cisco.mso.ndo_interface_setting module – Manage Interface Policy Groups on Cisco Nexus Dashboard Orchestrator (NDO).

Note

This module is part of the cisco.mso collection (version 2.10.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.mso. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.mso.ndo_interface_setting.

Synopsis

• Manage Interface Policy Groups on Cisco Nexus Dashboard Orchestrator (NDO).

• This module is only supported on ND v3.1 (NDO v4.3) and later.

Requirements

The below requirements are needed on the host that executes this module.

• Multi Site Orchestrator v2.1 or newer

Parameters

Parameter	Comments
access_macsec_policy string	The access MACsec policy. The value is available only when the mcp_admin_state is enabled. The MACsec policy must be defined in the same fabric policy template.
auto_negotiation string	The auto negotiation state of the port(s) in the interface policy group. The default value is on. Choices: "on" "off" "on_enforce"
cdp_admin_state string	The CDP admin state enables Cisco Discovery Protocol (CDP) on the interface. The default value is disabled. Choices: "enabled" "disabled"
controls list / elements=string	The port-channel control flags of the interface policy group. The default value is fast_sel_hot_stdby, graceful_conv, susp_individual. The value is available only when the interface_type is port_channel. Providing an empty list will remove the controls from the interface policy. The old controls will be replaced by the new entries during an update. Choices: "fast_sel_hot_stdby" "graceful_conv" "susp_individual" "load_defer" "symmetric_hash"
description string	The description of the interface policy group.
domains list / elements=string	The domains with which you want to associate this interface policy. The domains must be defined in the same fabric policy template. The old domains will be replaced by the new entries during an update. Providing an empty list will remove the domains from the interface policy.
host aliases: hostname string	IP Address or hostname of the ACI Multi Site Orchestrator host. If the value is not specified in the task, the value of environment variable MSO_HOST will be used instead.
interface_type string	The type of the interface policy group. This parameter is required when interface policy group needs to be created or updated. Choices: "physical" "port_channel"
l2_interface_qinq string	The QinQ state for the port(s) in the interface policy group to define how to map double-tagged VLAN traffic. The default value is disabled. Choices: "core_port" "double_q_tag_port" "edge_port" "disabled"
l2_interface_reflective_relay string	Enables or disables reflective relay (802.1Qbg) to forward traffic back to the destination or target. The term Virtual Ethernet Port Aggregator (VEPA) is also used to describe 802.1Qbg functionality. The default value is disabled. Choices: "enabled" "disabled"
link_level_bring_up_delay integer	The time in milliseconds that the decision feedback equalizer (DFE) tuning is delayed when a port is coming up. The default value is 0. The value must be an integer between 0 and 10000.
link_level_debounce_interval integer	The debounce interval of the link level in milliseconds. The default value is 100. The value must be an integer between 0 and 5000.
link_level_fec string	The type of Forwarding Error Correction (FEC) used by the port(s) in the interface policy group. The default value is inherit. Choices: "inherit" "cl74_fc_fec" "cl91_rs_fec" "cons16_rs_fec" "ieee_rs_fec" "kp_fec" "disable_fec"
lldp dictionary	The Link Layer Discovery Protocol (LLDP) configuration of the interface policy group.
receive_state string	The receive state allows LLDP packets to be received by the interface. The default value is enabled. Choices: "enabled" "disabled"
status string	The state of LLDP on the interface. The default value is enabled. Choices: "enabled" "disabled"
transmit_state string	The transmit state allows LLDP packets to be sent from the interface. The default value is enabled. Choices: "enabled" "disabled"
llfc_receive_state string	The LLFC receive state allows LLFC packets to be received by the interface. The default value is disabled. Choices: "enabled" "disabled"
llfc_transmit_state string	The LLFC transmit state allows Link Level Flow Control (LLFC) packets to be sent from the interface. The default value is disabled. Choices: "enabled" "disabled"
load_balance_hashing string	The IP header information used by the port-channel load balance hashing algorithm of the interface policy group. The value is available only when the interface_type is port_channel. Choices: "destination_ip" "layer_4_destination_ip" "layer_4_source_ip" "source_ip"
login_domain string	The login domain name to use for authentication. The default value is Local. If the value is not specified in the task, the value of environment variable MSO_LOGIN_DOMAIN will be used instead. When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_login_domain will be used if this attribute is not specified.
max_links integer	The maximum number of links in a port-channel of the interface policy group. The default value is 16. The value must be between 1 and 64. The value is available only when the interface_type is port_channel.
mcp dictionary	The MisCabling Protocol (MCP) settings.
admin_state string	The MCP admin state enables MisCabling Protocol (MCP) on the interface. The default value is enabled. Choices: "enabled" "disabled"
grace_period_msec integer	The MCP grace period in milliseconds. The default value is 0. The value must be between 0 and 999. The value is available only when the MCP strict_mode is on.
grace_period_sec integer	The MCP grace period in seconds. The default value is 3. The value must be between 0 and 300. The value is available only when the MCP strict_mode is on.
initial_delay_time integer	The MCP initial delay time in seconds. The default value is 180. The value must be between 0 and 1800. The value is available only when the MCP strict_mode is on.
strict_mode aliases: mcp_mode string	The MCP strict mode. The value is available only when the MCP admin_state is enabled. The default value is off. Choices: "on" "off"
transmission_frequency_msec integer	The MCP transmission frequency in milliseconds. The default value is 0. The value must be between 0 and 999. The value is available only when the MCP strict_mode is on.
transmission_frequency_sec integer	The MCP transmission frequency in seconds. The default value is 2. The value must be between 0 and 300. The value is available only when the MCP strict_mode is on.
min_links integer	The minimum number of active links in a port-channel of the interface policy group. The default value is 1. The value must be between 1 and 16. The value is available only when the interface_type is port_channel.
name aliases: interface_policy_group, interface_setting string	The name of the interface policy group.
output_level string	Influence the output of this MSO module. normal means the standard output, incl. current dict info adds informational output, incl. previous, proposed and sent dicts debug adds debugging output, incl. filter_string, method, response, status and url information If the value is not specified in the task, the value of environment variable MSO_OUTPUT_LEVEL will be used instead. Choices: "debug" "info" "normal" ← (default)
password string	The password to use for authentication. If the value is not specified in the task, the value of environment variables MSO_PASSWORD or ANSIBLE_NET_PASSWORD will be used instead.
pfc_admin_state string	The Priority Flow Control (PFC) admin state. The default value is auto. Choices: "on" "off" "auto"
port integer	Port number to be used for the REST connection. The default value depends on parameter `use_ssl`. If the value is not specified in the task, the value of environment variable MSO_PORT will be used instead.
port_channel_mode string	The port channel mode of the interface policy group. The default value is static_channel_mode_on. The value is available only when the interface_type is port_channel. Choices: "static_channel_mode_on" "lacp_passive" "lacp_active" "mac_pinning" "mac_pinning_physical_nic_load" "use_explicit_failover_order"
speed string	The port speed for the port(s) associated with the interface policy group. The default value is inherit. Choices: "100M" "1G" "10G" "25G" "40G" "50G" "100G" "200G" "400G" "inherit"
state string	Use absent for removing. Use query for listing an object or multiple objects. Use present for creating or updating. Choices: "absent" "query" ← (default) "present"
stp_bpdu_filter string	Enabling the Bridge Protocol Data Unit (BPDU) filter prevents any BPDUs on the port(s) in the interface policy group by filtering the BPDUs. Disabling the BPDU filter allows BPDUs to be received on the port. The default value is disabled. Choices: "enabled" "disabled"
stp_bpdu_guard string	Enabling the STP BPDU guard shutdown the port(s) by placing them in ‘error-disable’ mode when BPDUs are received. Disabling the STP BPDU guard allows BPDUs to be received on the port. The default value is disabled. Choices: "enabled" "disabled"
synce string	The syncE policy assigned to the interface policy group. The syncE policy must be defined in the same fabric policy template.
template string / required	The name of the template. The template must be a fabric policy template.
timeout integer	The socket level timeout in seconds. The default value is 30 seconds. If the value is not specified in the task, the value of environment variable MSO_TIMEOUT will be used instead.
use_proxy boolean	If false, it will not use a proxy, even if one is defined in an environment variable on the target hosts. If the value is not specified in the task, the value of environment variable MSO_USE_PROXY will be used instead. The default is true. Choices: false true
use_ssl boolean	If false, an HTTP connection will be used instead of the default HTTPS connection. If the value is not specified in the task, the value of environment variable MSO_USE_SSL will be used instead. When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_use_ssl will be used if this attribute is not specified. The default is false when using a HTTPAPI connection plugin (mso or nd) and true when using the legacy connection method (only for mso). Choices: false true
username string	The username to use for authentication. If the value is not specified in the task, the value of environment variables MSO_USERNAME or ANSIBLE_NET_USERNAME will be used instead.
uuid aliases: interface_policy_group_uuid, interface_setting_uuid string	The UUID of the interface policy group. This parameter is required when the name attribute needs to be updated.
validate_certs boolean	If false, SSL certificates will not be validated. This should only set to false when used on personally controlled sites using self-signed certificates. If the value is not specified in the task, the value of environment variable MSO_VALIDATE_CERTS will be used instead. The default is true. Choices: false true
vlan_scope string	The scope of the VLAN encapsulation of the port(s) in the interface policy group. The default value is global. Choices: "global" "port_local"

Notes

Note

• The template must exist before using this module in your playbook. Use cisco.mso.ndo_template to create the Tenant template.

• The access_macsec_policy must exist before using this module in your playbook. Use cisco.mso.ndo_macsec_policy to create the MACsec policy.

• The domains must exist before using this module in your playbook. Use cisco.mso.ndo_physical_domain or cisco.mso.ndo_l3_domain to create the domain.

• The synce must exist before using this module in your playbook. Use cisco.mso.ndo_synce_interface_policy to create the syncE policy.

• This module was written to support Multi Site Orchestrator v2.1 or newer. Some or all functionality may not work on earlier versions.

See Also

See also

cisco.mso.ndo_template

Manage Templates on Cisco Nexus Dashboard Orchestrator (NDO).

cisco.mso.ndo_macsec_policy

Manage MACsec Policies on Cisco Nexus Dashboard Orchestrator (NDO).

Examples

- name: Create an Interface policy group of interface_type physical
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    name: ansible_test_interface_policy_group_physical
    description: "Interface Policy Group for Ansible Test"
    interface_type: physical
    state: present

- name: Create an Interface policy group of interface_type port_channel
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    name: ansible_test_interface_policy_group_port_channel
    description: "Interface Policy Group for Ansible Test"
    interface_type: port_channel
    state: present

- name: Create an Interface policy group with all attributes
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    name: ansible_test_interface_policy_group_all
    description: "Interface Policy Group for Ansible Test"
    interface_type: port_channel
    speed: 1G
    auto_negotiation: on_enforce
    vlan_scope: port_local
    cdp_admin_state: enabled
    port_channel_mode: lacp_active
    min_links: 1
    max_links: 16
    controls: ["fast_sel_hot_stdby", "graceful_conv", "susp_individual"]
    load_balance_hashing: destination_ip
    synce: ansible_test_sync_e
    link_level_debounce_interval: 100
    link_level_bring_up_delay: 0
    link_level_fec: ieee_rs_fec
    l2_interface_qinq: edge_port
    l2_interface_reflective_relay: enabled
    lldp:
      status: enabled
      transmit_state: enabled
      receive_state: enabled
    domains:
      - ansible_test_domain1
      - ansible_test_domain2
    stp_bpdu_filter: enabled
    stp_bpdu_guard: enabled
    llfc_transmit_state: enabled
    llfc_receive_state: enabled
    mcp:
      admin_state: enabled
      strict_mode: 'on'
      initial_delay_time: 180
      transmission_frequency_sec: 2
      transmission_frequency_msec: 10
      grace_period_sec: 3
      grace_period_msec: 10
    pfc_admin_state: 'on'
    state: present

- name: Query all Interface policy groups
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    state: query
    register: query_all

- name: Query a specific Interface policy group with name
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    name: ansible_test_interface_policy_group_physical
    state: query
    register: query_one_name

- name: Query a specific Interface policy group with UUID
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    uuid: "{{ query_one_name.current.uuid }}"
    state: query
    register: query_one_uuid

- name: Delete an Interface policy group with name
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    name: ansible_test_interface_policy_group_physical
    state: absent

- name: Delete an Interface policy group with UUID
  cisco.mso.ndo_interface_setting:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: ansible_test_template
    uuid: "{{ query_one_name.current.uuid }}"
    state: absent

Authors

• Anvitha Jain (@anvjain)

Collection links

• Issue Tracker
• Homepage
• Repository (Sources)