cisco.intersight.intersight_switch_control_policy module – Switch Control Policy configuration for Cisco Intersight

Note

This module is part of the cisco.intersight collection (version 2.12.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.intersight.

To use it in a playbook, specify: cisco.intersight.intersight_switch_control_policy.

Synopsis

  • Manages Switch Control Policy configuration on Cisco Intersight.

  • A policy to configure switching modes, VLAN optimization, MAC address aging, and UDLD settings for Cisco Intersight managed fabric interconnects.

  • For more information see Cisco Intersight.

Parameters

Parameter

Comments

api_key_id

string / required

Public API Key ID associated with the private key.

If not set, the value of the INTERSIGHT_API_KEY_ID environment variable is used.

api_private_key

path / required

Filename (absolute path) or string of PEM formatted private key data to be used for Intersight API authentication.

If a string is used, Ansible vault should be used to encrypt string data.

Ex. ansible-vault encrypt_string --vault-id tme@/Users/dsoper/Documents/vault_password_file ‘-----BEGIN EC PRIVATE KEY-----

<your private key data>

-----END EC PRIVATE KEY-----’

If not set, the value of the INTERSIGHT_API_PRIVATE_KEY environment variable is used.

api_uri

string

URI used to access the Intersight API.

If not set, the value of the INTERSIGHT_API_URI environment variable is used.

Default: "https://intersight.com/api/v1"

description

aliases: descr

string

The user-defined description for the Switch Control Policy.

Description can contain letters(a-z, A-Z), numbers(0-9), hyphen(-), period(.), colon(:), or an underscore(_).

ethernet_switching_mode

string

Enable or Disable Ethernet End Host Switching Mode.

Ethernet End Host Switching Mode is not applicable for Unified Edge; the value defaults to Ethernet Switch Mode.

end-host - Ethernet End Host Switching Mode (default).

switch - Ethernet Switch Mode.

Choices:

  • "end-host" ← (default)

  • "switch"

fabric_pc_vhba_reset

string

When enabled, a Registered State Change Notification (RSCN) is sent to the VIC adapter.

This occurs when any member port within the fabric port-channel goes down and vHBA would reset to restore the connection immediately.

When disabled (default), vHBA reset is done only when all the members of a fabric port-channel are down.

Fabric port-channel vHBA reset is not supported on Unified Edge and cannot be enabled.

enabled - Enable fabric port-channel vHBA reset.

disabled - Disable fabric port-channel vHBA reset (default).

Choices:

  • "enabled"

  • "disabled" ← (default)

fc_switching_mode

string

Enable or Disable FC End Host Switching Mode.

FC is not supported on Unified Edge, so this setting cannot be configured and is ignored.

end-host - FC End Host Switching Mode (default).

switch - FC Switch Mode.

Choices:

  • "end-host" ← (default)

  • "switch"

mac_aging_option

string

MAC address aging time configuration option.

default - Use default MAC aging time with UDLD message interval (default).

custom - Use custom MAC aging time in seconds.

never - MAC addresses never age out.

Choices:

  • "default" ← (default)

  • "custom"

  • "never"

mac_aging_time

integer

Define the MAC address aging time in seconds.

This field is valid when the mac_aging_option is set to custom.

Valid range is 120-918000 seconds.

Default: 14500

message_interval

integer

Configures the time between UDLD probe messages on the UDLD enabled ports.

Valid values are from 7 to 90 seconds.

Default: 15

name

string / required

The name assigned to the Switch Control Policy.

The name must be between 1 and 62 alphanumeric characters, allowing special characters :-_.

organization

string

The name of the Organization this resource is assigned to.

Profiles and Policies that are created within a Custom Organization are applicable only to devices in the same Organization.

Default: "default"

primary_key

string

Encrypts MACsec keys in type-6 format.

If a MACsec key is already provided in a type-6 format, the primary key decrypts it.

MACSec is not supported on Unified Edge, so the primary key cannot be configured.

Must be 16-64 characters in length when specified.

recovery_action

string

UDLD recovery action when enabled, attempts to bring an UDLD error-disabled port out of reset.

none - No recovery action (default).

reset - Reset the port to recover from UDLD error-disabled state.

Choices:

  • "none" ← (default)

  • "reset"

reserved_vlan_start_id

integer

The starting ID for VLANs reserved for internal use within the Fabric Interconnect.

This VLAN ID is the starting ID of a contiguous block of 128 VLANs that cannot be configured for user data.

This range of VLANs cannot be configured in VLAN policy.

If this property is not configured, VLAN range 3915 - 4042 is reserved for internal use by default.

The reserved VLAN range is fixed for Unified Edge, so this setting cannot be configured and is ignored.

Default: 3915

state

string

If present, will verify the resource is present and will create if needed.

If absent, will verify the resource is absent and will delete if needed.

Choices:

  • "present" ← (default)

  • "absent"

tags

list / elements=dictionary

List of tags in Key:<user-defined key> Value:<user-defined value> format.

use_proxy

boolean

If no, it will not use a proxy, even if one is defined in an environment variable on the target hosts.

Choices:

  • false

  • true ← (default)

validate_certs

boolean

Boolean control for verifying the api_uri TLS certificate

Choices:

  • false

  • true ← (default)

vlan_port_optimization_enabled

boolean

To enable or disable the VLAN port count optimization.

This feature will always be enabled for Cisco UCS Fabric Interconnect 9108 100G.

Also enabled on the IMM 6.x Bundle version and onwards.

VLAN Port Count Optimization is not applicable for Unified Edge.

Choices:

  • false ← (default)

  • true

Examples

- name: Create a Switch Control Policy with default settings
  cisco.intersight.intersight_switch_control_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    organization: "default"
    name: "SwitchControl-Policy-01"
    description: "Switch control policy with default settings"
    tags:
      - Key: "Site"
        Value: "DataCenter-A"
    state: present

- name: Create a Switch Control Policy with custom settings
  cisco.intersight.intersight_switch_control_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "SwitchControl-Custom-Policy"
    description: "Switch control policy with custom MAC aging"
    ethernet_switching_mode: switch
    fc_switching_mode: switch
    vlan_port_optimization_enabled: true
    reserved_vlan_start_id: 3915
    mac_aging_option: custom
    mac_aging_time: 14500
    message_interval: 15
    recovery_action: reset
    fabric_pc_vhba_reset: enabled
    primary_key: "mySecureKey12345"
    state: present

- name: Create a Switch Control Policy with end-host mode
  cisco.intersight.intersight_switch_control_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "SwitchControl-EndHost-Policy"
    ethernet_switching_mode: end-host
    fc_switching_mode: end-host
    vlan_port_optimization_enabled: false
    recovery_action: none
    fabric_pc_vhba_reset: disabled
    state: present

- name: Create a Switch Control Policy with never aging MAC addresses
  cisco.intersight.intersight_switch_control_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "SwitchControl-NeverAge-Policy"
    mac_aging_option: never
    message_interval: 20
    state: present

- name: Update a Switch Control Policy
  cisco.intersight.intersight_switch_control_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "SwitchControl-Policy-01"
    description: "Updated switch control policy"
    ethernet_switching_mode: switch
    vlan_port_optimization_enabled: true
    state: present

- name: Delete a Switch Control Policy
  cisco.intersight.intersight_switch_control_policy:
    api_private_key: "{{ api_private_key }}"
    api_key_id: "{{ api_key_id }}"
    name: "SwitchControl-Policy-01"
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

api_response

dictionary

The API response output returned by the specified resource.

Returned: always

Sample: {"api_response": {"EthernetSwitchingMode": "end-host", "FabricPcVhbaReset": "Disabled", "FcSwitchingMode": "end-host", "MacAgingSettings": {"MacAgingOption": "Default"}, "Name": "SwitchControl-Policy-01", "ObjectType": "fabric.SwitchControlPolicy", "ReservedVlanStartId": 3915, "Tags": [{"Key": "Site", "Value": "DataCenter-A"}], "UdldSettings": {"MessageInterval": 15, "RecoveryAction": "none"}, "VlanPortOptimizationEnabled": false}}

Authors

  • Ron Gershburg (@rgershbu)