aci_vrf - Manage contexts or VRFs (fv:Ctx)

New in version 2.4.

Synopsis
Parameters
Notes
Examples
Return Values
Status
- Author

Synopsis

Manage contexts or VRFs on Cisco ACI fabrics.
Each context is a private network associated to a tenant, i.e. VRF.

Parameters

Parameter	Choices/Defaults	Comments
certificate_name	Default: C(private_key) basename	The X.509 certificate name attached to the APIC AAA user used for signature-based authentication. It defaults to the `private_key` basename, without extension. aliases: cert_name
description		The description for the VRF. aliases: descr
host required		IP Address or hostname of APIC resolvable by Ansible control host. aliases: hostname
output_level	Choices: debug info normal ←	Influence the output of this ACI module. `normal` means the standard output, incl. `current` dict `info` means informational output, incl. `previous`, `proposed` and `sent` dicts `debug` means debugging output, incl. `filter_string`, `method`, `response`, `status` and `url` information
password required		The password to use for authentication.
policy_control_direction	Choices: egress ingress	Determines if the policy should be enforced by the fabric on ingress or egress.
policy_control_preference	Choices: enforced unenforced	Determines if the Fabric should enforce Contrac Policies.
port	Default: 443 (for https) and 80 (for http)	Port number to be used for REST connection.
private_key		PEM formatted file that contains your private key to be used for signature-based authentication. The name of the key (without extension) is used as the certificate name in ACI, unless `certificate_name` is specified. aliases: cert_key
state	Choices: absent present ← query	Use `present` or `absent` for adding or removing. Use `query` for listing an object or multiple objects.
tenant		The name of the Tenant the VRF should belong to. aliases: tenant_name
timeout	Default: 30	The socket level timeout in seconds.
use_proxy	Choices: no yes ←	If `no`, it will not use a proxy, even if one is defined in an environment variable on the target hosts.
use_ssl	Choices: no yes ←	If `no`, an HTTP connection will be used instead of the default HTTPS connection.
username required	Default: admin	The username to use for authentication. aliases: user
validate_certs	Choices: no yes ←	If `no`, SSL certificates will not be validated. This should only set to `no` used on personally controlled sites using self-signed certificates.
vrf		The name of the VRF. aliases: context, name, vrf_name

Notes

Note

The tenant used must exist before using this module in your playbook. The aci_tenant module can be used for this.
More information about the internal APIC class fv:Ctx from the APIC Management Information Model reference.
By default, if an environment variable <protocol>_proxy is set on the target host, requests will be sent through that proxy. This behaviour can be overridden by setting a variable for this task (see setting the environment), or by using the use_proxy option.
HTTP redirects can redirect from HTTP to HTTPS so you should be sure that your proxy environment for both protocols is correct.

Examples

- name: Add a new VRF to a tenant
  aci_vrf:
    host: apic
    username: admin
    password: SomeSecretPassword
    vrf: vrf_lab
    tenant: lab_tenant
    descr: Lab VRF
    policy_control_preference: enforced
    policy_control_direction: ingress
    state: present

- name: Remove a VRF for a tenant
  aci_vrf:
    host: apic
    username: admin
    password: SomeSecretPassword
    vrf: vrf_lab
    tenant: lab_tenant
    state: absent

- name: Query a VRF of a tenant
  aci_vrf:
    host: apic
    username: admin
    password: SomeSecretPassword
    vrf: vrf_lab
    tenant: lab_tenant
    state: query

- name: Query all VRFs
  aci_vrf:
    host: apic
    username: admin
    password: SomeSecretPassword
    state: query

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
current list	success	The existing configuration from the APIC after the module has finished Sample: [{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production environment', 'nameAlias': '', 'ownerTag': ''}}}]
error dict	failure	The error information as returned from the APIC Sample: {'text': 'unknown managed object class foo', 'code': '122'}
filter_string string	failure or debug	The filter string used for the request Sample: ?rsp-prop-include=config-only
method string	failure or debug	The HTTP method used for the request to the APIC Sample: POST
previous list	info	The original configuration from the APIC before the module has started Sample: [{'fvTenant': {'attributes': {'dn': 'uni/tn-production', 'ownerKey': '', 'name': 'production', 'descr': 'Production', 'nameAlias': '', 'ownerTag': ''}}}]
proposed dict	info	The assembled configuration from the user-provided parameters Sample: {'fvTenant': {'attributes': {'name': 'production', 'descr': 'Production environment'}}}
raw string	parse error	The raw output returned by the APIC REST API (xml or json) Sample: <?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>
response string	failure or debug	The HTTP response from the APIC Sample: OK (30 bytes)
sent list	info	The actual/minimal configuration pushed to the APIC Sample: {'fvTenant': {'attributes': {'descr': 'Production environment'}}}
status int	failure or debug	The HTTP status from the APIC Sample: 200
url string	failure or debug	The HTTP url used for the request to the APIC Sample: https://10.11.12.13/api/mo/uni/tn-production.json

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

Jacob McGill (@jmcgill298)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/aci_vrf_module.html