vmware_dvs_portgroup – Create or remove a Distributed vSwitch portgroup
New in version 2.0.
Synopsis
- Create or remove a Distributed vSwitch portgroup.
Requirements
The below requirements are needed on the host that executes this module.
- python >= 2.6
- PyVmomi
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| hostname
string
|
The hostname or IP address of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable
VMWARE_HOST will be used instead.
Environment variable support added in Ansible 2.6.
|
|
| network_policy
-
added in 2.5
|
Default:
{"forged_transmits": false, "mac_changes": false, "promiscuous": false}
|
Dictionary which configures the different security values for portgroup.
Valid attributes are:
-
promiscuous (bool): indicates whether promiscuous mode is allowed. (default: false)
-
forged_transmits (bool): indicates whether forged transmits are allowed. (default: false)
- mac_changes (bool): indicates whether mac changes are allowed. (default: false)
|
| num_ports
- / required
|
The number of ports the portgroup should contain.
|
|
| password
string
|
The password of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable
VMWARE_PASSWORD will be used instead.
Environment variable support added in Ansible 2.6.
aliases: pass, pwd |
|
| port
integer
added in 2.5
|
Default:
443
|
The port number of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable
VMWARE_PORT will be used instead.
Environment variable support added in Ansible 2.6.
|
| port_policy
-
added in 2.5
|
Default:
{"block_override": true, "ipfix_override": false, "live_port_move": false, "network_rp_override": false, "port_config_reset_at_disconnect": true, "security_override": false, "shaping_override": false, "traffic_filter_override": false, "uplink_teaming_override": false, "vendor_config_override": false, "vlan_override": false}
|
Dictionary which configures the advanced policy settings for the portgroup.
Valid attributes are:
-
block_override (bool): indicates if the block policy can be changed per port. (default: true)
-
ipfix_override (bool): indicates if the ipfix policy can be changed per port. (default: false)
-
live_port_move (bool): indicates if a live port can be moved in or out of the portgroup. (default: false)
-
network_rp_override (bool): indicates if the network resource pool can be changed per port. (default: false)
-
port_config_reset_at_disconnect (bool): indicates if the configuration of a port is reset automatically after disconnect. (default: true)
-
security_override (bool): indicates if the security policy can be changed per port. (default: false)
-
shaping_override (bool): indicates if the shaping policy can be changed per port. (default: false)
-
traffic_filter_override (bool): indicates if the traffic filter can be changed per port. (default: false)
-
uplink_teaming_override (bool): indicates if the uplink teaming policy can be changed per port. (default: false)
-
vendor_config_override (bool): indicates if the vendor config can be changed per port. (default: false)
- vlan_override (bool): indicates if the vlan can be changed per port. (default: false)
|
| portgroup_name
- / required
|
The name of the portgroup that is to be created or deleted.
|
|
| portgroup_type
- / required
|
|
See VMware KB 1022312 regarding portgroup types.
|
| state
string / required
added in 2.5
|
|
Determines if the portgroup should be present or not.
|
| switch_name
- / required
|
The name of the distributed vSwitch the port group should be created on.
|
|
| teaming_policy
-
added in 2.5
|
Default:
{"inbound_policy": false, "load_balance_policy": "loadbalance_srcid", "notify_switches": true, "rolling_order": false}
|
Dictionary which configures the different teaming values for portgroup.
Valid attributes are:
-
load_balance_policy (string): Network adapter teaming policy. (default: loadbalance_srcid)
- choices: [ loadbalance_ip, loadbalance_srcmac, loadbalance_srcid, loadbalance_loadbased, failover_explicit]
- "loadbalance_loadbased" is available from version 2.6 and onwards
-
inbound_policy (bool): Indicate whether or not the teaming policy is applied to inbound frames as well. (default: False)
-
notify_switches (bool): Indicate whether or not to notify the physical switch if a link fails. (default: True)
- rolling_order (bool): Indicate whether or not to use a rolling policy when restoring links. (default: False)
|
| username
string
|
The username of the vSphere vCenter or ESXi server.
If the value is not specified in the task, the value of environment variable
VMWARE_USER will be used instead.
Environment variable support added in Ansible 2.6.
aliases: admin, user |
|
| validate_certs
boolean
|
|
Allows connection when SSL certificates are not valid. Set to
false when certificates are not trusted.
If the value is not specified in the task, the value of environment variable
VMWARE_VALIDATE_CERTS will be used instead.
Environment variable support added in Ansible 2.6.
If set to yes, please make sure Python >= 2.7.9 is installed on the given machine.
|
| vlan_id
- / required
|
The VLAN ID that should be configured with the portgroup, use 0 for no VLAN.
If
vlan_trunk is configured to be true, this can be a combination of multiple ranges and numbers, example: 1-200, 205, 400-4094.
The valid vlan_id range is from 0 to 4094. Overlapping ranges are allowed.
|
|
| vlan_trunk
boolean
added in 2.5
|
|
Indicates whether this is a VLAN trunk or not.
|
Notes
Note
- Tested on vSphere 5.5
- Tested on vSphere 6.5
Examples
- name: Create vlan portgroup
vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: vlan-123-portrgoup
switch_name: dvSwitch
vlan_id: 123
num_ports: 120
portgroup_type: earlyBinding
state: present
delegate_to: localhost
- name: Create vlan trunk portgroup
vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: vlan-trunk-portrgoup
switch_name: dvSwitch
vlan_id: 1-1000, 1005, 1100-1200
vlan_trunk: True
num_ports: 120
portgroup_type: earlyBinding
state: present
delegate_to: localhost
- name: Create no-vlan portgroup
vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: no-vlan-portrgoup
switch_name: dvSwitch
vlan_id: 0
num_ports: 120
portgroup_type: earlyBinding
state: present
delegate_to: localhost
- name: Create vlan portgroup with all security and port policies
vmware_dvs_portgroup:
hostname: '{{ vcenter_hostname }}'
username: '{{ vcenter_username }}'
password: '{{ vcenter_password }}'
portgroup_name: vlan-123-portrgoup
switch_name: dvSwitch
vlan_id: 123
num_ports: 120
portgroup_type: earlyBinding
state: present
network_policy:
promiscuous: yes
forged_transmits: yes
mac_changes: yes
port_policy:
block_override: yes
ipfix_override: yes
live_port_move: yes
network_rp_override: yes
port_config_reset_at_disconnect: yes
security_override: yes
shaping_override: yes
traffic_filter_override: yes
uplink_teaming_override: yes
vendor_config_override: yes
vlan_override: yes
delegate_to: localhost
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Joseph Callen (@jcpowermac)
- Philippe Dellaert (@pdellaert) <philippe@dellaert.org>
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/vmware_dvs_portgroup_module.html