aci_vrf - Manage VRF (private networks aka. contexts) on Cisco ACI fabrics (fv:Ctx)
New in version 2.4.
Synopsis
- Manage VRF (private networks aka. contexts) on Cisco ACI fabrics.
- Each context is a private network associated to a tenant, i.e. VRF.
- More information from the internal APIC class fv:Ctx at https://developer.cisco.com/media/mim-ref/MO-fvCtx.html.
Requirements (on host that executes module)
- Tested with ACI Fabric 1.0(3f)+
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| description | no | The description for the VRF. | ||
| hostname | yes | IP Address or hostname of APIC resolvable by Ansible control host. aliases: host | ||
| password | yes | The password to use for authentication. | ||
| policy_control_direction | no |
| Determines if the policy should be enforced by the fabric on ingress or egress. | |
| policy_control_preference | no |
| Determines if the Fabric should enforce Contrac Policies. | |
| state | no | present |
| Use present or absent for adding or removing.Use query for listing an object or multiple objects. |
| tenant | no | The name of the Tenant the VRF should belong to. aliases: tenant_name | ||
| timeout | no | 30 | The socket level timeout in seconds. | |
| use_proxy | no | yes |
| If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts. |
| use_ssl | no | yes |
| If no, an HTTP connection will be used instead of the default HTTPS connection. |
| username | yes | admin | The username to use for authentication. aliases: user | |
| validate_certs | no | yes |
| If no, SSL certificates will not be validated.This should only set to no used on personally controlled sites using self-signed certificates. |
| vrf | no | The name of the VRF. aliases: context, name, vrf_name |
Examples
- name: Add a new VRF to a tenant
aci_vrf:
hostname: apic
username: admin
password: SomeSecretPassword
vrf: vrf_lab
tenant: lab_tenant
descr: Lab VRF
policy_control_preference: enforced
policy_control_direction: ingress
state: present
- name: Remove a VRF for a tenant
aci_vrf:
hostname: apic
username: admin
password: SomeSecretPassword
vrf: vrf_lab
tenant: lab_tenant
state: absent
- name: Query a VRF of a tenant
aci_vrf:
hostname: apic
username: admin
password: SomeSecretPassword
vrf: vrf_lab
tenant: lab_tenant
state: query
- name: Query all VRFs
aci_vrf:
hostname: apic
username: admin
password: SomeSecretPassword
state: query
Notes
Note
- The
tenantused must exist before using this module in your playbook. The aci_tenant module can be used for this. - By default, if an environment variable
<protocol>_proxyis set on the target host, requests will be sent through that proxy. This behaviour can be overridden by setting a variable for this task (see setting the environment), or by using theuse_proxyoption. - HTTP redirects can redirect from HTTP to HTTPS so you should be sure that your proxy environment for both protocols is correct.
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/aci_vrf_module.html