Skip to content
This repository has been archived by the owner on Jun 10, 2024. It is now read-only.

Network: ACI Community plan

Dag Wieers edited this page Jan 23, 2019 · 30 revisions

Github aci issues Github aci PRs

Bare facts for the connection plugin (ACI + MultiSite)

What basic facts do we need to add as part of the initial connection ? What hierarchical structure would best fit its use ?

  • Facts related to version information
  • Facts deemed highly important for operational decisions (playbook constructs)
  • Facts that don't change too often unexpectedly

ACI MultiSite TODO list

  • Integrated label handling (auto-add labels if they do not exist)
  • Persistent connection plugin for ACI MultiSite
  • Should we use "msc_" as the prefix ?
  • Review the current user interface
  • How will we manage schemas ?
  • Implement change-detection using Modified-header (instead of internal comparison)
  • Test the minimum requirement with the version
  • Known issues
    • MSC Error 400: Bad Request: Cannot Update - APIC Site ID for the new url entered does not match
    • Initial password reset

Needed modules

What ACI functionality would you prefer to see added as modules ?

  • aci_aaa_user_domain (aaa:UserDomain) -- @dagwieers
  • aci_aaa_user_role (aaa:UserRole) -- @dagwieers
  • aci_bd_dhcp_association
  • aci_taboo_contract_subject
  • aci_vmm_controller (vmm:CtrlrP)
  • your module here ?

Needed functionality

What use-cases do you have that require additional functionality ?

Configuration - Access Policies

  • Creating FEX profiles (NOT VERY COMMON)

Configuration - EPGs

  • Creating EPG Subnets(adding subnets to EPG on top, NOT COMMON)

Configuration - Networking

  • L3Out creation (VERY UNCOMMON) #37570
    • Logical Node Profiles (NOT COMMON)
    • Logical Interface Profiles (NOT COMMON)
    • Networks (adding/removing) (COMMON)
    • Contracts (adding/removing) (COMMON)

Configuration - inventory management addresses (COMMON)

(All these bullets are related when setting new switch up)

  • When putting new switch and setting in-band and OOB addresses (COMMON)
  • IP address Pools(COMMON)
  • Node management addresses (COMMON)
  • Managed mode connectivity groups (COMMON)
  • Updating of management addresses (VERY COMMON)

Configuration - protocol policies (Fabric policies)

  • Date/Time (NTP) Policy (NOT COMMON, one time fab setup)
  • SNMP Policy (NOT COMMON, one time fab setup)
  • TACACS Policy (NOT COMMON, one time fab setup)
  • BGP route reflectors (NOT COMMON, one time fab setup)
  • Syslog / Monitoring Destinations (NOT COMMON, one time fab setup)
  • DHCP Protocol Policy creation (NOT COMMON, one time)
  • DHCP relay applied to bridge domain (COMMON) (aci_bd_dhcp_association)
  • DNS - Global Policies (NOT COMMON, one time fab setup)

Operational - Queries

  • Query APIC Cluster health (COMMON) (@dagwieers) Wiki Docs
  • Find ip script (VERY COMMON --> used by IDO) -- (@brunocalogero @dagwieers)
  • Find all endpoints in Fabric or specific switch (COMMON)
  • Contract Checker (identifies all contracts between any two endpoints, source/destination and handles response(if policy allows them to talk or not)) (COMMON)
  • Checking if VLAN is in use (COMMON)
  • Query operations - DNQuery, ClassQuery (VERY COMMON)
  • Visore type queries/filters (VERY COMMON)
  • Endpoint lookups on leafs (COMMON)
  • Identification of stale tunnels (COMMON)
  • Interface CRC checks per switch(es) (COMMON)

Actions on Fabric

(Avoided in prod., mainly used in LAB)

  • Decommission APIC
  • Decommission Switch
  • Recommission Switch (pre-provision switch)
  • Disable port(s)
  • Enable port(s)
  • Reload switch
  • Reload APIC --> We have a playbook for this (@dagwieers)

ACI Lab Task041: Create NXOS ACI topology scenario 1

  • Create complex l3out (l3ext:Out)

ACI Lab Task073: SCVMM step03

  • Configure a VMM domain
    • (vmm:ProvP)
      • Create virtual domain (vmm:DomP)
        • Bind to VLAN pool (infra:RsVlanNs)
        • Adding VMM controller, e.g. SCVMM (vmm:CtrlrP)

(ARchived) Working groups

Working groups are now in the Ansible forum

Ansible project:
Community, Contributor Experience, Docs, News, Outreach, RelEng, Testing

Cloud:
AWS, Azure, CloudStack, Container, DigitalOcean, Docker, hcloud, Kubernetes, Linode, OpenStack, oVirt, Virt, VMware

Networking:
ACI, AVI, F5, Meraki, Network, NXOS

Ansible Developer Tools:
Ansible-developer-tools

Software:
Crypto, Foreman, GDrive, GitLab, Grafana, IPA, JBoss, MongoDB, MySQL, PostgreSQL, RabbitMQ, Zabbix

System:
AIX, BSD, HP-UX, macOS, Remote Management, Solaris, Windows

Security:
Security-Automation, Lockdown

Tooling:
AWX, Galaxy, Molecule

Communities

Modules:
unarchive, xml

Plugins:
httpapi

Wiki

Roles, Communication, Reviewing, Checklist, TODO

Clone this wiki locally