |
| config_file | no | name of the absolute path of the filname that includes the body of the http request being sent to the ACI fabric | ||
| uri | yes | uri being used to execute API calls. Must end in .xml or .json | ||
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| action | yes |
|
Http verbs, i.e. Get, Post, or Delete | |
| protocol | no | https |
|
Dictates connection protocol to use |
| password | yes | Password used to login to the switch |
# add a tenant
- aci_rest:
action: post
uri: /api/mo/uni.xml
config_file: /home/cisco/ansible/aci/configs/aci_config.xml
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
# get tenants
- aci_rest:
action: get
uri: /api/node/class/fvTenant.json
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
# configure contracts
- aci_rest:
action: post
uri: /api/mo/uni.xml
config_file: /home/cisco/ansible/aci/configs/contract_config.xml
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
- Tenant must be exist prior to using this module
Fetch fabric topology data
- Synopsis
- Options
- Examples
Fetch fabric topolofy data specific to a node
| Parameter | required | default | choices | comments |
|---|---|---|---|---|
| host | yes | IP Address or hostname of APIC resolvable by Ansible control host | ||
| username | yes | admin | Username used to login to the switch | |
| password | yes | Password used to login to the switch | ||
| protocol | no | https |
|
Dictates connection protocol to use |
| node_id | yes | ID of the node whose details have been fetched | ||
| command | no | all |
|
Type of information being requested |
| level | no | brief |
|
MO query (brief) or Subtree query (detail) |
| filename | no | Name of the output text file to store the response from APIC for the request being made |
aci_fabric_inventory:
node_id: "{{ node_id }}"
command: "{{ command }}"
level: "{{ level }}"
filename: "{{ filename }}"
host: "{{ inventory_hostname }}"
username: "{{ user }}"
password: "{{ pass }}"
protocol: "{{ protocol }}"
Created by Cisco For: 2017