aci_bd - Manage Bridge Domains (BD) objects (fv:BD)

New in version 2.4.

Synopsis
Parameters
Notes
Examples
Return Values
Status
- Author

Synopsis

Manages Bridge Domains (BD) on Cisco ACI fabrics.

Parameters

Parameter	Choices/Defaults	Comments
arp_flooding	Choices: no ← yes	Determines if the Bridge Domain should flood ARP traffic. The APIC defaults new Bridge Domains to `no`.
bd		The name of the Bridge Domain. aliases: bd_name, name
bd_type	Choices: ethernet ← fc	The type of traffic on the Bridge Domain. The APIC defaults new Bridge Domains to `ethernet`.
certificate_name	Default: C(private_key) basename	The X.509 certificate name attached to the APIC AAA user used for signature-based authentication. It defaults to the `private_key` basename, without extension. aliases: cert_name
description		Description for the Bridge Domain.
enable_multicast	Choices: no ← yes	Determines if PIM is enabled The APIC defaults new Bridge Domains to `no`.
enable_routing	Choices: no yes ←	Determines if IP forwarding should be allowed. The APIC defaults new Bridge Domains to `yes`.
endpoint_clear	Choices: no ← yes	Clears all End Points in all Leaves when `yes`. The APIC defaults new Bridge Domains to `no`. The value is not reset to disabled once End Points have been cleared; that requires a second task.
endpoint_move_detect	Choices: default garp ←	Determines if GARP should be enabled to detect when End Points move. The APIC defaults new Bridge Domains to `garp`.
endpoint_retention_action	Choices: inherit resolve ←	Determines if the Bridge Domain should inherit or resolve the End Point Retention Policy. The APIC defaults new Bridge Domain to End Point Retention Policies to `resolve`.
endpoint_retention_policy		The name of the End Point Retention Policy the Bridge Domain should use when overriding the default End Point Retention Policy.
host required		IP Address or hostname of APIC resolvable by Ansible control host. aliases: hostname
igmp_snoop_policy		The name of the IGMP Snooping Policy the Bridge Domain should use when overriding the default IGMP Snooping Policy.
ip_learning	Choices: no yes	Determines if the Bridge Domain should learn End Point IPs. The APIC defaults new Bridge Domains to `yes`.
ipv6_nd_policy		The name of the IPv6 Neighbor Discovery Policy the Bridge Domain should use when overridding the default IPV6 ND Policy.
l2_unknown_unicast	Choices: proxy ← flood	Determines what forwarding method to use for unknown l2 destinations. The APIC defaults new Bridge domains to `proxy`.
l3_unknown_multicast	Choices: flood ← opt-flood	Determines the forwarding method to use for unknown multicast destinations. The APCI defaults new Bridge Domains to `flood`.
limit_ip_learn	Choices: no yes ←	Determines if the BD should limit IP learning to only subnets owned by the Bridge Domain. The APIC defaults new Bridge Domains to `yes`.
mac_address (added in 2.5)	Default: 00:22:BD:F8:19:FF	The MAC Address to assign to the `bd` instead of using the default. aliases: mac
multi_dest	Choices: bd-flood ← drop encap-flood	Determines the forwarding method for L2 multicast, broadcast, and link layer traffic. The APIC defaults new Bridge Domains to `bd-flood`.
output_level	Choices: debug info normal ←	Influence the output of this ACI module. `normal` means the standard output, incl. `current` dict `info` means informational output, incl. `previous`, `proposed` and `sent` dicts `debug` means debugging output, incl. `filter_string`, `method`, `response`, `status` and `url` information
password required		The password to use for authentication.
port	Default: 443 (for https) and 80 (for http)	Port number to be used for REST connection.
private_key		PEM formatted file that contains your private key to be used for signature-based authentication. The name of the key (without extension) is used as the certificate name in ACI, unless `certificate_name` is specified. aliases: cert_key
state	Choices: absent present ← query	Use `present` or `absent` for adding or removing. Use `query` for listing an object or multiple objects.
tenant		The name of the Tenant. aliases: tenant_name
timeout	Default: 30	The socket level timeout in seconds.
use_proxy	Choices: no yes ←	If `no`, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
use_ssl	Choices: no yes ←	If `no`, an HTTP connection will be used instead of the default HTTPS connection.
username required	Default: admin	The username to use for authentication. aliases: user
validate_certs	Choices: no yes ←	If `no`, SSL certificates will not be validated. This should only set to `no` used on personally controlled sites using self-signed certificates.
vrf		The name of the VRF. aliases: vrf_name

Notes

Note

The tenant used must exist before using this module in your playbook. The aci_tenant module can be used for this.
More information about the internal APIC class fv:BD from the APIC Management Information Model reference.
By default, if an environment variable <protocol>_proxy is set on the target host, requests will be sent through that proxy. This behaviour can be overridden by setting a variable for this task (see setting the environment), or by using the use_proxy option.
HTTP redirects can redirect from HTTP to HTTPS so you should be sure that your proxy environment for both protocols is correct.

Examples

- name: Add Bridge Domain
  aci_bd:
    host: "{{ inventory_hostname }}"
    username: "{{ username }}"
    password: "{{ password }}"
    validate_certs: no
    state: present
    tenant: prod
    bd: web_servers
    mac_address: 00:22:BD:F8:19:FE
    vrf: prod_vrf

- name: Add an FC Bridge Domain
  aci_bd:
    host: "{{ inventory_hostname }}"
    username: "{{ username }}"
    password: "{{ password }}"
    validate_certs: no
    state: present
    tenant: prod
    bd: storage
    bd_type: fc
    vrf: fc_vrf
    enable_routing: no

- name: Modify a Bridge Domain
  aci_bd:
    host: "{{ inventory_hostname }}"
    username: "{{ username }}"
    password: "{{ password }}"
    validate_certs: yes
    state: present
    tenant: prod
    bd: web_servers
    arp_flooding: yes
    l2_unknown_unicast: flood

- name: Query All Bridge Domains
  aci_bd:
    host: "{{ inventory_hostname }}"
    username: "{{ username }}"
    password: "{{ password }}"
    validate_certs: yes
    state: query

- name: Query a Bridge Domain
  aci_bd:
    host: "{{ inventory_hostname }}"
    username: "{{ username }}"
    password: "{{ password }}"
    validate_certs: yes
    state: query
    tenant: prod
    bd: web_servers

- name: Delete a Bridge Domain
  aci_bd:
    host: "{{ inventory_hostname }}"
    username: "{{ username }}"
    password: "{{ password }}"
    validate_certs: yes
    state: absent
    tenant: prod
    bd: web_servers

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
current list	success	The existing configuration from the APIC after the module has finished Sample: [{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production environment', 'nameAlias': '', 'ownerTag': ''}}}]
error dict	failure	The error information as returned from the APIC Sample: {'text': 'unknown managed object class foo', 'code': '122'}
filter_string string	failure or debug	The filter string used for the request Sample: ?rsp-prop-include=config-only
method string	failure or debug	The HTTP method used for the request to the APIC Sample: POST
previous list	info	The original configuration from the APIC before the module has started Sample: [{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production', 'nameAlias': '', 'ownerTag': ''}}}]
proposed dict	info	The assembled configuration from the user-provided parameters Sample: {'fvTenant': {'attributes': {'name': 'production', 'descr': 'Production environment'}}}
raw string	parse error	The raw output returned by the APIC REST API (xml or json) Sample: <?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>
response string	failure or debug	The HTTP response from the APIC Sample: OK (30 bytes)
sent list	info	The actual/minimal configuration pushed to the APIC Sample: {'fvTenant': {'attributes': {'descr': 'Production environment'}}}
status int	failure or debug	The HTTP status from the APIC Sample: 200
url string	failure or debug	The HTTP url used for the request to the APIC Sample: https://10.11.12.13/api/mo/uni/tn-production.json

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

Jacob McGill (@jmcgill298)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/aci_bd_module.html