New in version 2.4.
Parameter |
Choices/Defaults |
Comments |
---|---|---|
ap
required |
|
Name of an existing application network profile, that will contain the EPGs.
aliases: app_profile, app_profile_name |
bd
required |
|
Name of the bridge domain being associated with the EPG.
aliases: bd_name, bridge_domain |
certificate_name
|
|
The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.
It defaults to the
private_key basename, without extension.aliases: cert_name |
description
|
|
Description for the EPG.
aliases: descr |
epg
required |
|
Name of the end point group.
aliases: epg_name, name |
fwd_control
|
|
The forwarding control used by the EPG.
The APIC defaults new EPGs to
none . |
host
required |
|
IP Address or hostname of APIC resolvable by Ansible control host.
aliases: hostname |
intra_epg_isolation
|
|
Intra EPG Isolation.
|
output_level
|
|
Influence the output of this ACI module.
normal means the standard output, incl. current dictinfo adds informational output, incl. previous , proposed and sent dictsdebug adds debugging output, incl. filter_string , method , response , status and url information |
password
required |
|
The password to use for authentication.
This option is mutual exclusive with
private_key . If private_key is provided too, it will be used instead. |
port
|
Default:
443 (https), 80 (http)
|
Port number to be used for REST connection.
The default value depends on parameter `use_ssl`.
|
preferred_group
(added in 2.5) |
|
Whether ot not the EPG is part of the Preferred Group and can communicate without contracts.
This is very convenient for migration scenarios, or when ACI is used for network automation but not for policy.
|
priority
|
|
QoS class.
|
private_key
required |
|
PEM formatted file that contains your private key to be used for signature-based authentication.
The name of the key (without extension) is used as the certificate name in ACI, unless
certificate_name is specified.This option is mutual exclusive with
password . If password is provided too, it will be ignored.aliases: cert_key |
state
|
|
Use
present or absent for adding or removing.Use
query for listing an object or multiple objects. |
tenant
|
|
Name of an existing tenant.
aliases: tenant_name |
timeout
|
Default:
30
|
The socket level timeout in seconds.
|
use_proxy
|
|
If
no , it will not use a proxy, even if one is defined in an environment variable on the target hosts. |
use_ssl
|
|
If
no , an HTTP connection will be used instead of the default HTTPS connection. |
username
|
Default:
admin
|
The username to use for authentication.
aliases: user |
validate_certs
|
|
If
no , SSL certificates will not be validated.This should only set to
no when used on personally controlled sites using self-signed certificates. |
Note
- name: Add a new EPG
aci_epg:
host: apic
username: admin
password: SomeSecretPassword
tenant: production
ap: intranet
epg: web_epg
description: Web Intranet EPG
bd: prod_bd
preferred_group: yes
- aci_epg:
host: apic
username: admin
password: SomeSecretPassword
tenant: production
ap: ticketing
epg: "{{ item.epg }}"
description: Ticketing EPG
bd: "{{ item.bd }}"
priority: unspecified
intra_epg_isolation: unenforced
state: present
with_items:
- epg: web
bd: web_bd
- epg: database
bd: database_bd
- name: Remove an EPG
aci_epg:
host: apic
username: admin
password: SomeSecretPassword
validate_certs: no
tenant: production
app_profile: intranet
epg: web_epg
state: absent
- name: Query an EPG
aci_epg:
host: apic
username: admin
password: SomeSecretPassword
tenant: production
ap: ticketing
epg: web_epg
state: query
- name: Query all EPGs
aci_epg:
host: apic
username: admin
password: SomeSecretPassword
state: query
- name: Query all EPGs with a Specific Name
aci_epg:
host: apic
username: admin
password: SomeSecretPassword
validate_certs: no
epg: web_epg
state: query
- name: Query all EPGs of an App Profile
aci_epg:
host: apic
username: admin
password: SomeSecretPassword
validate_certs: no
ap: ticketing
state: query
Common return values are documented here, the following are the fields unique to this module:
Key |
Returned |
Description |
---|---|---|
current
list
|
success |
The existing configuration from the APIC after the module has finished
Sample:
[{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production environment', 'nameAlias': '', 'ownerTag': ''}}}]
|
error
dict
|
failure |
The error information as returned from the APIC
Sample:
{'text': 'unknown managed object class foo', 'code': '122'}
|
filter_string
string
|
failure or debug |
The filter string used for the request
Sample:
?rsp-prop-include=config-only
|
method
string
|
failure or debug |
The HTTP method used for the request to the APIC
Sample:
POST
|
previous
list
|
info |
The original configuration from the APIC before the module has started
Sample:
[{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production', 'nameAlias': '', 'ownerTag': ''}}}]
|
proposed
dict
|
info |
The assembled configuration from the user-provided parameters
Sample:
{'fvTenant': {'attributes': {'name': 'production', 'descr': 'Production environment'}}}
|
raw
string
|
parse error |
The raw output returned by the APIC REST API (xml or json)
Sample:
<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>
|
response
string
|
failure or debug |
The HTTP response from the APIC
Sample:
OK (30 bytes)
|
sent
list
|
info |
The actual/minimal configuration pushed to the APIC
Sample:
{'fvTenant': {'attributes': {'descr': 'Production environment'}}}
|
status
int
|
failure or debug |
The HTTP status from the APIC
Sample:
200
|
url
string
|
failure or debug |
The HTTP url used for the request to the APIC
Sample:
https://10.11.12.13/api/mo/uni/tn-production.json
|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.