graphiant.naas.graphiant_bgp module – Manage Graphiant BGP peering and routing policies

Note

This module is part of the graphiant.naas collection (version 26.3.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install graphiant.naas. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: graphiant.naas.graphiant_bgp.

New in graphiant.naas 25.11.0

Synopsis

  • This module provides comprehensive BGP peering and routing policy management for Graphiant Edge devices.

  • Supports BGP peering neighbor configuration and deconfiguration.

  • Enables attachment and detachment of global BGP routing policies (filters) to BGP peers.

  • All operations use Jinja2 templates for consistent configuration deployment.

  • Configuration files support Jinja2 templating for dynamic generation.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 3.7

  • graphiant-sdk >= 26.3.0

Parameters

Parameter

Comments

access_token

string

Bearer token for API authentication (for example, from graphiant login, which opens a browser for sign-in (SSO or non-SSO) and retrieves the token).

If not passed as a module argument, the collection reads GRAPHIANT_ACCESS_TOKEN (set after graphiant login when you source ~/.graphiant/env.sh).

When a bearer token is present (module argument or environment), it takes precedence over username and password.

If no valid token is available, the module authenticates with username and password when both are supplied.

bgp_config_file

string / required

Path to the BGP configuration YAML file.

Required for all operations.

Can be an absolute path or relative path. Relative paths are resolved using the configured config_path.

Configuration files support Jinja2 templating syntax for dynamic generation.

File must contain BGP peering neighbor definitions with device names, neighbor IPs, and policy references.

detailed_logs

boolean

Enable detailed logging output for troubleshooting and monitoring.

When enabled, provides comprehensive logs of all BGP operations.

Logs are captured and included in the result_msg for display using ansible.builtin.debug module.

Choices:

  • false ← (default)

  • true

host

aliases: base_url

string / required

Graphiant portal host URL for API connectivity.

Example: “https://api.graphiant.com

operation

string

The specific BGP operation to perform.

configure: Configure BGP peering neighbors and attach global BGP routing policies.

deconfigure: Deconfigure BGP peering neighbors. Policies are automatically detached.

detach_policies: Detach global BGP routing policies from BGP peers without removing the peers.

Choices:

  • "configure"

  • "deconfigure"

  • "detach_policies"

password

string

Graphiant portal password for authentication.

Required for password-based login when no valid bearer token is available from access_token or GRAPHIANT_ACCESS_TOKEN.

state

string

The desired state of the BGP peering.

present: Maps to configure when operation not specified.

absent: Maps to deconfigure when operation not specified.

Choices:

  • "present" ← (default)

  • "absent"

username

string

Graphiant portal username for authentication.

Required for password-based login when no valid bearer token is available from access_token or GRAPHIANT_ACCESS_TOKEN.

Attributes

Attribute

Support

Description

check_mode

Support: partial

The module cannot accurately determine whether changes would actually be made without querying the current state via API calls. In check mode, the module assumes that changes would be made and returns changed=True for all operations (configure, deconfigure, detach_policies). This means that check mode may report changes even when the configuration is already applied. The module does not perform state comparison in check mode due to API limitations.

Supports check mode with partial support.

Notes

Note

  • BGP Operations:

  • - Configure: Create BGP peering neighbors and attach global BGP routing policies.

  • - Deconfigure: Remove BGP peering neighbors (policies are automatically detached).

  • - Detach Policies: Detach global BGP routing policies from BGP peers without removing the peers.

  • Configuration files support Jinja2 templating syntax for dynamic configuration generation.

  • The module automatically resolves device names, site names, and policy names to IDs.

  • All operations are idempotent and safe to run multiple times.

  • Global BGP filters must be created using graphiant.naas.graphiant_global_config module before attaching to BGP peers.

See Also

See also

graphiant.naas.graphiant_interfaces

Configure interfaces before setting up BGP peering

graphiant.naas.graphiant_global_config

Configure global BGP filters (routing policies) that can be attached to BGP peers

Examples

- name: Configure BGP peering and attach policies
  graphiant.naas.graphiant_bgp:
    operation: configure
    bgp_config_file: "sample_bgp_peering.yaml"
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"
    detailed_logs: true
  register: bgp_result

- name: Detach policies from BGP peers
  graphiant.naas.graphiant_bgp:
    operation: detach_policies
    bgp_config_file: "sample_bgp_peering.yaml"
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"
    detailed_logs: true

- name: Deconfigure BGP peering
  graphiant.naas.graphiant_bgp:
    operation: deconfigure
    bgp_config_file: "sample_bgp_peering.yaml"
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"

- name: Configure BGP peering using state parameter
  graphiant.naas.graphiant_bgp:
    state: present
    bgp_config_file: "sample_bgp_peering.yaml"
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"

- name: Deconfigure BGP peering using state parameter
  graphiant.naas.graphiant_bgp:
    state: absent
    bgp_config_file: "sample_bgp_peering.yaml"
    host: "{{ graphiant_host }}"
    username: "{{ graphiant_username }}"
    password: "{{ graphiant_password }}"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

bgp_config_file

string

The BGP configuration file used for the operation.

Returned: always

Sample: "sample_bgp_peering.yaml"

changed

boolean

Whether the operation made changes to the system.

true for all configure/deconfigure/detach operations.

Returned: always

Sample: true

msg

string

Result message from the operation, including detailed logs when detailed_logs is enabled.

Returned: always

Sample: "Successfully configured BGP peering and attached policies"

operation

string

The operation that was performed.

One of configure, deconfigure, or detach_policies.

Returned: always

Sample: "configure"

Authors

  • Graphiant Team (@graphiant)