Documentation

aci_tenant_ep_retention_policy - Manage End Point (EP) retention protocol policies (fv:EpRetPol)

New in version 2.4.

Synopsis

  • Manage End Point (EP) retention protocol policies on Cisco ACI fabrics.

Parameters

Parameter
Choices/Defaults
Comments
bounce_age
Default:
630
Bounce Entry Aging Interval (range 150secs - 65535secs)
0 is used for infinite.
bounce_trigger
Default:
coop
Determines if the bounce entries are installed by RARP Flood or COOP Protocol.
The APIC defaults new End Point Retention Policies to coop.
certificate_name
The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.
It defaults to the private_key basename, without extension.

aliases: cert_name
description
Description for the End point rentention policy.

aliases: descr
epr_policy
The name of the end point retention policy.

aliases: epr_name, name
hold_interval
Default:
300
Hold Interval (range 5secs - 65535secs).
host
required
IP Address or hostname of APIC resolvable by Ansible control host.

aliases: hostname
local_ep_interval
Default:
900
Local end point Aging Interval (range 120secs - 65535secs).
0 is used for infinite.
move_frequency
Default:
256
Move frequency per second (range 0secs - 65535secs).
0 is used for none.
output_level
    Choices:
  • debug
  • info
  • normal ←
Influence the output of this ACI module.
normal means the standard output, incl. current dict
info adds informational output, incl. previous, proposed and sent dicts
debug adds debugging output, incl. filter_string, method, response, status and url information
password
required
The password to use for authentication.
This option is mutual exclusive with private_key. If private_key is provided too, it will be used instead.
port
Default:
443 (https), 80 (http)
Port number to be used for REST connection.
The default value depends on parameter `use_ssl`.
private_key
required
PEM formatted file that contains your private key to be used for signature-based authentication.
The name of the key (without extension) is used as the certificate name in ACI, unless certificate_name is specified.
This option is mutual exclusive with password. If password is provided too, it will be ignored.

aliases: cert_key
remote_ep_interval
Default:
300
Remote end point Aging Interval (range 120secs - 65535secs).
O is used for infinite.
state
    Choices:
  • absent
  • present ←
  • query
Use present or absent for adding or removing.
Use query for listing an object or multiple objects.
tenant
The name of an existing tenant.

aliases: tenant_name
timeout
Default:
30
The socket level timeout in seconds.
use_proxy
    Choices:
  • no
  • yes ←
If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
use_ssl
    Choices:
  • no
  • yes ←
If no, an HTTP connection will be used instead of the default HTTPS connection.
username
Default:
admin
The username to use for authentication.

aliases: user
validate_certs
    Choices:
  • no
  • yes ←
If no, SSL certificates will not be validated.
This should only set to no when used on personally controlled sites using self-signed certificates.

Notes

Note

Examples

- name: Add a new EPR policy
  aci_epr_policy:
    host: apic
    username: admin
    password: SomeSecretPassword
    tenant: production
    epr_policy: EPRPol1
    bounce_age: 630
    hold_interval: 300
    local_ep_interval: 900
    remote_ep_interval: 300
    move_frequency: 256
    description: test
    state: present

- name: Remove an EPR policy
  aci_epr_policy:
    host: apic
    username: admin
    password: SomeSecretPassword
    tenant: production
    epr_policy: EPRPol1
    state: absent

- name: Query an EPR policy
  aci_epr_policy:
    host: apic
    username: admin
    password: SomeSecretPassword
    tenant: production
    epr_policy: EPRPol1
    state: query

- name: Query all EPR policies
  aci_epr_policy:
    host: apic
    username: admin
    password: SomeSecretPassword
    state: query

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key
Returned
Description
current
list
success
The existing configuration from the APIC after the module has finished

Sample:
[{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production environment', 'nameAlias': '', 'ownerTag': ''}}}]
error
dict
failure
The error information as returned from the APIC

Sample:
{'text': 'unknown managed object class foo', 'code': '122'}
filter_string
string
failure or debug
The filter string used for the request

Sample:
?rsp-prop-include=config-only
method
string
failure or debug
The HTTP method used for the request to the APIC

Sample:
POST
previous
list
info
The original configuration from the APIC before the module has started

Sample:
[{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production', 'nameAlias': '', 'ownerTag': ''}}}]
proposed
dict
info
The assembled configuration from the user-provided parameters

Sample:
{'fvTenant': {'attributes': {'name': 'production', 'descr': 'Production environment'}}}
raw
string
parse error
The raw output returned by the APIC REST API (xml or json)

Sample:
<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>
response
string
failure or debug
The HTTP response from the APIC

Sample:
OK (30 bytes)
sent
list
info
The actual/minimal configuration pushed to the APIC

Sample:
{'fvTenant': {'attributes': {'descr': 'Production environment'}}}
status
int
failure or debug
The HTTP status from the APIC

Sample:
200
url
string
failure or debug
The HTTP url used for the request to the APIC

Sample:
https://10.11.12.13/api/mo/uni/tn-production.json


Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

  • Swetha Chunduri (@schunduri)

Hint

If you notice any issues in this documentation you can edit this document to improve it.