aci_bd - Manage Bridge Domains (BD) objects (fv:BD)
New in version 2.4.
Synopsis
- Manages Bridge Domains (BD) on Cisco ACI fabrics.
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| arp_flooding |
|
Determines if the Bridge Domain should flood ARP traffic.
The APIC defaults new Bridge Domains to no.
|
| bd |
The name of the Bridge Domain.
aliases: bd_name, name |
|
| bd_type |
|
The type of traffic on the Bridge Domain.
The APIC defaults new Bridge Domains to ethernet.
|
| certificate_name | Default:
C(private_key) basename
|
The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.
It defaults to the
private_key basename, without extension.
aliases: cert_name |
| description |
Description for the Bridge Domain.
|
|
| enable_multicast |
|
Determines if PIM is enabled
The APIC defaults new Bridge Domains to no.
|
| enable_routing |
|
Determines if IP forwarding should be allowed.
The APIC defaults new Bridge Domains to yes.
|
| endpoint_clear |
|
Clears all End Points in all Leaves when
yes.
The APIC defaults new Bridge Domains to
no.
The value is not reset to disabled once End Points have been cleared; that requires a second task.
|
| endpoint_move_detect |
|
Determines if GARP should be enabled to detect when End Points move.
The APIC defaults new Bridge Domains to garp.
|
| endpoint_retention_action |
|
Determines if the Bridge Domain should inherit or resolve the End Point Retention Policy.
The APIC defaults new Bridge Domain to End Point Retention Policies to resolve.
|
| endpoint_retention_policy |
The name of the End Point Retention Policy the Bridge Domain should use when overriding the default End Point Retention Policy.
|
|
| host
required
|
IP Address or hostname of APIC resolvable by Ansible control host.
aliases: hostname |
|
| igmp_snoop_policy |
The name of the IGMP Snooping Policy the Bridge Domain should use when overriding the default IGMP Snooping Policy.
|
|
| ip_learning |
|
Determines if the Bridge Domain should learn End Point IPs.
The APIC defaults new Bridge Domains to yes.
|
| ipv6_nd_policy |
The name of the IPv6 Neighbor Discovery Policy the Bridge Domain should use when overridding the default IPV6 ND Policy.
|
|
| l2_unknown_unicast |
|
Determines what forwarding method to use for unknown l2 destinations.
The APIC defaults new Bridge domains to proxy.
|
| l3_unknown_multicast |
|
Determines the forwarding method to use for unknown multicast destinations.
The APCI defaults new Bridge Domains to flood.
|
| limit_ip_learn |
|
Determines if the BD should limit IP learning to only subnets owned by the Bridge Domain.
The APIC defaults new Bridge Domains to yes.
|
| mac_address
(added in 2.5)
|
Default:
00:22:BD:F8:19:FF
|
The MAC Address to assign to the
bd instead of using the default.
aliases: mac |
| multi_dest |
|
Determines the forwarding method for L2 multicast, broadcast, and link layer traffic.
The APIC defaults new Bridge Domains to bd-flood.
|
| output_level |
|
Influence the output of this ACI module.
normal means the standard output, incl. current dict
info means informational output, incl. previous, proposed and sent dicts
debug means debugging output, incl. filter_string, method, response, status and url information
|
| password
required
|
The password to use for authentication.
|
|
| port | Default:
443 (for https) and 80 (for http)
|
Port number to be used for REST connection.
|
| private_key |
PEM formatted file that contains your private key to be used for signature-based authentication.
The name of the key (without extension) is used as the certificate name in ACI, unless
certificate_name is specified.
aliases: cert_key |
|
| state |
|
Use
present or absent for adding or removing.
Use query for listing an object or multiple objects.
|
| tenant |
The name of the Tenant.
aliases: tenant_name |
|
| timeout | Default:
30
|
The socket level timeout in seconds.
|
| use_proxy |
|
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
|
| use_ssl |
|
If no, an HTTP connection will be used instead of the default HTTPS connection.
|
| username
required
|
Default:
admin
|
The username to use for authentication.
aliases: user |
| validate_certs |
|
If
no, SSL certificates will not be validated.
This should only set to no used on personally controlled sites using self-signed certificates.
|
| vrf |
The name of the VRF.
aliases: vrf_name |
Notes
Note
- The
tenantused must exist before using this module in your playbook. The aci_tenant module can be used for this. - More information about the internal APIC class fv:BD from the APIC Management Information Model reference.
- By default, if an environment variable
<protocol>_proxyis set on the target host, requests will be sent through that proxy. This behaviour can be overridden by setting a variable for this task (see setting the environment), or by using theuse_proxyoption. - HTTP redirects can redirect from HTTP to HTTPS so you should be sure that your proxy environment for both protocols is correct.
Examples
- name: Add Bridge Domain
aci_bd:
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: no
state: present
tenant: prod
bd: web_servers
mac_address: 00:22:BD:F8:19:FE
vrf: prod_vrf
- name: Add an FC Bridge Domain
aci_bd:
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: no
state: present
tenant: prod
bd: storage
bd_type: fc
vrf: fc_vrf
enable_routing: no
- name: Modify a Bridge Domain
aci_bd:
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: yes
state: present
tenant: prod
bd: web_servers
arp_flooding: yes
l2_unknown_unicast: flood
- name: Query All Bridge Domains
aci_bd:
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: yes
state: query
- name: Query a Bridge Domain
aci_bd:
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: yes
state: query
tenant: prod
bd: web_servers
- name: Delete a Bridge Domain
aci_bd:
host: "{{ inventory_hostname }}"
username: "{{ username }}"
password: "{{ password }}"
validate_certs: yes
state: absent
tenant: prod
bd: web_servers
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| current
list
|
success |
The existing configuration from the APIC after the module has finished
Sample:
[{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production environment', 'nameAlias': '', 'ownerTag': ''}}}]
|
| error
dict
|
failure |
The error information as returned from the APIC
Sample:
{'text': 'unknown managed object class foo', 'code': '122'}
|
| filter_string
string
|
failure or debug |
The filter string used for the request
Sample:
?rsp-prop-include=config-only
|
| method
string
|
failure or debug |
The HTTP method used for the request to the APIC
Sample:
POST
|
| previous
list
|
info |
The original configuration from the APIC before the module has started
Sample:
[{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production', 'nameAlias': '', 'ownerTag': ''}}}]
|
| proposed
dict
|
info |
The assembled configuration from the user-provided parameters
Sample:
{'fvTenant': {'attributes': {'name': 'production', 'descr': 'Production environment'}}}
|
| raw
string
|
parse error |
The raw output returned by the APIC REST API (xml or json)
Sample:
<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>
|
| response
string
|
failure or debug |
The HTTP response from the APIC
Sample:
OK (30 bytes)
|
| sent
list
|
info |
The actual/minimal configuration pushed to the APIC
Sample:
{'fvTenant': {'attributes': {'descr': 'Production environment'}}}
|
| status
int
|
failure or debug |
The HTTP status from the APIC
Sample:
200
|
| url
string
|
failure or debug |
The HTTP url used for the request to the APIC
Sample:
https://10.11.12.13/api/mo/uni/tn-production.json
|
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Author
- Jacob McGill (@jmcgill298)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/aci_bd_module.html