├── CTF ├── vmware │ ├── vms-and-templates │ │ ├── test1.retry │ │ ├── vars │ │ │ └── vm-details.yaml │ │ └── vm-network-backing.yaml │ ├── global-vars │ │ └── vcenter-details.yaml │ ├── logon.yaml │ └── tmp │ │ ├── DeleteAnsibleDemo.yaml │ │ └── AnsibleDemo.yaml ├── uni.zip ├── uni │ ├── tenants │ │ ├── vmware │ │ │ ├── master.yaml │ │ │ └── application-profiles │ │ │ │ └── application-profiles.yaml │ │ ├── common │ │ │ ├── networking │ │ │ │ ├── vars │ │ │ │ │ ├── vrf-vars.yaml │ │ │ │ │ └── bridge-domain-vars.yaml │ │ │ │ ├── vrfs.yaml │ │ │ │ └── bridge-domains.yaml │ │ │ ├── master.yaml │ │ │ └── contracts │ │ │ │ ├── vars │ │ │ │ ├── udp-filters-vars.yaml │ │ │ │ └── tcp-filters-vars.yaml │ │ │ │ └── filter-builder.yaml │ │ └── ctf │ │ │ ├── master.yaml │ │ │ ├── contracts │ │ │ └── vars │ │ │ │ └── contract-vars.yaml │ │ │ └── application-profiles │ │ │ ├── vars │ │ │ ├── wordPress-vars.yaml │ │ │ ├── application-profile-vars.yaml │ │ │ ├── windows-servers-vars.yaml │ │ │ └── linux-servers-vars.yaml │ │ │ ├── application-profiles-wordPress.yaml │ │ │ ├── application-profiles-linux.yaml │ │ │ └── application-profiles-windows.yaml │ ├── wait2.yaml │ ├── wait5.yaml │ ├── global-vars │ │ ├── dns.yaml │ │ ├── ntp.yaml │ │ ├── tenants.yaml │ │ ├── bgp.yaml │ │ ├── apic-details.yaml │ │ ├── node-mgmt.yaml │ │ └── application_profiles.yaml │ ├── master.yaml.orig │ ├── run-me.yaml.orig │ ├── apic-logon.yaml │ ├── run-me.yaml │ ├── fabric │ │ ├── access-policies │ │ │ ├── master.yaml │ │ │ ├── vars │ │ │ │ ├── physical-and-external-domains-vars.yaml │ │ │ │ ├── pools-vars.yaml │ │ │ │ ├── switches-vars.yaml │ │ │ │ ├── policies-vars.yaml │ │ │ │ ├── interfaces-vars.yaml │ │ │ │ └── interfaces-leaf-101_and_102-vars.yaml │ │ │ ├── leaf-profiles.yaml │ │ │ ├── leaf-profiles.yaml.orig │ │ │ ├── pools.yaml │ │ │ ├── pools.yaml.orig │ │ │ ├── interface-policies.yaml │ │ │ ├── interface-policies.yaml.orig │ │ │ ├── modify-switch-interfaces.yaml.orig │ │ │ ├── modify-switch-interfaces-leaf-101.yaml │ │ │ ├── modify-switch-interfaces-leaf-102.yaml │ │ │ ├── modify-switch-interfaces-leaf-101-and-102.yaml │ │ │ ├── domains.yaml │ │ │ └── interface-policy-groups.yaml │ │ └── inventory │ │ │ └── add-switches.yaml │ ├── master.yaml │ ├── test.yaml │ ├── pools-vars.yaml │ ├── template.yaml │ ├── pre-run-me-snapshot.yaml │ ├── post-run-me-snapshot.yaml │ ├── pre-initial-setup-snapshot.yaml │ ├── post-initial-setup-snapshot.yaml │ ├── snapshot-local.yaml │ ├── initial-setup-remove-default-objects.yaml │ ├── initial-setup-tenants.yaml │ ├── snapshot.yaml.orig │ ├── initial-setup-tenants.yaml.orig │ ├── initial-setup-node-mgmt.yaml.orig │ ├── initial-setup-fault-timers.yaml │ ├── initial-setup-node-mgmt.yaml │ ├── snapshot.yaml │ ├── exported-post-run-me-snapshot.yaml │ ├── exported-pre-run-me-snapshot.yaml │ ├── rest-template.yaml │ ├── initial-setup-ntp.yaml │ ├── initial-setup-dns.yaml.orig │ ├── initial-setup-dns.yaml │ ├── initial-setup-fault-timers.yaml.orig │ └── initial-setup-bgp.yaml ├── playbook-order.txt └── readme.md ├── .gitignore ├── Demos ├── 01_Build_It_All_Ansible │ └── run.sh ├── 04_L2_Extension_Ansible │ └── run.sh ├── 03_Building_Tenants_Ansible │ └── run.sh ├── 08_Adding_Contracts_Ansible │ ├── run.sh │ └── apic_credentials.yml ├── 09_Add_AP_EPG_Contracts_Terraform │ ├── run.sh │ ├── terraform.tfvars │ ├── how_to_use_certificate_login_to_APIC.txt │ ├── variables.tf │ ├── automator.key │ └── main.tf ├── 07_Diagnosing_Connectivity_Ansible │ ├── run.sh │ └── apic_credentials.yml ├── 05_Building_WordPress_AP_Ansible │ ├── run.sh │ └── apic_credentials.yml └── 02_Adding_VLANs_Postman │ ├── vlanpools.csv │ └── dCloud simulator.postman_environment.json └── readme.md /CTF/vmware/vms-and-templates/test1.retry: -------------------------------------------------------------------------------- 1 | 127.0.0.1 2 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | */creds/ 2 | */results/ 3 | */dcloud/ 4 | .DS_Store 5 | .retry 6 | -------------------------------------------------------------------------------- /CTF/uni.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/spsharman/CiscoLive2020/HEAD/CTF/uni.zip -------------------------------------------------------------------------------- /Demos/01_Build_It_All_Ansible/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ansible-playbook ./build_it_all.yaml 4 | -------------------------------------------------------------------------------- /Demos/04_L2_Extension_Ansible/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ansible-playbook ./build_tenants.yaml --tags demo4 4 | -------------------------------------------------------------------------------- /Demos/03_Building_Tenants_Ansible/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ansible-playbook ./build_tenants.yaml --tags demo3 4 | -------------------------------------------------------------------------------- /Demos/08_Adding_Contracts_Ansible/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ansible-playbook -e @apic_credentials.yml ./add_aci_contract.yml 4 | -------------------------------------------------------------------------------- /Demos/09_Add_AP_EPG_Contracts_Terraform/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | terrafrom init 4 | 5 | terraform plan 6 | 7 | terraform apply 8 | -------------------------------------------------------------------------------- /Demos/07_Diagnosing_Connectivity_Ansible/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ansible-playbook -e @apic_credentials.yml ./get_host_aci_details.yml 4 | -------------------------------------------------------------------------------- /Demos/05_Building_WordPress_AP_Ansible/run.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | ansible-playbook -e @apic_credentials.yml ./create_application_profile.yaml --tags demo5 4 | -------------------------------------------------------------------------------- /CTF/uni/tenants/vmware/master.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: ./application-profiles/application-profiles.yaml 3 | # wait for 5 seconds 4 | - import_playbook: ../../wait5.yaml 5 | -------------------------------------------------------------------------------- /Demos/09_Add_AP_EPG_Contracts_Terraform/terraform.tfvars: -------------------------------------------------------------------------------- 1 | tenantName = "CiscoLiveTF" 2 | bd_name = "192.168.4.x_24" 3 | bd_subnet = "192.168.4.1/24" 4 | app_profile_name = "WordPress" 5 | -------------------------------------------------------------------------------- /Demos/02_Adding_VLANs_Postman/vlanpools.csv: -------------------------------------------------------------------------------- 1 | allocMode,descr,poolName,from,to,status_is 2 | static,Added by Postman,pool-01,500,520,"created,modified" 3 | dynamic,Added by Postman,pool-02,600,620,"created,modified" -------------------------------------------------------------------------------- /Demos/08_Adding_Contracts_Ansible/apic_credentials.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apic: 3 | apic_ip: 4 | apic_username: "" 5 | apic_password: "" 6 | -------------------------------------------------------------------------------- /Demos/05_Building_WordPress_AP_Ansible/apic_credentials.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apic: 3 | apic_ip: 4 | apic_username: "" 5 | apic_password: "" 6 | -------------------------------------------------------------------------------- /Demos/07_Diagnosing_Connectivity_Ansible/apic_credentials.yml: -------------------------------------------------------------------------------- 1 | --- 2 | apic: 3 | apic_ip: 4 | apic_username: "" 5 | apic_password: "" 6 | -------------------------------------------------------------------------------- /CTF/playbook-order.txt: -------------------------------------------------------------------------------- 1 | CTF/uni/fabric/inventory/add-switches.yaml 2 | CTF/uni/master.yaml 3 | CTF/uni/fabric/access-policies/master.yaml 4 | CTF/uni/fabric/access-policies/modify-switch-interfaces.yaml 5 | CTF/uni/tenants/common/master.yaml 6 | CTF/uni/tenants/vmware/master.yaml 7 | CTF/uni/tenants/ctf/master.yaml 8 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/networking/vars/vrf-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # VRFs. 3 | #============================================================================================== 4 | vrf: 5 | - tenant: "common" 6 | vrf: "vrf-01" 7 | descr: "Created by Ansible" 8 | -------------------------------------------------------------------------------- /CTF/uni/wait2.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # wait for 2 seconds 3 | - name: Define global settings 4 | hosts: localhost 5 | connection: local 6 | gather_facts: no 7 | tasks: 8 | - name: Sleep for 2 seconds and timeout 9 | wait_for: 10 | delay: 2 11 | timeout: 0 12 | -------------------------------------------------------------------------------- /CTF/uni/wait5.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | # wait for 5 seconds 3 | - name: Define global settings 4 | hosts: localhost 5 | connection: local 6 | gather_facts: no 7 | tasks: 8 | - name: Sleep for 5 seconds and timeout 9 | wait_for: 10 | delay: 5 11 | timeout: 0 12 | -------------------------------------------------------------------------------- /Demos/09_Add_AP_EPG_Contracts_Terraform/how_to_use_certificate_login_to_APIC.txt: -------------------------------------------------------------------------------- 1 | Documentation here: 2 | 3 | https://www.terraform.io/docs/providers/aci/index.html 4 | 5 | Generate key and cert like this on linux or Mac: 6 | 7 | openssl req -new -newkey rsa:1024 -days 36500 -nodes -x509 -keyout admin.key -out admin.crt -subj '/CN=Admin/O=Your Company/C=US' 8 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/dns.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Add DNS servers 3 | # 4 | # Example: 5 | # - dnsServer: "198.18.133.1" 6 | # 7 | #============================================================================================== 8 | dnsProfile: 9 | - dnsServer: "198.18.133.1" 10 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/ntp.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Add NTP servers 3 | # 4 | # Example: 5 | # - ntpServer: "198.18.133.1" 6 | # 7 | #============================================================================================== 8 | datetimeNtpProv: 9 | - ntpServer: "198.18.133.1" 10 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/master.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: ./networking/vrfs.yaml 3 | # wait for 5 seconds 4 | - import_playbook: ../../wait5.yaml 5 | 6 | - import_playbook: ./networking/bridge-domains.yaml 7 | # wait for 5 seconds 8 | - import_playbook: ../../wait5.yaml 9 | 10 | - import_playbook: ./contracts/filter-builder.yaml 11 | # wait for 5 seconds 12 | - import_playbook: ../../wait5.yaml 13 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/tenants.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Add Tenant names and descriptions 3 | #============================================================================================== 4 | tenants: 5 | - tenant: "ctf" 6 | descr: "Created by Ansible" 7 | 8 | - tenant: "vmware" 9 | descr: "Created by Ansible" 10 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/contracts/vars/udp-filters-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Filters 3 | #============================================================================================== 4 | udp: 5 | - subject: "udp" 6 | src_port: "any" 7 | dst_port: "53" 8 | 9 | - subject: "udp" 10 | src_port: "any" 11 | dst_port: "123" 12 | -------------------------------------------------------------------------------- /CTF/vmware/global-vars/vcenter-details.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # vCenter access information. 3 | #============================================================================================== 4 | vcenter_info: 5 | hostname: "hx-prod-vc01.uktme.cisco.com" 6 | username: "administrator@vsphere.local" 7 | password: "C!5co123" 8 | validate_certs: no 9 | -------------------------------------------------------------------------------- /CTF/uni/master.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: pre-initial-setup-snapshot.yaml 3 | - import_playbook: ./fabric/inventory/add-switches.yaml 4 | - import_playbook: initial-setup-remove-default-objects.yaml 5 | - import_playbook: initial-setup-fault-timers.yaml 6 | - import_playbook: initial-setup-bgp.yaml 7 | - import_playbook: initial-setup-dns.yaml 8 | - import_playbook: initial-setup-ntp.yaml 9 | - import_playbook: initial-setup-node-mgmt.yaml 10 | - import_playbook: post-initial-setup-snapshot.yaml 11 | -------------------------------------------------------------------------------- /CTF/vmware/vms-and-templates/vars/vm-details.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # virtual machine information. 3 | #============================================================================================== 4 | vm_names: 5 | - name: "ansible-network-test" 6 | datacenter: "UKTME" 7 | cluster: "hx-prod" 8 | adapter: "Network adapter 1" 9 | connected: "true" 10 | network: "10.237.99.192_27_ssharman-01" 11 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/bgp.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Add BGP route reflectors 3 | # 4 | # Example: 5 | #- nodeId: "201" 6 | # podId: "1" 7 | # asn: "65000" 8 | # 9 | #============================================================================================== 10 | bgpRRNodePEp: 11 | - nodeId: "201" 12 | podId: "1" 13 | asn: "65000" 14 | 15 | - nodeId: "202" 16 | podId: "1" 17 | asn: "65000" 18 | -------------------------------------------------------------------------------- /Demos/09_Add_AP_EPG_Contracts_Terraform/variables.tf: -------------------------------------------------------------------------------- 1 | variable "tenantName" {} 2 | variable "bd_name" {} 3 | variable "bd_subnet" {} 4 | variable "app_profile_name" {} 5 | 6 | 7 | variable "aciUser" { 8 | default = "automator" 9 | } 10 | variable "aciPrivateKey" { 11 | default = "automator.key" 12 | } 13 | variable "aciCertName" { 14 | default = "automator" 15 | } 16 | variable "aciUrl" { 17 | default = "https://" 18 | } 19 | variable "provider_profile_dn" { 20 | default = "uni/vmmp-VMware" 21 | } 22 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/contracts/vars/tcp-filters-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Filters 3 | #============================================================================================== 4 | tcp: 5 | - subject: "tcp" 6 | src_port: "any" 7 | dst_port: "22" 8 | 9 | - subject: "tcp" 10 | src_port: "any" 11 | dst_port: "80" 12 | 13 | - subject: "tcp" 14 | src_port: "any" 15 | dst_port: "443" 16 | 17 | - subject: "tcp" 18 | src_port: "any" 19 | dst_port: "8443" 20 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/apic-details.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # APIC access information. 3 | #============================================================================================== 4 | apic_info: &apic_info 5 | host: 198.18.133.200 6 | username: admin 7 | password: C1sco12345 8 | validate_certs: no 9 | 10 | rest_info: &rest_info 11 | use_proxy: no 12 | path: /api/mo/.json 13 | method: post 14 | -------------------------------------------------------------------------------- /CTF/uni/run-me.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: ./pre-run-me-snapshot.yaml 3 | - import_playbook: ./exported-pre-run-me-snapshot.yaml 4 | - import_playbook: ./fabric/access-policies/master.yaml 5 | - import_playbook: ./virtual-networking/vmm-domains/setup-vmm.yaml 6 | - import_playbook: initial-setup-tenants.yaml 7 | - import_playbook: ./tenants/common/master.yaml 8 | - import_playbook: ./tenants/vmware/master.yaml 9 | - import_playbook: ./tenants/ctf/master.yaml 10 | - import_playbook: ./exported-post-run-me-snapshot.yaml 11 | - import_playbook: ./post-run-me-snapshot.yaml 12 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/master.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: ./application-profiles/application-profiles-linux.yaml 3 | # wait for 5 seconds 4 | - import_playbook: ../../wait5.yaml 5 | 6 | - import_playbook: ./application-profiles/application-profiles-windows.yaml 7 | # wait for 5 seconds 8 | - import_playbook: ../../wait5.yaml 9 | 10 | - import_playbook: ./application-profiles/application-profiles-wordPress.yaml 11 | # wait for 5 seconds 12 | - import_playbook: ../../wait5.yaml 13 | 14 | - import_playbook: ./contracts/add-contracts.yaml 15 | # wait for 5 seconds 16 | - import_playbook: ../../wait5.yaml 17 | -------------------------------------------------------------------------------- /CTF/vmware/logon.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/vcenter-details.yaml 12 | 13 | tasks: 14 | - name: vCenter details 15 | set_fact: 16 | vcenter_info: &vcenter_info 17 | hostname: "{{ vcenter_info.hostname }}" 18 | username: "{{ vcenter_info.username }}" 19 | password: "{{ vcenter_info.password }}" 20 | validate_certs: no 21 | tags: always 22 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/networking/vars/bridge-domain-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Add Bridge Domain names 3 | #============================================================================================== 4 | bd: 5 | - tenant: "common" 6 | vrf: "vrf-01" 7 | descr: "Created by Ansible" 8 | bd: "10.193.x.x" 9 | 10 | #============================================================================================== 11 | # Add Gateway IP addresses 12 | #============================================================================================== 13 | gw: 14 | - tenant: "common" 15 | vrf: "vrf-01" 16 | descr: "Created by Ansible" 17 | bd: "10.193.x.x" 18 | gw: "10.193.101.1" 19 | mask: "24" 20 | 21 | - tenant: "common" 22 | vrf: "vrf-01" 23 | descr: "Created by Ansible" 24 | bd: "10.193.x.x" 25 | gw: "10.193.102.1" 26 | mask: "24" 27 | -------------------------------------------------------------------------------- /Demos/09_Add_AP_EPG_Contracts_Terraform/automator.key: -------------------------------------------------------------------------------- 1 | -----BEGIN PRIVATE KEY----- 2 | MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBALNx1JTr/Umxd9XW 3 | eDxfayP4CfohXke3uBp0nynjeVfnMb89LlHvBDBvxCiNVd34pl+LOIjzl3LHfXLF 4 | w+Um0XC+7G+mQ/4Goo3f9cmXTaprC8dpJfg2fu84HTRjurEvF5xeIrOXV0FN8j0n 5 | iMUMWSaubaToZP82vIkNr/HDNSrDAgMBAAECgYBGYGN2UKOTDmYoWKfpTabwgWww 6 | THv0dqpevdRakltZzVOmZDFRcwNal8r/+IZvuwBNQoXWuGpyWqjppYRxz+qdu+kF 7 | WTrIvfjt50vgPMRKd3mMsmhzhUCWdH529Q6mk49PZZQBLiWZZM/zL1KsAx5ml8k9 8 | XxKGbhUsVSOAFmVRwQJBAONtmQU5UaQ5NJ3xkH+mFfz6U4nQ8W/WtrZd9qay/Jmx 9 | k2xBEGrYCaAnY2a+DTUmgPID92/HR/YiCZjA1vtxHiECQQDJ/QSkNScaZQHjHE0B 10 | f5u5E4M7JCntcy/hdnWg2O/uxScVru8OlugigmRkfqGDNi0UXt6ZsaunJ6VUzhC2 11 | PgRjAkBnbTQluAd0078mBPFd274sKftLtYXXAqJdFSZScRuHGcadeIlqzYyzFLaT 12 | xuJixXvmk/83Cj2jpZ8PpMMf3jWBAkAXvOqMucpsqa49GJhcMrkEWSy1CJz80Oqx 13 | npBYZOZds0HSpIpntoh1dcmCnfcxSm6l1Dho6552uIwPmWARatxtAkBMKlSgYiKL 14 | 2xPDP+XOjSMoeXeRu+2TuqlGaOm1kvKxsa2FM92L5ei9lEfOTh2RWdE6RtMUUM0D 15 | 0WAhfE3Hocxk 16 | -----END PRIVATE KEY----- 17 | -------------------------------------------------------------------------------- /CTF/uni/apic-logon.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | -------------------------------------------------------------------------------- /CTF/uni/run-me.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: ./pre-run-me-snapshot.yaml 3 | # wait for 5 seconds 4 | - import_playbook: wait5.yaml 5 | 6 | - import_playbook: ./exported-pre-run-me-snapshot.yaml 7 | # wait for 5 seconds 8 | - import_playbook: wait5.yaml 9 | 10 | - import_playbook: ./fabric/access-policies/master.yaml 11 | # wait for 5 seconds 12 | - import_playbook: wait5.yaml 13 | 14 | - import_playbook: ./virtual-networking/vmm-domains/setup-vmm.yaml 15 | # wait for 5 seconds 16 | - import_playbook: wait5.yaml 17 | 18 | - import_playbook: initial-setup-tenants.yaml 19 | # wait for 5 seconds 20 | - import_playbook: wait5.yaml 21 | 22 | - import_playbook: ./tenants/common/master.yaml 23 | # wait for 5 seconds 24 | - import_playbook: wait5.yaml 25 | 26 | - import_playbook: ./tenants/vmware/master.yaml 27 | # wait for 5 seconds 28 | - import_playbook: wait5.yaml 29 | 30 | - import_playbook: ./tenants/ctf/master.yaml 31 | # wait for 5 seconds 32 | - import_playbook: wait5.yaml 33 | 34 | - import_playbook: ./exported-post-run-me-snapshot.yaml 35 | # wait for 5 seconds 36 | - import_playbook: wait5.yaml 37 | 38 | - import_playbook: ./post-run-me-snapshot.yaml 39 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/node-mgmt.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Add Node details 3 | # 4 | # Example: 5 | # - node: "102" 6 | # pod: "1" 7 | # descr: "Created by Ansible" 8 | # addr: "198.18.133.205/18" 9 | # gw: "198.18.128.1" 10 | # 11 | #============================================================================================== 12 | mgmtRsOoBStNode: 13 | - node: "101" 14 | pod: "1" 15 | descr: "Created by Ansible" 16 | addr: "198.18.133.203/18" 17 | gw: "198.18.128.1" 18 | 19 | - node: "102" 20 | pod: "1" 21 | descr: "Created by Ansible" 22 | addr: "198.18.133.204/18" 23 | gw: "198.18.128.1" 24 | 25 | - node: "201" 26 | pod: "1" 27 | descr: "Created by Ansible" 28 | addr: "198.18.133.205/18" 29 | gw: "198.18.128.1" 30 | 31 | #- node: "202" 32 | # pod: "1" 33 | # descr: "Created by Ansible" 34 | # addr: "198.18.133.206/18" 35 | # gw: "198.18.128.1" 36 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/master.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | - import_playbook: leaf-profiles.yaml 3 | # wait for 5 seconds 4 | - import_playbook: ../../wait5.yaml 5 | 6 | - import_playbook: switch-profiles.yaml 7 | # wait for 5 seconds 8 | - import_playbook: ../../wait5.yaml 9 | 10 | - import_playbook: pools.yaml 11 | # wait for 5 seconds 12 | - import_playbook: ../../wait5.yaml 13 | 14 | - import_playbook: domains.yaml 15 | # wait for 5 seconds 16 | - import_playbook: ../../wait5.yaml 17 | 18 | - import_playbook: aaep.yaml 19 | # wait for 5 seconds 20 | - import_playbook: ../../wait5.yaml 21 | 22 | - import_playbook: interface-policies.yaml 23 | # wait for 5 seconds 24 | - import_playbook: ../../wait5.yaml 25 | 26 | - import_playbook: interface-policy-groups.yaml 27 | # wait for 5 seconds 28 | - import_playbook: ../../wait5.yaml 29 | 30 | #- import_playbook: modify-switch-interfaces-leaf-101.yaml 31 | # wait for 5 seconds 32 | - import_playbook: ../../wait5.yaml 33 | 34 | #- import_playbook: modify-switch-interfaces-leaf-102.yaml 35 | # wait for 5 seconds 36 | - import_playbook: ../../wait5.yaml 37 | 38 | - import_playbook: modify-switch-interfaces-leaf-101-and-102.yaml 39 | # wait for 5 seconds 40 | - import_playbook: ../../wait5.yaml 41 | -------------------------------------------------------------------------------- /CTF/uni/master.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Wait between importing playbooks 4 | #============================================================================================== 5 | - import_playbook: pre-initial-setup-snapshot.yaml 6 | # wait for 5 seconds 7 | - import_playbook: wait5.yaml 8 | 9 | - import_playbook: ./fabric/inventory/add-switches.yaml 10 | # wait for 5 seconds 11 | - import_playbook: wait5.yaml 12 | 13 | - import_playbook: initial-setup-remove-default-objects.yaml 14 | # wait for 5 seconds 15 | - import_playbook: wait5.yaml 16 | 17 | - import_playbook: initial-setup-fault-timers.yaml 18 | # wait for 5 seconds 19 | - import_playbook: wait5.yaml 20 | 21 | - import_playbook: initial-setup-bgp.yaml 22 | # wait for 5 seconds 23 | - import_playbook: wait5.yaml 24 | 25 | - import_playbook: initial-setup-dns.yaml 26 | # wait for 5 seconds 27 | - import_playbook: wait5.yaml 28 | 29 | - import_playbook: initial-setup-ntp.yaml 30 | # wait for 5 seconds 31 | - import_playbook: wait5.yaml 32 | 33 | - import_playbook: initial-setup-node-mgmt.yaml 34 | # wait for 5 seconds 35 | - import_playbook: wait5.yaml 36 | 37 | - import_playbook: post-initial-setup-snapshot.yaml 38 | -------------------------------------------------------------------------------- /CTF/uni/test.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Wait between importing playbooks 4 | #============================================================================================== 5 | - import_playbook: pre-initial-setup-snapshot.yaml 6 | # wait for 2 seconds 7 | - import_playbook: wait2.yaml 8 | 9 | - import_playbook: ./fabric/inventory/add-switches.yaml 10 | # wait for 2 seconds 11 | - import_playbook: wait2.yaml 12 | 13 | - import_playbook: initial-setup-remove-default-objects.yaml 14 | # wait for 2 seconds 15 | - import_playbook: wait2.yaml 16 | 17 | - import_playbook: initial-setup-fault-timers.yaml 18 | # wait for 2 seconds 19 | - import_playbook: wait2.yaml 20 | 21 | - import_playbook: initial-setup-bgp.yaml 22 | # wait for 2 seconds 23 | - import_playbook: wait2.yaml 24 | 25 | - import_playbook: initial-setup-dns.yaml 26 | # wait for 2 seconds 27 | - import_playbook: wait2.yaml 28 | 29 | - import_playbook: initial-setup-ntp.yaml 30 | # wait for 2 seconds 31 | - import_playbook: wait2.yaml 32 | 33 | - import_playbook: initial-setup-node-mgmt.yaml 34 | # wait for 2 seconds 35 | - import_playbook: wait2.yaml 36 | 37 | - import_playbook: post-initial-setup-snapshot.yaml 38 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/vars/physical-and-external-domains-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Physical Domains 3 | #============================================================================================== 4 | physical_and_external_domains_physical_domains: 5 | - physDomName: "physical_servers" 6 | poolType: "dynamic" 7 | poolName: "all_vlans" 8 | 9 | #============================================================================================== 10 | # External Bridged Domains 11 | #============================================================================================== 12 | physical_and_external_domains_external_bridged_domains: 13 | - l2DomName: "layer_2_extension" 14 | poolType: "dynamic" 15 | poolName: "all_vlans" 16 | 17 | #============================================================================================== 18 | # L3 Domains 19 | #============================================================================================== 20 | 21 | #============================================================================================== 22 | # Fibre Channel Domains 23 | #============================================================================================== 24 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/contracts/vars/contract-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Contract name derived from Tenant, Application Profile, EPG 3 | #============================================================================================== 4 | contract: 5 | - cons_tn_name: "ctf" 6 | cons_ap_name: "WordPress" 7 | cons_epg_name: "web-tier" 8 | prov_tn_name: "ctf" 9 | prov_ap_name: "WordPress" 10 | prov_epg_name: "db-tier" 11 | description: "" 12 | scope: "context" 13 | subject: "tcp" 14 | src_port: "any" 15 | dst_port: "8443" 16 | 17 | - cons_tn_name: "ctf" 18 | cons_ap_name: "10.193.x.x" 19 | cons_epg_name: "windows-servers" 20 | prov_tn_name: "ctf" 21 | prov_ap_name: "WordPress" 22 | prov_epg_name: "web-tier" 23 | description: "" 24 | scope: "context" 25 | subject: "tcp" 26 | src_port: "any" 27 | dst_port: "80" 28 | 29 | - cons_tn_name: "ctf" 30 | cons_ap_name: "10.193.x.x" 31 | cons_epg_name: "windows-servers" 32 | prov_tn_name: "ctf" 33 | prov_ap_name: "WordPress" 34 | prov_epg_name: "web-tier" 35 | description: "" 36 | scope: "context" 37 | subject: "tcp" 38 | src_port: "any" 39 | dst_port: "443" 40 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/vars/wordPress-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Application Profiles. 3 | #============================================================================================== 4 | ap: 5 | - tenant: "ctf" 6 | app_profile: "WordPress" 7 | 8 | #============================================================================================== 9 | # EPGs. 10 | #============================================================================================== 11 | epg: 12 | - tenant: "ctf" 13 | app_profile: "WordPress" 14 | bd: "10.193.x.x" 15 | epg: "web-tier" 16 | 17 | - tenant: "ctf" 18 | app_profile: "WordPress" 19 | bd: "10.193.x.x" 20 | epg: "db-tier" 21 | 22 | #============================================================================================== 23 | # Domains. 24 | #============================================================================================== 25 | domain: 26 | - tenant: "ctf" 27 | app_profile: "WordPress" 28 | epg: "web-tier" 29 | domain_name: "My-vCenter" 30 | domain_type: "vmm" 31 | vm_provider: "vmware" 32 | 33 | - tenant: "ctf" 34 | app_profile: "WordPress" 35 | epg: "db-tier" 36 | domain_name: "My-vCenter" 37 | domain_type: "vmm" 38 | vm_provider: "vmware" 39 | -------------------------------------------------------------------------------- /CTF/uni/pools-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # VLAN Pool(s) 3 | #============================================================================================== 4 | pools_vlan: 5 | - poolName: "all_vlans" 6 | poolType: "dynamic" 7 | descr: "Created by Ansible" 8 | allocMode: "static" 9 | start_vlanid: "2000" 10 | end_vlanid: "2501" 11 | 12 | - poolName: "all_vlans" 13 | poolType: "dynamic" 14 | descr: "Created by Ansible" 15 | allocMode: "dynamic" 16 | start_vlanid: "1000" 17 | end_vlanid: "1999" 18 | 19 | #============================================================================================== 20 | # VXLAN Pool(s) 21 | #============================================================================================== 22 | 23 | #============================================================================================== 24 | # VSAN Pool(s) 25 | #============================================================================================== 26 | 27 | #============================================================================================== 28 | # VSAN Attributes 29 | #============================================================================================== 30 | 31 | #============================================================================================== 32 | # Multicase Address 33 | #============================================================================================== 34 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/vars/pools-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # VLAN Pool(s) 3 | #============================================================================================== 4 | pools_vlan: 5 | - poolName: "all_vlans" 6 | poolType: "dynamic" 7 | descr: "Created by Ansible" 8 | allocMode: "static" 9 | start_vlanid: "2000" 10 | end_vlanid: "2501" 11 | 12 | - poolName: "all_vlans" 13 | poolType: "dynamic" 14 | descr: "Created by Ansible" 15 | allocMode: "dynamic" 16 | start_vlanid: "1000" 17 | end_vlanid: "1999" 18 | 19 | #============================================================================================== 20 | # VXLAN Pool(s) 21 | #============================================================================================== 22 | 23 | #============================================================================================== 24 | # VSAN Pool(s) 25 | #============================================================================================== 26 | 27 | #============================================================================================== 28 | # VSAN Attributes 29 | #============================================================================================== 30 | 31 | #============================================================================================== 32 | # Multicase Address 33 | #============================================================================================== 34 | -------------------------------------------------------------------------------- /CTF/uni/template.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # manage-switches 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior to adding switches to the fabric - Created by Ansible 45 | tags: snapshot 46 | -------------------------------------------------------------------------------- /Demos/02_Adding_VLANs_Postman/dCloud simulator.postman_environment.json: -------------------------------------------------------------------------------- 1 | { 2 | "id": "732665e9-0d8d-4d8f-bc32-88cde9c05785", 3 | "name": "dCloud simulator", 4 | "values": [ 5 | { 6 | "key": "apic", 7 | "value": "198.18.133.200", 8 | "enabled": true 9 | }, 10 | { 11 | "key": "token", 12 | "value": "BcUFAAAAAAAAAAAAAAAAAFvqQaz9sdyYNGYWyr0NwV8vTlYUAH3s/PwVDF0ZVAr75OhNTvSJzPMzHZ1E63dH83aw+VeD4qIZtFi+EOKDC8xNin/GkU4Dl1OHT9b4z0f98fiiasRtYTmjhe4Sb3x5VGkrcXNoxZRj/k3ZWjpabaHRMYRR2ZKYbZljQSpQVOeWDFjyfdp6xpzytvLiRLaoXw==", 13 | "enabled": true 14 | }, 15 | { 16 | "key": "username", 17 | "value": "admin", 18 | "enabled": true 19 | }, 20 | { 21 | "key": "password", 22 | "value": "C1sco12345", 23 | "enabled": true 24 | }, 25 | { 26 | "key": "allocMode", 27 | "value": "", 28 | "enabled": true 29 | }, 30 | { 31 | "key": "descr", 32 | "value": "Added by Postman", 33 | "enabled": true 34 | }, 35 | { 36 | "key": "poolName", 37 | "value": "", 38 | "enabled": true 39 | }, 40 | { 41 | "key": "from", 42 | "value": "", 43 | "enabled": true 44 | }, 45 | { 46 | "key": "to", 47 | "value": "", 48 | "enabled": true 49 | }, 50 | { 51 | "key": "status_is", 52 | "value": "", 53 | "enabled": true 54 | }, 55 | { 56 | "key": "", 57 | "value": "", 58 | "enabled": false 59 | }, 60 | { 61 | "key": "port_number", 62 | "value": "", 63 | "enabled": false 64 | }, 65 | { 66 | "key": "policy_group", 67 | "value": "", 68 | "enabled": false 69 | } 70 | ], 71 | "_postman_variable_scope": "environment", 72 | "_postman_exported_at": "2020-01-30T15:29:46.612Z", 73 | "_postman_exported_using": "Postman/7.16.1" 74 | } -------------------------------------------------------------------------------- /CTF/vmware/tmp/DeleteAnsibleDemo.yaml: -------------------------------------------------------------------------------- 1 | - name: Delete config from AnsibleDemo 2 | hosts: 10.61.124.32 3 | connection: local 4 | gather_facts: no 5 | vars: 6 | host: 10.61.124.32 7 | username: admin 8 | password: C!sco12345 9 | vmm_host: vcenter-amslab.cisco.com 10 | vmm_username: administrator@vsphere.local 11 | vmm_password: "C!sco12345" 12 | 13 | vars_prompt: 14 | - name: "tenant" 15 | prompt: "Tenant name?" 16 | default: "AnsibleDemo" 17 | private: no 18 | - name: "vm1" 19 | prompt: "VM1 name?" 20 | default: "AnsibleFrontend" 21 | private: no 22 | - name: "vm2" 23 | prompt: "VM2 name?" 24 | default: "AnsibleBackend" 25 | private: no 26 | 27 | 28 | tasks: 29 | 30 | - name: Change portgroup for VM 31 | vmware_guest: 32 | hostname: "{{ vmm_host }}" 33 | username: "{{ vmm_username }}" 34 | password: "{{ vmm_password }}" 35 | validate_certs: False 36 | datacenter: Amsterdam 37 | esxi_hostname: 10.61.125.65 38 | name: "{{ item.name }}" 39 | networks: 40 | - name: "{{ item.net }}" 41 | start_connected: True 42 | state: present 43 | with_items: 44 | - { name: "{{ vm1 }}", net: "abrantsm|TestApp|frontend" } 45 | - { name: "{{ vm2 }}", net: "abrantsm|TestApp|backend" } 46 | delegate_to: localhost 47 | 48 | - pause: 49 | seconds: 1 50 | 51 | - name: Delete Demo Tenant 52 | aci_tenant: 53 | hostname: "{{ host }}" 54 | username: "{{ username }}" 55 | password: "{{ password }}" 56 | validate_certs: no 57 | tenant: "{{ tenant }}" 58 | state: absent 59 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/vars/application-profile-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Application Profiles. 3 | #============================================================================================== 4 | ap: 5 | - tenant: "ctf" 6 | app_profile: "10.193.x.x" 7 | 8 | #============================================================================================== 9 | # EPGs. 10 | #============================================================================================== 11 | epg: 12 | - tenant: "ctf" 13 | app_profile: "10.193.x.x" 14 | bd: "10.193.x.x" 15 | epg: "windows-servers" 16 | 17 | #============================================================================================== 18 | # Domains. 19 | #============================================================================================== 20 | domain: 21 | - tenant: "ctf" 22 | app_profile: "10.193.x.x" 23 | epg: "windows-servers" 24 | domain_name: "physical_servers" 25 | domain_type: "phys" 26 | 27 | #============================================================================================== 28 | # Bindings. 29 | #============================================================================================== 30 | static_binding: 31 | - tenant: "ctf" 32 | app_profile: "10.193.x.x" 33 | epg: "windows-servers" 34 | interface_type: "switch_port" 35 | leafs: "101" 36 | path: "1/11" 37 | vlan: "2000" 38 | 39 | - tenant: "ctf" 40 | app_profile: "10.193.x.x" 41 | epg: "windows-servers" 42 | interface_type: "switch_port" 43 | leafs: "102" 44 | path: "1/11" 45 | vlan: "2000" 46 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/vars/switches-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Switch Policy Leaf Profiles. 3 | #============================================================================================== 4 | switches_leafSwitches_profiles: 5 | 6 | - leafName: Leaf-101 7 | fromLeafId: '101' 8 | toLeafId: '101' 9 | descr: Created by Ansible 10 | 11 | - leafName: Leaf-102 12 | fromLeafId: '102' 13 | toLeafId: '102' 14 | descr: Created by Ansible 15 | 16 | - leafName: Leaf-101_and_102 17 | fromLeafId: '101' 18 | toLeafId: '102' 19 | descr: Created by Ansible 20 | 21 | #- leafName: Leaf-103 22 | # fromLeafId: '103' 23 | # toLeafId: '103' 24 | # descr: Created by Ansible 25 | 26 | #- leafName: Leaf-104 27 | # fromLeafId: '104' 28 | # toLeafId: '104' 29 | # descr: Created by Ansible 30 | 31 | #- leafName: Leaf-103_and_104 32 | # fromLeafId: '103' 33 | # toLeafId: '104' 34 | # descr: Created by Ansible 35 | 36 | #- leafName: Leaf-105 37 | # fromLeafId: '105' 38 | # toLeafId: '105' 39 | # descr: Created by Ansible 40 | 41 | #- leafName: Leaf-106 42 | # fromLeafId: '106' 43 | # toLeafId: '106' 44 | # descr: Created by Ansible 45 | 46 | #- leafName: Leaf-105_and_106 47 | # fromLeafId: '105' 48 | # toLeafId: '106' 49 | # descr: Created by Ansible 50 | -------------------------------------------------------------------------------- /CTF/uni/pre-run-me-snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Create an APIC Snapshot 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | vars: 44 | snapshotDescription: Snapshot Pre Run-Me Playbook 45 | # 46 | 47 | tasks: 48 | - name: Create an APIC Snapshot 49 | aci_config_snapshot: 50 | <<: *apic_info 51 | state: present 52 | export_policy: config_backup 53 | max_count: 10 54 | description: "{{snapshotDescription}}" 55 | tags: always 56 | -------------------------------------------------------------------------------- /CTF/uni/post-run-me-snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Create an APIC Snapshot 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | vars: 44 | snapshotDescription: Snapshot Post Run-Me Playbook 45 | # 46 | 47 | tasks: 48 | - name: Create an APIC Snapshot 49 | aci_config_snapshot: 50 | <<: *apic_info 51 | state: present 52 | export_policy: config_backup 53 | max_count: 10 54 | description: "{{snapshotDescription}}" 55 | tags: always 56 | -------------------------------------------------------------------------------- /CTF/vmware/vms-and-templates/vm-network-backing.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../global-vars/vcenter-details.yaml 12 | 13 | tasks: 14 | - name: Set object status 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | 19 | - name: vCenter details 20 | set_fact: 21 | vcenter_info: &vcenter_login 22 | hostname: "{{ vcenter_info.hostname }}" 23 | username: "{{ vcenter_info.username }}" 24 | password: "{{ vcenter_info.password }}" 25 | validate_certs: no 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # 33 | #============================================================================================== 34 | - name: Modify VMs 35 | hosts: localhost 36 | connection: local 37 | gather_facts: no 38 | 39 | vars_files: 40 | - ./vars/vm-details.yaml 41 | 42 | tasks: 43 | - name: Change network backing 44 | vmware_guest: 45 | <<: *vcenter_login 46 | datacenter: "{{ item.datacenter }}" 47 | cluster: "{{ item.cluster }}" 48 | name: "{{ item.name }}" 49 | networks: 50 | - label: "{{ item.adapter }}" 51 | name: "{{ item.network }}" 52 | connected: "{{ item.connected}}" 53 | start_connected: True 54 | loop: "{{ vm_names }}" 55 | -------------------------------------------------------------------------------- /CTF/uni/pre-initial-setup-snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Create an APIC Snapshot 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | vars: 44 | snapshotDescription: Snapshot Pre Initial Master Playbook 45 | # 46 | 47 | tasks: 48 | - name: Create an APIC Snapshot 49 | aci_config_snapshot: 50 | <<: *apic_info 51 | state: present 52 | export_policy: config_backup 53 | max_count: 10 54 | description: "{{snapshotDescription}}" 55 | tags: always 56 | -------------------------------------------------------------------------------- /CTF/uni/post-initial-setup-snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Create an APIC Snapshot 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | vars: 44 | snapshotDescription: Snapshot Post Initial Master Playbook 45 | # 46 | 47 | tasks: 48 | - name: Create an APIC Snapshot 49 | aci_config_snapshot: 50 | <<: *apic_info 51 | state: present 52 | export_policy: config_backup 53 | max_count: 10 54 | description: "{{snapshotDescription}}" 55 | tags: always 56 | -------------------------------------------------------------------------------- /CTF/uni/snapshot-local.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Create an APIC Snapshot 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | # uncomment the following lines for test purposes 44 | # 45 | # vars: 46 | # snapshotDescription: Snapshot Created by Ansible 47 | # 48 | 49 | tasks: 50 | - name: Create an APIC Snapshot 51 | aci_config_snapshot: 52 | <<: *apic_info 53 | state: present 54 | export_policy: config_backup 55 | max_count: 10 56 | description: "{{snapshotDescription}}" 57 | tags: snapshot 58 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/vars/windows-servers-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Application Profiles. 3 | #============================================================================================== 4 | ap: 5 | - tenant: "ctf" 6 | app_profile: "10.193.x.x" 7 | 8 | #============================================================================================== 9 | # EPGs. 10 | #============================================================================================== 11 | epg: 12 | - tenant: "ctf" 13 | app_profile: "10.193.x.x" 14 | bd: "10.193.x.x" 15 | epg: "windows-servers" 16 | 17 | #============================================================================================== 18 | # Domains. 19 | #============================================================================================== 20 | domain: 21 | - tenant: "ctf" 22 | app_profile: "10.193.x.x" 23 | epg: "windows-servers" 24 | domain_name: "physical_servers" 25 | domain_type: "phys" 26 | 27 | #============================================================================================== 28 | # Bindings. 29 | #============================================================================================== 30 | static_binding: 31 | - tenant: "ctf" 32 | app_profile: "10.193.x.x" 33 | epg: "windows-servers" 34 | interface_type: "switch_port" 35 | leafs: "101" 36 | path: "1/11" 37 | vlan: "2002" 38 | 39 | - tenant: "ctf" 40 | app_profile: "10.193.x.x" 41 | epg: "windows-servers" 42 | interface_type: "switch_port" 43 | leafs: "102" 44 | path: "1/11" 45 | vlan: "2002" 46 | 47 | - tenant: "ctf" 48 | app_profile: "10.193.x.x" 49 | epg: "windows-servers" 50 | interface_type: "switch_port" 51 | leafs: "101" 52 | path: "1/12" 53 | vlan: "2002" 54 | 55 | - tenant: "ctf" 56 | app_profile: "10.193.x.x" 57 | epg: "windows-servers" 58 | interface_type: "switch_port" 59 | leafs: "102" 60 | path: "1/12" 61 | vlan: "2002" 62 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-remove-default-objects.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-removing-default-objects 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Remove default physical domain 49 | #============================================================================================== 50 | - name: Remove default objects 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: 56 | - ./global-vars/tenants.yaml 57 | 58 | tasks: 59 | - name: Remove default physical domain 60 | aci_domain: 61 | <<: *apic_info 62 | domain: phys 63 | domain_type: phys 64 | state: absent 65 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-tenants.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # tenants 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Tenants 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Add Tenants 49 | #============================================================================================== 50 | - name: Manage Tenants 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: 56 | - ./global-vars/tenants.yaml 57 | 58 | tasks: 59 | - name: Create/Delete Tenants 60 | aci_tenant: 61 | <<: *apic_info 62 | tenant: "{{ item.tenant }}" 63 | description: "{{ item.descr }}" 64 | state: "{{ desired_state }}" 65 | loop: 66 | "{{tenants}}" 67 | tags: tenants 68 | -------------------------------------------------------------------------------- /CTF/uni/snapshot.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # snapshot 6 | # 7 | #============================================================================================== 8 | 9 | #============================================================================================== 10 | # Global Configuration 11 | #============================================================================================== 12 | - name: Define global settings 13 | hosts: localhost 14 | connection: local 15 | gather_facts: no 16 | 17 | #============================================================================================== 18 | # Set local and global variables 19 | #============================================================================================== 20 | vars_files: 21 | - ./global-vars/apic-details.yaml 22 | 23 | tasks: 24 | #============================================================================================== 25 | # APIC access information 26 | #============================================================================================== 27 | - name: apic details 28 | set_fact: 29 | apic_info: &apic_info 30 | host: "{{ apic_info.host }}" 31 | username: "{{ apic_info.username }}" 32 | password: "{{ apic_info.password }}" 33 | validate_certs: no 34 | 35 | rest_info: &rest_info 36 | use_proxy: no 37 | path: /api/mo/.json 38 | method: post 39 | tags: always 40 | 41 | #============================================================================================== 42 | # Take a configuration snapshot 43 | #============================================================================================== 44 | - name: Create an APIC Snapshot 45 | hosts: localhost 46 | connection: local 47 | gather_facts: no 48 | 49 | vars: 50 | description: Snapshot Created by Ansible 51 | tasks: 52 | - name: Create an APIC Snapshot 53 | aci_config_snapshot: 54 | <<: *apic_info 55 | state: present 56 | export_policy: config_backup 57 | max_count: 10 58 | description: "{{description}}" 59 | tags: snapshot 60 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-tenants.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # tenants 6 | # 7 | #============================================================================================== 8 | 9 | - import_playbook: ./snapshot.yaml 10 | 11 | #============================================================================================== 12 | # Global Configuration 13 | #============================================================================================== 14 | - name: Define global settings 15 | hosts: localhost 16 | connection: local 17 | gather_facts: no 18 | 19 | #============================================================================================== 20 | # Set local and global variables 21 | #============================================================================================== 22 | vars_files: 23 | - ./global-vars/apic-details.yaml 24 | 25 | tasks: 26 | - name: 27 | set_fact: 28 | desired_state: present 29 | # desired_state: absent 30 | 31 | #============================================================================================== 32 | # APIC access information 33 | #============================================================================================== 34 | - name: apic details 35 | set_fact: 36 | apic_info: &apic_info 37 | host: "{{ apic_info.host }}" 38 | username: "{{ apic_info.username }}" 39 | password: "{{ apic_info.password }}" 40 | validate_certs: no 41 | 42 | rest_info: &rest_info 43 | use_proxy: no 44 | path: /api/mo/.json 45 | method: post 46 | tags: always 47 | 48 | #============================================================================================== 49 | # Add Tenants 50 | #============================================================================================== 51 | - name: Add Tenants 52 | hosts: localhost 53 | connection: local 54 | gather_facts: no 55 | 56 | vars_files: 57 | - ./global-vars/tenants.yaml 58 | 59 | tasks: 60 | - name: Add Tenants 61 | aci_tenant: 62 | <<: *apic_info 63 | tenant: "{{ item.tenant }}" 64 | description: "{{ item.descr }}" 65 | state: "{{desired_state}}" 66 | loop: 67 | "{{tenants}}" 68 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/networking/vrfs.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # vrfs 41 | #============================================================================================== 42 | - import_playbook: ../../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Common-Tenant-VRFs 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Create VRFs 49 | #============================================================================================== 50 | - name: Configure VRF 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: 56 | - ./vars/vrf-vars.yaml 57 | 58 | tasks: 59 | - name: Create/Delete VRF 60 | aci_vrf: 61 | <<: *apic_info 62 | tenant: "{{ item.tenant }}" 63 | vrf: "{{ item.vrf }}" 64 | description: "{{ item.descr }}" 65 | policy_control_preference: enforced 66 | state: "{{ desired_state }}" 67 | with_items: 68 | - "{{ vrf }}" 69 | loop_control: 70 | pause: 1 71 | tags: 72 | - vrf 73 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/vars/linux-servers-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Application Profiles. 3 | #============================================================================================== 4 | ap: 5 | - tenant: "ctf" 6 | app_profile: "10.193.x.x" 7 | 8 | #============================================================================================== 9 | # EPGs. 10 | #============================================================================================== 11 | epg: 12 | - tenant: "ctf" 13 | app_profile: "10.193.x.x" 14 | bd: "10.193.x.x" 15 | epg: "linux-servers" 16 | 17 | #============================================================================================== 18 | # Domains. 19 | #============================================================================================== 20 | domain: 21 | - tenant: "ctf" 22 | app_profile: "10.193.x.x" 23 | epg: "linux-servers" 24 | domain_name: "physical_servers" 25 | domain_type: "phys" 26 | 27 | #============================================================================================== 28 | # Bindings. 29 | #============================================================================================== 30 | static_binding: 31 | - tenant: "ctf" 32 | app_profile: "10.193.x.x" 33 | epg: "linux-servers" 34 | interface_type: "switch_port" 35 | leafs: "101" 36 | path: "1/14" 37 | vlan: "2001" 38 | 39 | - tenant: "ctf" 40 | app_profile: "10.193.x.x" 41 | epg: "linux-servers" 42 | interface_type: "switch_port" 43 | leafs: "102" 44 | path: "1/14" 45 | vlan: "2001" 46 | 47 | - tenant: "ctf" 48 | app_profile: "10.193.x.x" 49 | epg: "linux-servers" 50 | interface_type: "switch_port" 51 | leafs: "101" 52 | path: "1/15" 53 | vlan: "2001" 54 | 55 | - tenant: "ctf" 56 | app_profile: "10.193.x.x" 57 | epg: "linux-servers" 58 | interface_type: "switch_port" 59 | leafs: "102" 60 | path: "1/15" 61 | vlan: "2001" 62 | 63 | - tenant: "ctf" 64 | app_profile: "10.193.x.x" 65 | epg: "linux-servers" 66 | interface_type: "switch_port" 67 | leafs: "101" 68 | path: "1/16" 69 | vlan: "2001" 70 | 71 | - tenant: "ctf" 72 | app_profile: "10.193.x.x" 73 | epg: "linux-servers" 74 | interface_type: "switch_port" 75 | leafs: "102" 76 | path: "1/16" 77 | vlan: "2001" 78 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/leaf-profiles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # leaf-profiles 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Leaf-Profiles 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Create Leaf Interface Profiles 49 | #============================================================================================== 50 | - name: Configure Leaf Interface Profiles 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: 56 | - ./vars/interfaces-vars.yaml 57 | 58 | tasks: 59 | - name: Create/Delete Leaf Interface Profiles 60 | aci_rest: 61 | <<: *apic_info 62 | <<: *rest_info 63 | content: 64 | infraAccPortP: 65 | attributes: 66 | descr: "{{ item.descr }}" 67 | dn: "uni/infra/accportprof-{{item.leafName}}" 68 | name: "{{ item.leafName }}" 69 | status: "{{ desired_status }}" 70 | with_items: 71 | "{{ interfaces_leafInterfaces_profiles }}" 72 | loop_control: 73 | pause: 1 74 | tags: leaf-profiles 75 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-node-mgmt.yaml.orig: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Global Configuration 3 | #============================================================================================== 4 | - name: Define global settings 5 | hosts: localhost 6 | connection: local 7 | gather_facts: no 8 | 9 | #============================================================================================== 10 | # Set local and global variables 11 | #============================================================================================== 12 | vars_files: 13 | - ./global-vars/apic-details.yaml 14 | 15 | tasks: 16 | - name: 17 | set_fact: 18 | desired_state: 19 | status: 'modified,created' 20 | #status: deleted 21 | 22 | #============================================================================================== 23 | # APIC access information 24 | #============================================================================================== 25 | - name: apic details 26 | set_fact: 27 | apic_info: &apic_info 28 | host: "{{ apic_info.host }}" 29 | username: "{{ apic_info.username }}" 30 | password: "{{ apic_info.password }}" 31 | validate_certs: no 32 | 33 | rest_info: &rest_info 34 | use_proxy: no 35 | path: /api/mo/.json 36 | method: post 37 | tags: always 38 | 39 | #============================================================================================== 40 | # Create Physical Domains 41 | #============================================================================================== 42 | - name: Configure oob management addresses 43 | hosts: localhost 44 | connection: local 45 | gather_facts: no 46 | 47 | vars_files: ./global-vars/node-mgmt.yaml 48 | 49 | tasks: 50 | - name: Create/Delete Node Management Addresses 51 | aci_rest: 52 | <<: *apic_info 53 | <<: *rest_info 54 | content: 55 | mgmtRsOoBStNode: 56 | attributes: 57 | dn: "uni/tn-mgmt/mgmtp-default/oob-default/rsooBStNode-[topology/pod-{{item.pod}}/node-{{item.node}}]" 58 | addr: "{{item.addr}}" 59 | gw: "{{item.gw}}" 60 | tDn: "topology/pod-{{item.pod}}/node-{{item.node}}" 61 | v6Addr: "::" 62 | v6Gw: "::" 63 | status: "{{desired_state.status}}" 64 | with_items: 65 | "{{mgmtRsOoBStNode}}" 66 | #tags: 67 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/vars/policies-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Switch Policies 3 | #============================================================================================== 4 | policies_switch_virtualPortChannelDefault: 5 | - leafName: "Leaf-101_and_102" 6 | leaf_id_a: "101" 7 | leaf_id_b: "102" 8 | vpc_id: "1" 9 | descr: "Created by Ansible" 10 | 11 | #- leafName: "Leaf-103_and_104" 12 | # leaf_id_a: "103" 13 | # leaf_id_b: "104" 14 | # vpc_id: "1" 15 | # descr: "Created by Ansible" 16 | 17 | #- leafName: "Leaf-105_and_106" 18 | # leaf_id_a: "105" 19 | # leaf_id_b: "106" 20 | # vpc_id: "1" 21 | # descr: "Created by Ansible" 22 | 23 | #============================================================================================== 24 | # Interface Policies 25 | #============================================================================================== 26 | policies_interface_cdpInterface: 27 | - cdpName: "cdp-enabled" 28 | adminSt: "enabled" 29 | descr: "Created by Ansible" 30 | 31 | policies_interface_portChannel: 32 | - portChannelName: "lacp-active" 33 | portChannelMode: "active" 34 | descr: "Created by Ansible" 35 | 36 | #============================================================================================== 37 | # Global Policies 38 | #============================================================================================== 39 | policies_global_aaep_phys: 40 | - aaepName: "all_vlans" 41 | descr: "Created by Ansible" 42 | domainName: "physical_servers" 43 | 44 | policies_global_aaep_l2: 45 | - aaepName: "all_vlans" 46 | descr: "Created by Ansible" 47 | domainName: "layer_2_extension" 48 | 49 | #============================================================================================== 50 | # Monitoring Policies 51 | #============================================================================================== 52 | 53 | #============================================================================================== 54 | # Troubleshooting Policies 55 | #============================================================================================== 56 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-fault-timers.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # fault-timers 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-Lowering-Fault-Timers 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Lower Fault Timers 49 | #============================================================================================== 50 | - name: Manage Fault Timers 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | tasks: 56 | - name: Lower Default Fault Timers 57 | aci_rest: 58 | <<: *apic_info 59 | <<: *rest_info 60 | content: 61 | faultLcP: 62 | attributes: 63 | clear: '5' 64 | code: generic 65 | dn: uni/fabric/monfab-default/flcp-generic 66 | retain: '10' 67 | soak: '5' 68 | 69 | - name: Lower Common Policy Fault Timers 70 | aci_rest: 71 | <<: *apic_info 72 | <<: *rest_info 73 | content: 74 | faultLcP: 75 | attributes: 76 | clear: '5' 77 | code: generic 78 | dn: uni/fabric/moncommon/flcp-generic 79 | retain: '10' 80 | soak: '5' 81 | tags: fault-timers 82 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-node-mgmt.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # node-oob 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-oob-Management-Configuration 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Configure fabric oob management addresses 49 | #============================================================================================== 50 | - name: Configure oob management addresses 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: ./global-vars/node-mgmt.yaml 56 | 57 | tasks: 58 | - name: Create/Delete Node Management Addresses 59 | aci_rest: 60 | <<: *apic_info 61 | <<: *rest_info 62 | content: 63 | mgmtRsOoBStNode: 64 | attributes: 65 | dn: "uni/tn-mgmt/mgmtp-default/oob-default/rsooBStNode-[topology/pod-{{item.pod}}/node-{{item.node}}]" 66 | addr: "{{item.addr}}" 67 | gw: "{{item.gw}}" 68 | tDn: "topology/pod-{{item.pod}}/node-{{item.node}}" 69 | v6Addr: "::" 70 | v6Gw: "::" 71 | status: "{{desired_status}}" 72 | with_items: 73 | "{{mgmtRsOoBStNode}}" 74 | tags: node-oob 75 | -------------------------------------------------------------------------------- /CTF/uni/snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Take snapshot to file server 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | # uncomment the following lines for test purposes 44 | # 45 | # vars: 46 | # snapshotDescription: Snapshot Created by Ansible 47 | # 48 | 49 | tasks: 50 | - name: 51 | aci_rest: 52 | <<: *apic_info 53 | <<: *rest_info 54 | content: 55 | configExportP: 56 | attributes: 57 | dn: uni/fabric/configexp-"{{snapshotDescription}}" 58 | name: "{{snapshotDescription}}" 59 | # dn: uni/fabric/configexp-config-backup 60 | # name: config-backup 61 | snapshot: 'false' 62 | targetDn: '' 63 | adminSt: triggered 64 | rn: configexp-defaultOneTime 65 | status: 'created,modified' 66 | descr: '{{snapshotDescription}}' 67 | children: 68 | - configRsRemotePath: 69 | attributes: 70 | tnFileRemotePathName: dCloud-AD1-Session-RL 71 | status: 'created,modified' 72 | -------------------------------------------------------------------------------- /CTF/uni/exported-post-run-me-snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Take snapshot to file server 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | # vars_files: ./global-vars/ntp.yaml 44 | 45 | tasks: 46 | - name: 47 | aci_rest: 48 | <<: *apic_info 49 | <<: *rest_info 50 | content: 51 | configExportP: 52 | attributes: 53 | dn: uni/fabric/configexp-Exported-Post-Run-Me-Snapshot 54 | name: Exported-Post-Run-Me-Snapshot 55 | snapshot: 'false' 56 | targetDn: '' 57 | adminSt: triggered 58 | rn: configexp-defaultOneTime 59 | status: 'created,modified' 60 | descr: '' 61 | children: 62 | - configRsRemotePath: 63 | attributes: 64 | tnFileRemotePathName: dCloud-AD1-Session-RL 65 | status: 'created,modified' 66 | -------------------------------------------------------------------------------- /CTF/uni/exported-pre-run-me-snapshot.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: apic details 15 | set_fact: 16 | apic_info: &apic_info 17 | host: "{{ apic_info.host }}" 18 | username: "{{ apic_info.username }}" 19 | password: "{{ apic_info.password }}" 20 | validate_certs: no 21 | 22 | rest_info: &rest_info 23 | use_proxy: no 24 | path: /api/mo/.json 25 | method: post 26 | tags: always 27 | 28 | #============================================================================================== 29 | # Begin Plays 30 | # 31 | # Available Tags: 32 | # snapshot 33 | #============================================================================================== 34 | 35 | #============================================================================================== 36 | # Take a configuration snapshot 37 | #============================================================================================== 38 | - name: Take snapshot to file server 39 | hosts: localhost 40 | connection: local 41 | gather_facts: no 42 | 43 | # vars_files: ./global-vars/ntp.yaml 44 | 45 | tasks: 46 | - name: 47 | aci_rest: 48 | <<: *apic_info 49 | <<: *rest_info 50 | content: 51 | configExportP: 52 | attributes: 53 | dn: uni/fabric/configexp-Exported-Pre-Run-Me-Snapshot 54 | name: Exported-Pre-Run-Me-Snapshot 55 | snapshot: 'false' 56 | targetDn: '' 57 | adminSt: triggered 58 | rn: configexp-defaultOneTime 59 | status: 'created,modified' 60 | descr: '' 61 | children: 62 | - configRsRemotePath: 63 | attributes: 64 | tnFileRemotePathName: dCloud-AD1-Session-RL 65 | status: 'created,modified' 66 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/leaf-profiles.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # leaf-profiles 6 | # 7 | #============================================================================================== 8 | 9 | - import_playbook: ../../snapshot.yaml 10 | tags: snapshot 11 | 12 | #============================================================================================== 13 | # Global Configuration 14 | #============================================================================================== 15 | - name: Define global settings 16 | hosts: localhost 17 | connection: local 18 | gather_facts: no 19 | 20 | #============================================================================================== 21 | # Set local and global variables 22 | #============================================================================================== 23 | vars_files: 24 | - ../../global-vars/apic-details.yaml 25 | 26 | tasks: 27 | - name: 28 | set_fact: 29 | desired_state: 30 | status: 'modified,created' 31 | #status: deleted 32 | 33 | #============================================================================================== 34 | # APIC access information 35 | #============================================================================================== 36 | - name: apic details 37 | set_fact: 38 | apic_info: &apic_info 39 | host: "{{ apic_info.host }}" 40 | username: "{{ apic_info.username }}" 41 | password: "{{ apic_info.password }}" 42 | validate_certs: no 43 | 44 | rest_info: &rest_info 45 | use_proxy: no 46 | path: /api/mo/.json 47 | method: post 48 | tags: always 49 | 50 | #============================================================================================== 51 | # Create Leaf Interface Profiles 52 | #============================================================================================== 53 | - name: Configure Leaf Interface Profiles 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: 59 | - ./vars/interfaces-vars.yaml 60 | 61 | tasks: 62 | - name: Create/Delete Leaf Interface Profiles 63 | aci_rest: 64 | <<: *apic_info 65 | <<: *rest_info 66 | content: 67 | infraAccPortP: 68 | attributes: 69 | descr: "{{ item.descr }}" 70 | dn: "uni/infra/accportprof-{{item.leafName}}" 71 | name: "{{ item.leafName }}" 72 | status: "{{ desired_state.status }}" 73 | with_items: 74 | "{{ interfaces_leafInterfaces_profiles }}" 75 | tags: leaf-profiles 76 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/pools.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # pools 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-VLAN-Pools 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Configure Pools 49 | #============================================================================================== 50 | - name: Configure Pools 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: ./vars/pools-vars.yaml 56 | 57 | tasks: 58 | - name: Create/Delete VLAN Pool 59 | aci_rest: 60 | <<: *apic_info 61 | <<: *rest_info 62 | content: 63 | fvnsVlanInstP: 64 | attributes: 65 | allocMode: "{{ item.poolType }}" 66 | descr: "{{ item.descr }}" 67 | dn: "uni/infra/vlanns-[{{ item.poolName }}]-[{{ item.poolType }}]" 68 | name: "{{ item.poolName }}" 69 | status: "{{ desired_status }}" 70 | children: 71 | - fvnsEncapBlk: 72 | attributes: 73 | allocMode: "{{ item.allocMode }}" 74 | from: "vlan-{{ item.start_vlanid }}" 75 | role: external 76 | to: "vlan-{{ item.end_vlanid }}" 77 | with_items: 78 | "{{ pools_vlan }}" 79 | loop_control: 80 | pause: 1 81 | tags: pools 82 | -------------------------------------------------------------------------------- /CTF/uni/fabric/inventory/add-switches.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # manage-switches 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-adding-switches 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Add switches to simulator 49 | #============================================================================================== 50 | - name: Create/Delete Switches 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | tasks: 56 | - name: Add Leaf-101 57 | aci_fabric_node: 58 | <<: *apic_info 59 | serial: TEP-1-101 60 | node_id: 101 61 | switch: Leaf-101 62 | state: "{{ desired_state }}" 63 | 64 | - name: Add Leaf-102 65 | aci_fabric_node: 66 | <<: *apic_info 67 | serial: TEP-1-102 68 | node_id: 102 69 | switch: Leaf-102 70 | state: "{{ desired_state }}" 71 | 72 | - name: Add Spine-201 73 | aci_fabric_node: 74 | <<: *apic_info 75 | serial: TEP-1-103 76 | node_id: 201 77 | switch: Spine-201 78 | state: "{{ desired_state }}" 79 | 80 | # - name: Add Spine-202 81 | # aci_fabric_node: 82 | # <<: *apic_info 83 | # serial: TEP-1-104 84 | # node_id: 202 85 | # switch: Spine-202 86 | # state: "{{ desired_state }}" 87 | 88 | tags: manage-switches 89 | -------------------------------------------------------------------------------- /CTF/uni/rest-template.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Global Configuration 3 | #============================================================================================== 4 | - name: Define global settings 5 | hosts: localhost 6 | connection: local 7 | gather_facts: no 8 | 9 | #============================================================================================== 10 | # Set local and global variables 11 | #============================================================================================== 12 | vars_files: 13 | - ./global-vars/apic-details.yaml 14 | 15 | tasks: 16 | - name: 17 | set_fact: 18 | desired_state: 19 | status: 'modified,created' 20 | #status: deleted 21 | 22 | #============================================================================================== 23 | # APIC access information 24 | #============================================================================================== 25 | - name: apic details 26 | set_fact: 27 | apic_info: &apic_info 28 | host: "{{ apic_info.host }}" 29 | username: "{{ apic_info.username }}" 30 | password: "{{ apic_info.password }}" 31 | validate_certs: no 32 | 33 | rest_info: &rest_info 34 | use_proxy: no 35 | path: /api/mo/.json 36 | method: post 37 | tags: always 38 | 39 | #============================================================================================== 40 | # Create Physical Domains 41 | #============================================================================================== 42 | - name: Configure NTP server addresses 43 | hosts: localhost 44 | connection: local 45 | gather_facts: no 46 | 47 | vars_files: ./global-vars/ntp.yaml 48 | 49 | tasks: 50 | - name: Create/Delete NTP server addresses 51 | aci_rest: 52 | <<: *apic_info 53 | <<: *rest_info 54 | content: 55 | datetimeNtpProv: 56 | attributes: 57 | annotation: '' 58 | descr: '' 59 | dn: uni/fabric/time-default/ntpprov-{{item.ntpServer}} 60 | keyId: '0' 61 | maxPoll: '6' 62 | minPoll: '4' 63 | name: "{{item.ntpServer}}" 64 | nameAlias: '' 65 | preferred: 'no' 66 | trueChimer: disabled 67 | status: "{{desired_state.status}}" 68 | children: 69 | - datetimeRsNtpProvToEpg: 70 | attributes: 71 | annotation: '' 72 | tDn: uni/tn-mgmt/mgmtp-default/oob-default 73 | with_items: 74 | "{{datetimeNtpProv}}" 75 | #tags: 76 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-ntp.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # ntp 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-NTP-Configuration 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Configure NTP server addresses 49 | #============================================================================================== 50 | - name: Manage NTP servers 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: ./global-vars/ntp.yaml 56 | 57 | tasks: 58 | - name: Create/Delete NTP server addresses 59 | aci_rest: 60 | <<: *apic_info 61 | <<: *rest_info 62 | content: 63 | datetimeNtpProv: 64 | attributes: 65 | annotation: '' 66 | descr: '' 67 | dn: uni/fabric/time-default/ntpprov-{{item.ntpServer}} 68 | keyId: '0' 69 | maxPoll: '6' 70 | minPoll: '4' 71 | name: "{{item.ntpServer}}" 72 | nameAlias: '' 73 | preferred: 'no' 74 | trueChimer: disabled 75 | status: "{{desired_status}}" 76 | children: 77 | - datetimeRsNtpProvToEpg: 78 | attributes: 79 | annotation: '' 80 | tDn: uni/tn-mgmt/mgmtp-default/oob-default 81 | with_items: 82 | "{{datetimeNtpProv}}" 83 | tags: ntp 84 | -------------------------------------------------------------------------------- /Demos/09_Add_AP_EPG_Contracts_Terraform/main.tf: -------------------------------------------------------------------------------- 1 | provider "aci" { 2 | username = var.aciUser 3 | private_key = var.aciPrivateKey 4 | cert_name = var.aciCertName 5 | insecure = true 6 | url = var.aciUrl 7 | } 8 | 9 | resource "aci_tenant" "tenant_name" { 10 | name = var.tenantName 11 | description = "created by terraform" 12 | } 13 | 14 | data "aci_tenant" "tenant_common" { 15 | name = "common" 16 | } 17 | 18 | data "aci_vrf" "common_vrf01" { 19 | tenant_dn = data.aci_tenant.tenant_common.id 20 | name = "vrf-01" 21 | } 22 | 23 | data "aci_vmm_domain" "HX-ACI" { 24 | provider_profile_dn = var.provider_profile_dn 25 | name = "HX-ACI" 26 | } 27 | 28 | resource "aci_bridge_domain" "bd_name" { 29 | tenant_dn = data.aci_tenant.tenant_common.id 30 | relation_fv_rs_ctx = data.aci_vrf.common_vrf01.name 31 | name = var.bd_name 32 | } 33 | 34 | resource "aci_subnet" "bd1_subnet" { 35 | bridge_domain_dn = aci_bridge_domain.bd_name.id 36 | ip = var.bd_subnet 37 | } 38 | 39 | resource "aci_application_profile" "app_profile" { 40 | tenant_dn = aci_tenant.tenant_name.id 41 | name = var.app_profile_name 42 | } 43 | 44 | resource "aci_application_epg" "epg_frontend" { 45 | application_profile_dn = aci_application_profile.app_profile.id 46 | name = "Frontend" 47 | relation_fv_rs_bd = aci_bridge_domain.bd_name.name 48 | relation_fv_rs_dom_att = [data.aci_vmm_domain.HX-ACI.id] 49 | relation_fv_rs_cons = [aci_contract.contract_wordpress.name] 50 | } 51 | 52 | resource "aci_application_epg" "epg_backend" { 53 | application_profile_dn = aci_application_profile.app_profile.id 54 | name = "Backend" 55 | relation_fv_rs_bd = aci_bridge_domain.bd_name.name 56 | relation_fv_rs_dom_att = [data.aci_vmm_domain.HX-ACI.id] 57 | relation_fv_rs_prov = [aci_contract.contract_wordpress.name] 58 | } 59 | 60 | resource "aci_filter" "allow_mysql" { 61 | tenant_dn = data.aci_tenant.tenant_common.id 62 | name = "tcp_src_port_any_to_dst_port_3306" 63 | } 64 | 65 | resource "aci_filter_entry" "mysql" { 66 | name = "src_port_any_to_dst_port_3306" 67 | filter_dn = aci_filter.allow_mysql.id 68 | ether_t = "ip" 69 | prot = "tcp" 70 | d_from_port = "3306" 71 | d_to_port = "3306" 72 | stateful = "yes" 73 | } 74 | 75 | resource "aci_filter" "allow_ssh" { 76 | tenant_dn = data.aci_tenant.tenant_common.id 77 | name = "tcp_src_port_any_to_dst_port_22" 78 | } 79 | 80 | resource "aci_filter_entry" "ssh" { 81 | name = "src_port_any_to_dst_port_22" 82 | filter_dn = aci_filter.allow_ssh.id 83 | ether_t = "ip" 84 | prot = "tcp" 85 | d_from_port = "22" 86 | d_to_port = "22" 87 | stateful = "yes" 88 | } 89 | 90 | resource "aci_contract" "contract_wordpress" { 91 | tenant_dn = aci_tenant.tenant_name.id 92 | name = "WordPress:Backend_to_WordPress:Frontend" 93 | } 94 | 95 | resource "aci_contract_subject" "wordpress_subject" { 96 | contract_dn = aci_contract.contract_wordpress.id 97 | name = "tcp" 98 | relation_vz_rs_subj_filt_att = [aci_filter.allow_mysql.name,aci_filter.allow_ssh.name] 99 | } 100 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/vars/interfaces-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Leaf Interface Profiles 3 | #============================================================================================== 4 | interfaces_leafInterfaces_profiles: 5 | - leafName: Leaf-101 6 | descr: Created by Ansible 7 | 8 | - leafName: Leaf-102 9 | descr: Created by Ansible 10 | 11 | - leafName: Leaf-101_and_102 12 | descr: Created by Ansible 13 | 14 | - leafName: Leaf-103 15 | descr: Created by Ansible 16 | 17 | - leafName: Leaf-104 18 | descr: Created by Ansible 19 | 20 | - leafName: Leaf-103_and_104 21 | descr: Created by Ansible 22 | 23 | - leafName: Leaf-105 24 | descr: Created by Ansible 25 | 26 | - leafName: Leaf-106 27 | descr: Created by Ansible 28 | 29 | - leafName: Leaf-105_and_106 30 | descr: Created by Ansible 31 | 32 | #============================================================================================== 33 | # Leaf Interface Policy Groups 34 | #============================================================================================== 35 | interfaces_leafInterfaces_policyGroups_leafAccessPort: 36 | - accessPolicyGroupName: esx-host 37 | descr: Created by Ansible 38 | policies_interface_cdpInterface: cdp-enabled 39 | aaepName: all_vlans 40 | 41 | - accessPolicyGroupName: windows-host 42 | descr: Created by Ansible 43 | policies_interface_cdpInterface: cdp-enabled 44 | aaepName: all_vlans 45 | 46 | - accessPolicyGroupName: linux-host 47 | descr: Created by Ansible 48 | policies_interface_cdpInterface: cdp-enabled 49 | aaepName: all_vlans 50 | 51 | 52 | interfaces_leafInterfaces_policyGroups_vpcInterface: 53 | - vpcPolicyGroupName: vpc-1 54 | descr: Created by Ansible 55 | policies_interface_cdpInterface: cdp-enabled 56 | policies_interface_portChannel: lacp-active 57 | aaepName: all_vlans 58 | 59 | #============================================================================================== 60 | # Overrides 61 | #============================================================================================== 62 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-dns.yaml.orig: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Global Configuration 3 | #============================================================================================== 4 | - name: Define global settings 5 | hosts: localhost 6 | connection: local 7 | gather_facts: no 8 | 9 | #============================================================================================== 10 | # Set local and global variables 11 | #============================================================================================== 12 | vars_files: 13 | - ./global-vars/apic-details.yaml 14 | 15 | tasks: 16 | - name: 17 | set_fact: 18 | desired_state: 19 | status: 'modified,created' 20 | #status: deleted 21 | 22 | #============================================================================================== 23 | # APIC access information 24 | #============================================================================================== 25 | - name: apic details 26 | set_fact: 27 | apic_info: &apic_info 28 | host: "{{ apic_info.host }}" 29 | username: "{{ apic_info.username }}" 30 | password: "{{ apic_info.password }}" 31 | validate_certs: no 32 | 33 | rest_info: &rest_info 34 | use_proxy: no 35 | path: /api/mo/.json 36 | method: post 37 | tags: always 38 | 39 | #============================================================================================== 40 | # Create Physical Domains 41 | #============================================================================================== 42 | - name: Configure DNS server addresses 43 | hosts: localhost 44 | connection: local 45 | gather_facts: no 46 | 47 | vars_files: ./global-vars/dns.yaml 48 | 49 | tasks: 50 | - name: Create/Delete DNS server addresses 51 | aci_rest: 52 | <<: *apic_info 53 | <<: *rest_info 54 | content: 55 | dnsProfile: 56 | attributes: 57 | IPVerPreference: IPv4 58 | annotation: '' 59 | descr: '' 60 | dn: uni/fabric/dnsp-default 61 | name: default 62 | nameAlias: '' 63 | ownerKey: '' 64 | ownerTag: '' 65 | status: "{{desired_state.status}}" 66 | children: 67 | - dnsRsProfileToEpg: 68 | attributes: 69 | annotation: '' 70 | tDn: uni/tn-mgmt/mgmtp-default/oob-default 71 | - dnsProv: 72 | attributes: 73 | addr: "{{item.dnsServer}}" 74 | annotation: '' 75 | name: '' 76 | nameAlias: '' 77 | preferred: 'no' 78 | with_items: 79 | "{{dnsProfile}}" 80 | #tags: 81 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/pools.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # pools 6 | # 7 | #============================================================================================== 8 | 9 | - import_playbook: ../../snapshot.yaml 10 | tags: snapshot 11 | 12 | #============================================================================================== 13 | # Global Configuration 14 | #============================================================================================== 15 | - name: Define global settings 16 | hosts: localhost 17 | connection: local 18 | gather_facts: no 19 | 20 | #============================================================================================== 21 | # Set local and global variables 22 | #============================================================================================== 23 | vars_files: 24 | - ../../global-vars/apic-details.yaml 25 | 26 | tasks: 27 | - name: 28 | set_fact: 29 | desired_state: 30 | status: 'modified,created' 31 | #status: deleted 32 | 33 | #============================================================================================== 34 | # APIC access information 35 | #============================================================================================== 36 | - name: apic details 37 | set_fact: 38 | apic_info: &apic_info 39 | host: "{{ apic_info.host }}" 40 | username: "{{ apic_info.username }}" 41 | password: "{{ apic_info.password }}" 42 | validate_certs: no 43 | 44 | rest_info: &rest_info 45 | use_proxy: no 46 | path: /api/mo/.json 47 | method: post 48 | tags: always 49 | 50 | #============================================================================================== 51 | # Configure Pools 52 | #============================================================================================== 53 | - name: Configure Pools 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: ./vars/pools-vars.yaml 59 | 60 | tasks: 61 | - name: Create/Delete VLAN Pool 62 | aci_rest: 63 | <<: *apic_info 64 | <<: *rest_info 65 | content: 66 | fvnsVlanInstP: 67 | attributes: 68 | allocMode: "{{ item.poolType }}" 69 | descr: "{{ item.descr }}" 70 | dn: "uni/infra/vlanns-[{{ item.poolName }}]-[{{ item.poolType }}]" 71 | name: "{{ item.poolName }}" 72 | status: "{{ desired_state.status }}" 73 | children: 74 | - fvnsEncapBlk: 75 | attributes: 76 | allocMode: "{{ item.allocMode }}" 77 | from: "vlan-{{ item.start_vlanid }}" 78 | role: external 79 | to: "vlan-{{ item.end_vlanid }}" 80 | with_items: 81 | "{{ pools_vlan }}" 82 | tags: pools 83 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-dns.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # dns 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-DNS-Configuration 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Configure DNS servers 49 | #============================================================================================== 50 | - name: Manage DNS server addresses 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: ./global-vars/dns.yaml 56 | 57 | tasks: 58 | - name: Create/Delete DNS servers 59 | aci_rest: 60 | <<: *apic_info 61 | <<: *rest_info 62 | content: 63 | dnsProfile: 64 | attributes: 65 | IPVerPreference: IPv4 66 | annotation: '' 67 | descr: '' 68 | dn: uni/fabric/dnsp-default 69 | name: default 70 | nameAlias: '' 71 | ownerKey: '' 72 | ownerTag: '' 73 | status: "{{desired_status}}" 74 | children: 75 | - dnsRsProfileToEpg: 76 | attributes: 77 | annotation: '' 78 | tDn: uni/tn-mgmt/mgmtp-default/oob-default 79 | - dnsProv: 80 | attributes: 81 | addr: "{{item.dnsServer}}" 82 | annotation: '' 83 | name: '' 84 | nameAlias: '' 85 | preferred: 'no' 86 | with_items: 87 | "{{dnsProfile}}" 88 | tags: dns 89 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/interface-policies.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # interface-policies 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Interface-Policies 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Create Interface Policies 49 | #============================================================================================== 50 | - name: Configure Interface Policies 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: 56 | - ./vars/policies-vars.yaml 57 | 58 | tasks: 59 | - name: Create/Delete CDP Policy 60 | aci_rest: 61 | <<: *apic_info 62 | <<: *rest_info 63 | content: 64 | cdpIfPol: 65 | attributes: 66 | adminSt: "{{ item.adminSt }}" 67 | descr: "{{ item.descr }}" 68 | dn: "uni/infra/cdpIfP-{{ item.cdpName }}" 69 | name: "{{ item.cdpName }}" 70 | status: "{{ desired_status }}" 71 | with_items: 72 | "{{ policies_interface_cdpInterface }}" 73 | loop_control: 74 | pause: 1 75 | 76 | - name: Create/Delete LACP Policy 77 | aci_rest: 78 | <<: *apic_info 79 | <<: *rest_info 80 | content: 81 | lacpLagPol: 82 | attributes: 83 | descr: "{{ item.descr }}" 84 | dn: "uni/infra/lacplagp-{{ item.portChannelName }}" 85 | name: "{{ item.portChannelName }}" 86 | mode: "{{ item.portChannelMode}}" 87 | status: "{{ desired_status }}" 88 | with_items: 89 | "{{ policies_interface_portChannel }}" 90 | loop_control: 91 | pause: 1 92 | tags: interface-policies 93 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/networking/bridge-domains.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # bridge-domains 41 | # gateways 42 | #============================================================================================== 43 | - import_playbook: ../../../snapshot.yaml 44 | vars: 45 | snapshotDescription: Prior-to-configuring-Common-Tenant-Bridge-Domains-and-Gateways 46 | tags: snapshot 47 | 48 | #============================================================================================== 49 | # Create Bridge Domains 50 | #============================================================================================== 51 | - name: Configure Bridge Domains 52 | hosts: localhost 53 | connection: local 54 | gather_facts: no 55 | 56 | vars_files: 57 | - ./vars/bridge-domain-vars.yaml 58 | 59 | tasks: 60 | - name: Create/Delete Bridge Domain 61 | aci_bd: 62 | <<: *apic_info 63 | tenant: "{{ item.tenant }}" 64 | vrf: "{{ item.vrf }}" 65 | bd: "{{ item.bd }}" 66 | description: "{{ item.descr }}" 67 | state: "{{ desired_state }}" 68 | with_items: 69 | - "{{ bd }}" 70 | loop_control: 71 | pause: 1 72 | tags: 73 | - bridge-domains 74 | 75 | #============================================================================================== 76 | # Add gateways to Bridge Domains 77 | #============================================================================================== 78 | - name: Configure Gateways 79 | hosts: localhost 80 | connection: local 81 | gather_facts: no 82 | 83 | vars_files: 84 | - ./vars/bridge-domain-vars.yaml 85 | 86 | tasks: 87 | - name: Create/Delete Bridge Domains 88 | aci_bd_subnet: 89 | <<: *apic_info 90 | tenant: "{{ item.tenant }}" 91 | bd: "{{ item.bd }}" 92 | gateway: "{{ item.gw }}" 93 | mask: "{{ item.mask }}" 94 | state: "{{ desired_state }}" 95 | with_items: 96 | - "{{ gw }}" 97 | loop_control: 98 | pause: 1 99 | tags: 100 | - gateways 101 | -------------------------------------------------------------------------------- /CTF/uni/tenants/common/contracts/filter-builder.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # filters 41 | #============================================================================================== 42 | - import_playbook: ../../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Common-Tenant-Filters 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Configure filters 49 | #============================================================================================== 50 | - name: Configure filters 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | tasks: 56 | - name: Read variable files 57 | include_vars: 58 | name: filters 59 | dir: ./vars 60 | ignore_unknown_extensions: True 61 | extensions: 62 | - yaml 63 | 64 | - name: Create/Delete Filters 65 | aci_filter: 66 | <<: *apic_info 67 | tenant: "common" 68 | filter: "{{ item.subject }}_src_port_{{ item.src_port }}_to_dst_port_{{ item.dst_port }}" 69 | state: "{{ desired_state }}" 70 | with_items: 71 | - "{{ filters.tcp }}" 72 | - "{{ filters.udp }}" 73 | loop_control: 74 | pause: 1 75 | 76 | # Create a new filter entry 77 | - name: Create/Delete Filter Entries 78 | aci_filter_entry: 79 | <<: *apic_info 80 | filter: "{{ item.subject }}_src_port_{{ item.src_port }}_to_dst_port_{{ item.dst_port }}" 81 | entry: "src_port_{{ item.src_port }}_to_dst_port_{{ item.dst_port }}" 82 | tenant: "common" 83 | ether_type: "ip" 84 | ip_protocol: "{{ item.subject }}" 85 | dst_port: "{{ item.dst_port }}" 86 | state: "{{ desired_state }}" 87 | # Comment in/out filters as required 88 | with_items: 89 | - "{{ filters.tcp }}" 90 | - "{{ filters.udp }}" 91 | loop_control: 92 | pause: 1 93 | tags: filters 94 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/interface-policies.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # interface-policies 6 | # 7 | #============================================================================================== 8 | 9 | - import_playbook: ../../snapshot.yaml 10 | tags: snapshot 11 | 12 | #============================================================================================== 13 | # Global Configuration 14 | #============================================================================================== 15 | - name: Define global settings 16 | hosts: localhost 17 | connection: local 18 | gather_facts: no 19 | 20 | #============================================================================================== 21 | # Set local and global variables 22 | #============================================================================================== 23 | vars_files: 24 | - ../../global-vars/apic-details.yaml 25 | 26 | tasks: 27 | - name: 28 | set_fact: 29 | desired_state: 30 | status: 'modified,created' 31 | #status: deleted 32 | 33 | #============================================================================================== 34 | # APIC access information 35 | #============================================================================================== 36 | - name: apic details 37 | set_fact: 38 | apic_info: &apic_info 39 | host: "{{ apic_info.host }}" 40 | username: "{{ apic_info.username }}" 41 | password: "{{ apic_info.password }}" 42 | validate_certs: no 43 | 44 | rest_info: &rest_info 45 | use_proxy: no 46 | path: /api/mo/.json 47 | method: post 48 | tags: always 49 | 50 | #============================================================================================== 51 | # Create Interface Policies 52 | #============================================================================================== 53 | - name: Configure Interface Policies 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: 59 | - ./vars/policies-vars.yaml 60 | 61 | tasks: 62 | - name: Create/Delete CDP Policy 63 | aci_rest: 64 | <<: *apic_info 65 | <<: *rest_info 66 | content: 67 | cdpIfPol: 68 | attributes: 69 | adminSt: "{{ item.adminSt }}" 70 | descr: "{{ item.descr }}" 71 | dn: "uni/infra/cdpIfP-{{ item.cdpName }}" 72 | name: "{{ item.cdpName }}" 73 | status: "{{ desired_state.status }}" 74 | with_items: 75 | "{{ policies_interface_cdpInterface }}" 76 | 77 | 78 | - name: Create/Delete LACP Policy 79 | aci_rest: 80 | <<: *apic_info 81 | <<: *rest_info 82 | content: 83 | lacpLagPol: 84 | attributes: 85 | descr: "{{ item.descr }}" 86 | dn: "uni/infra/lacplagp-{{ item.portChannelName }}" 87 | name: "{{ item.portChannelName }}" 88 | mode: "{{ item.portChannelMode}}" 89 | status: "{{ desired_state.status }}" 90 | with_items: 91 | "{{ policies_interface_portChannel }}" 92 | 93 | tags: interface-policies 94 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-fault-timers.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # fault-timers 6 | # 7 | #============================================================================================== 8 | 9 | 10 | #============================================================================================== 11 | # Global Configuration 12 | #============================================================================================== 13 | - name: Define global settings 14 | hosts: localhost 15 | connection: local 16 | gather_facts: no 17 | 18 | #============================================================================================== 19 | # Set local and global variables 20 | #============================================================================================== 21 | vars_files: 22 | - ./global-vars/apic-details.yaml 23 | 24 | tasks: 25 | - name: 26 | set_fact: 27 | desired_state: 28 | status: 'modified,created' 29 | #status: deleted 30 | 31 | #============================================================================================== 32 | # APIC access information 33 | #============================================================================================== 34 | - name: apic details 35 | set_fact: 36 | apic_info: &apic_info 37 | host: "{{ apic_info.host }}" 38 | username: "{{ apic_info.username }}" 39 | password: "{{ apic_info.password }}" 40 | validate_certs: no 41 | 42 | rest_info: &rest_info 43 | use_proxy: no 44 | path: /api/mo/.json 45 | method: post 46 | tags: always 47 | 48 | #============================================================================================== 49 | # Lower Fault Timers 50 | #============================================================================================== 51 | - name: Lower Fault Timers 52 | hosts: localhost 53 | connection: local 54 | gather_facts: no 55 | 56 | tasks: 57 | - name: Set Default Fault Timers 58 | aci_rest: 59 | <<: *apic_info 60 | <<: *rest_info 61 | content: 62 | faultLcP: 63 | attributes: 64 | clear: '5' 65 | code: generic 66 | dn: uni/fabric/monfab-default/flcp-generic 67 | retain: '10' 68 | soak: '5' 69 | 70 | - name: Set Common Policy Fault Timers 71 | aci_rest: 72 | <<: *apic_info 73 | <<: *rest_info 74 | content: 75 | faultLcP: 76 | attributes: 77 | clear: '5' 78 | code: generic 79 | dn: uni/fabric/moncommon/flcp-generic 80 | retain: '10' 81 | soak: '5' 82 | 83 | tags: fault-timers 84 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/modify-switch-interfaces.yaml.orig: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # access-interface-policy-groups 6 | # vpc-interface-policy-groups 7 | # 8 | #============================================================================================== 9 | 10 | - import_playbook: ../../snapshot.yaml 11 | 12 | #============================================================================================== 13 | # Global Configuration 14 | #============================================================================================== 15 | - name: Define global settings 16 | hosts: localhost 17 | connection: local 18 | gather_facts: no 19 | 20 | #============================================================================================== 21 | # Set local and global variables 22 | #============================================================================================== 23 | vars_files: 24 | - ../../global-vars/apic-details.yaml 25 | 26 | tasks: 27 | 28 | #============================================================================================== 29 | # APIC access information 30 | #============================================================================================== 31 | - name: apic details 32 | set_fact: 33 | apic_info: &apic_info 34 | host: "{{ apic_info.host }}" 35 | username: "{{ apic_info.username }}" 36 | password: "{{ apic_info.password }}" 37 | validate_certs: no 38 | 39 | rest_info: &rest_info 40 | use_proxy: no 41 | path: /api/mo/.json 42 | method: post 43 | tags: always 44 | 45 | #============================================================================================== 46 | # Add interfaces to Leaf Profiles 47 | #============================================================================================== 48 | - name: Configure Switch Interfaces 49 | hosts: localhost 50 | connection: local 51 | gather_facts: no 52 | 53 | vars_files: 54 | # - ./vars/interfaces-leaf-101-vars.yaml 55 | # - ./vars/interfaces-leaf-102-vars.yaml 56 | - ./vars/interfaces-leaf-101_and_102-vars.yaml 57 | 58 | tasks: 59 | - name: Configure switch interfaces 60 | aci_rest: 61 | <<: *apic_info 62 | <<: *rest_info 63 | content: 64 | infraHPortS: 65 | attributes: 66 | descr: "{{ item.descr }}" 67 | dn: "uni/infra/accportprof-{{ item.leafName }}/hports-eth{{ item.port }}-typ-range" 68 | name: "eth{{ item.port }}" 69 | type: range 70 | status: "{{ item.status }}" 71 | children: 72 | - infraRsAccBaseGrp: 73 | attributes: 74 | fexId: '101' 75 | tDn: "uni/infra/funcprof/accportgrp-{{ item.PolicyGroupName }}" 76 | - infraPortBlk: 77 | attributes: 78 | descr: "{{ item.descr }}" 79 | fromCard: '1' 80 | fromPort: "{{ item.port }}" 81 | name: block2 82 | toCard: '1' 83 | toPort: "{{ item.port }}" 84 | status: "{{ item.status }}" 85 | 86 | with_items: 87 | # - "{{ interfaces_leafInterfaces_profiles_101_ports }}" 88 | # - "{{ interfaces_leafInterfaces_profiles_102_ports }}" 89 | - "{{ interfaces_leafInterfaces_profiles_101_and_102_ports }}" 90 | 91 | tags: ports2leafprofile 92 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/application-profiles-wordPress.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # ap 41 | # epg 42 | # domain 43 | # static_binding 44 | #============================================================================================== 45 | - import_playbook: ../../../snapshot.yaml 46 | vars: 47 | snapshotDescription: Prior-to-configuring-WordPress-APs-in-the-ctf-tenant 48 | tags: snapshot 49 | 50 | #============================================================================================== 51 | # Create Application Profile 52 | #============================================================================================== 53 | - name: Create Application Profiles, EPG and Bindings 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: 59 | - ./vars/wordPress-vars.yaml 60 | 61 | tasks: 62 | - name: Create Application Profile 63 | aci_ap: 64 | <<: *apic_info 65 | tenant: "{{ item.tenant }}" 66 | ap: "{{ item.app_profile }}" 67 | description: 68 | state: "{{ desired_state }}" 69 | with_items: 70 | - "{{ ap }}" 71 | loop_control: 72 | pause: 1 73 | tags: 74 | - ap 75 | 76 | 77 | - name: Create EPG 78 | aci_epg: 79 | <<: *apic_info 80 | tenant: "{{ item.tenant }}" 81 | ap: "{{ item.app_profile }}" 82 | bd: "{{ item.bd }}" 83 | epg: "{{ item.epg }}" 84 | description: 85 | state: "{{ desired_state }}" 86 | with_items: 87 | - "{{ epg }}" 88 | loop_control: 89 | pause: 1 90 | tags: 91 | - epg 92 | 93 | 94 | - name: Add domain to an EPG 95 | aci_epg_to_domain: 96 | <<: *apic_info 97 | tenant: "{{ item.tenant }}" 98 | ap: "{{ item.app_profile }}" 99 | epg: "{{ item.epg }}" 100 | domain: "{{ item.domain_name }}" 101 | domain_type: "{{ item.domain_type }}" 102 | vm_provider: "{{ item.vm_provider }}" 103 | state: "{{ desired_state }}" 104 | with_items: 105 | - "{{ domain }}" 106 | loop_control: 107 | pause: 1 108 | tags: 109 | - domain 110 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/modify-switch-interfaces-leaf-101.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # leaf-101 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Leaf-101-interfaces 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Add interfaces to Leaf Profiles 49 | #============================================================================================== 50 | - name: Configure Switch Interfaces 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | tasks: 56 | - name: Read variable files 57 | include_vars: 58 | name: interfaces 59 | dir: ./vars 60 | ignore_unknown_extensions: True 61 | extensions: 62 | - yaml 63 | 64 | - name: Configure switch interfaces 65 | aci_rest: 66 | <<: *apic_info 67 | <<: *rest_info 68 | content: 69 | infraHPortS: 70 | attributes: 71 | descr: "{{ item.descr }}" 72 | dn: "uni/infra/accportprof-{{ item.leafName }}/hports-eth{{ item.port }}-typ-range" 73 | name: "eth{{ item.port }}" 74 | type: range 75 | status: "{{ item.status }}" 76 | children: 77 | - infraRsAccBaseGrp: 78 | attributes: 79 | fexId: '101' 80 | tDn: "uni/infra/funcprof/accportgrp-{{ item.PolicyGroupName }}" 81 | - infraPortBlk: 82 | attributes: 83 | descr: "{{ item.descr }}" 84 | fromCard: '1' 85 | fromPort: "{{ item.port }}" 86 | name: block2 87 | toCard: '1' 88 | toPort: "{{ item.port }}" 89 | status: "{{ item.status }}" 90 | with_items: 91 | - "{{ interfaces.interfaces_leafInterfaces_profiles_101_ports }}" 92 | loop_control: 93 | pause: 1 94 | tags: leaf-101 95 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/modify-switch-interfaces-leaf-102.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # leaf-102 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Leaf-102-interfaces 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Add interfaces to Leaf Profiles 49 | #============================================================================================== 50 | - name: Configure Switch Interfaces 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | tasks: 56 | - name: Read variable files 57 | include_vars: 58 | name: interfaces 59 | dir: ./vars 60 | ignore_unknown_extensions: True 61 | extensions: 62 | - yaml 63 | 64 | - name: Configure switch interfaces 65 | aci_rest: 66 | <<: *apic_info 67 | <<: *rest_info 68 | content: 69 | infraHPortS: 70 | attributes: 71 | descr: "{{ item.descr }}" 72 | dn: "uni/infra/accportprof-{{ item.leafName }}/hports-eth{{ item.port }}-typ-range" 73 | name: "eth{{ item.port }}" 74 | type: range 75 | status: "{{ item.status }}" 76 | children: 77 | - infraRsAccBaseGrp: 78 | attributes: 79 | fexId: '101' 80 | tDn: "uni/infra/funcprof/accportgrp-{{ item.PolicyGroupName }}" 81 | - infraPortBlk: 82 | attributes: 83 | descr: "{{ item.descr }}" 84 | fromCard: '1' 85 | fromPort: "{{ item.port }}" 86 | name: block2 87 | toCard: '1' 88 | toPort: "{{ item.port }}" 89 | status: "{{ item.status }}" 90 | with_items: 91 | - "{{ interfaces.interfaces_leafInterfaces_profiles_102_ports }}" 92 | loop_control: 93 | pause: 1 94 | tags: leaf-102 95 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/modify-switch-interfaces-leaf-101-and-102.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # manage-switches 41 | #============================================================================================== 42 | - import_playbook: ../../snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-configuring-Leaf-101-and-102-interfaces 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Add interfaces to Leaf Profiles 49 | #============================================================================================== 50 | - name: Configure Switch Interfaces 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | tasks: 56 | - name: Read variable files 57 | include_vars: 58 | name: interfaces 59 | dir: ./vars 60 | ignore_unknown_extensions: True 61 | extensions: 62 | - yaml 63 | 64 | - name: Configure switch interfaces 65 | aci_rest: 66 | <<: *apic_info 67 | <<: *rest_info 68 | content: 69 | infraHPortS: 70 | attributes: 71 | descr: "{{ item.descr }}" 72 | dn: "uni/infra/accportprof-{{ item.leafName }}/hports-eth{{ item.port }}-typ-range" 73 | name: "eth{{ item.port }}" 74 | type: range 75 | status: "{{ item.status }}" 76 | children: 77 | - infraRsAccBaseGrp: 78 | attributes: 79 | fexId: '101' 80 | tDn: "uni/infra/funcprof/accportgrp-{{ item.PolicyGroupName }}" 81 | - infraPortBlk: 82 | attributes: 83 | descr: "{{ item.descr }}" 84 | fromCard: '1' 85 | fromPort: "{{ item.port }}" 86 | name: block2 87 | toCard: '1' 88 | toPort: "{{ item.port }}" 89 | status: "{{ item.status }}" 90 | with_items: 91 | - "{{ interfaces.interfaces_leafInterfaces_profiles_101_and_102_ports }}" 92 | loop_control: 93 | pause: 1 94 | tags: leaf-101-and-102 95 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/domains.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # physical-domains 41 | # L2-domains 42 | #============================================================================================== 43 | - import_playbook: ../../snapshot.yaml 44 | vars: 45 | snapshotDescription: Prior-to-configuring-Domains 46 | tags: snapshot 47 | 48 | #============================================================================================== 49 | # Create Physical Domains 50 | #============================================================================================== 51 | - name: Configure Physical Domains 52 | hosts: localhost 53 | connection: local 54 | gather_facts: no 55 | 56 | vars_files: ./vars/physical-and-external-domains-vars.yaml 57 | 58 | tasks: 59 | - name: Create/Delete Physical Domains 60 | aci_rest: 61 | <<: *apic_info 62 | <<: *rest_info 63 | content: 64 | physDomP: 65 | attributes: 66 | dn: "uni/phys-{{ item.physDomName }}" 67 | name: "{{ item.physDomName }}" 68 | status: "{{ desired_status }}" 69 | children: 70 | - infraRsVlanNs: 71 | attributes: 72 | tDn: "uni/infra/vlanns-[{{ item.poolName }}]-[{{ item.poolType }}]" 73 | with_items: 74 | "{{ physical_and_external_domains_physical_domains }}" 75 | tags: physical-domains 76 | 77 | #============================================================================================== 78 | # Create External Bridged Domains 79 | #============================================================================================== 80 | - name: Configure External Bridged Domains 81 | hosts: localhost 82 | connection: local 83 | gather_facts: no 84 | 85 | vars_files: ./vars/physical-and-external-domains-vars.yaml 86 | 87 | tasks: 88 | - name: Create/Delete L2 Domain 89 | aci_rest: 90 | <<: *apic_info 91 | <<: *rest_info 92 | content: 93 | l2extDomP: 94 | attributes: 95 | annotation: '' 96 | dn: "uni/l2dom-{{ item.l2DomName }}" 97 | name: "{{ item.l2DomName }}" 98 | status: "{{ desired_status }}" 99 | children: 100 | - infraRsVlanNs: 101 | attributes: 102 | tDn: "uni/infra/vlanns-[{{ item.poolName }}]-[{{ item.poolType }}]" 103 | with_items: 104 | "{{ physical_and_external_domains_external_bridged_domains }}" 105 | loop_control: 106 | pause: 1 107 | tags: L2-domains 108 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | CISCO SAMPLE CODE LICENSE 2 | 3 | Version 1.1 4 | Copyright (c) 2017 Cisco and/or its affiliates 5 | 6 |

7 | These terms govern this Cisco Systems, Inc. (“Cisco”), example or demo source code and its associated documentation (together, the “Sample Code”). By downloading, copying, modifying, compiling, or redistributing the Sample Code, you accept and agree to be bound by the following terms and conditions (the “License”). If you are accepting the License on behalf of an entity, you represent that you have the authority to do so (either you or the entity, “you”). Sample Code is not supported by Cisco TAC and is not tested for quality or performance. This is your only license to the Sample Code and all rights not expressly granted are reserved. 8 |
9 |

10 | LICENSE GRANT: Subject to the terms and conditions of this License, Cisco hereby grants to you a perpetual, worldwide, non-exclusive, non-transferable, non-sublicensable, royalty-free license to copy and modify the Sample Code in source code form, and compile and redistribute the Sample Code in binary/object code or other executable forms, in whole or in part, solely for use with Cisco products and services. For interpreted languages like Java and Python, the executable form of the software may include source code and compilation is not required. 11 |
12 |

13 |

14 | CONDITIONS: You shall not use the Sample Code independent of, or to replicate or compete with, a Cisco product or service. Cisco products and services are licensed under their own separate terms and you shall not use the Sample Code in any way that violates or is inconsistent with those terms (for more information, please visit: www.cisco.com/go/terms). 15 |
16 |

17 |

18 | OWNERSHIP: Cisco retains sole and exclusive ownership of the Sample Code, including all intellectual property rights therein, except with respect to any third-party material that may be used in or by the Sample Code. Any such third-party material is licensed under its own separate terms (such as an open source license) and all use must be in full accordance with the applicable license. This License does not grant you permission to use any trade names, trademarks, service marks, or product names of Cisco. If you provide any feedback to Cisco regarding the Sample Code, you agree that Cisco, its partners, and its customers shall be free to use and incorporate such feedback into the Sample Code, and Cisco products and services, for any purpose, and without restriction, payment, or additional consideration of any kind. If you initiate or participate in any litigation against Cisco, its partners, or its customers (including cross-claims and counter-claims) alleging that the Sample Code and/or its use infringe any patent, copyright, or other intellectual property right, then all rights granted to you under this License shall terminate immediately without notice. 19 |
20 |

21 |

22 | LIMITATION OF LIABILITY: CISCO SHALL HAVE NO LIABILITY IN CONNECTION WITH OR RELATING TO THIS LICENSE OR USE OF THE SAMPLE CODE, FOR DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO DIRECT, INCIDENTAL, AND CONSEQUENTIAL DAMAGES, OR FOR ANY LOSS OF USE, DATA, INFORMATION, PROFITS, BUSINESS, OR GOODWILL, HOWEVER CAUSED, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 23 | DISCLAIMER OF WARRANTY: SAMPLE CODE IS INTENDED FOR EXAMPLE PURPOSES ONLY AND IS PROVIDED BY CISCO “AS IS” WITH ALL FAULTS AND WITHOUT WARRANTY OR SUPPORT OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY LAW, ALL EXPRESS AND IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OR CONDITION OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, SATISFACTORY QUALITY, NON-INTERFERENCE, AND ACCURACY, ARE HEREBY EXCLUDED AND EXPRESSLY DISCLAIMED BY CISCO. CISCO DOES NOT WARRANT THAT THE SAMPLE CODE IS SUITABLE FOR PRODUCTION OR COMMERCIAL USE, WILL OPERATE PROPERLY, IS ACCURATE OR COMPLETE, OR IS WITHOUT ERROR OR DEFECT. 24 |
25 |

26 | GENERAL: This License shall be governed by and interpreted in accordance with the laws of the State of California, excluding its conflict of laws provisions. You agree to comply with all applicable United States export laws, rules, and regulations. If any provision of this License is judged illegal, invalid, or otherwise unenforceable, that provision shall be severed and the rest of the License shall remain in full force and effect. No failure by Cisco to enforce any of its rights related to the Sample Code or to a breach of this License in a particular situation will act as a waiver of such rights. In the event of any inconsistencies with any other terms, this License shall take precedence. 27 |
28 | -------------------------------------------------------------------------------- /CTF/readme.md: -------------------------------------------------------------------------------- 1 | CISCO SAMPLE CODE LICENSE 2 | 3 | Version 1.1 4 | Copyright (c) 2017 Cisco and/or its affiliates 5 | 6 |

7 | These terms govern this Cisco Systems, Inc. (“Cisco”), example or demo source code and its associated documentation (together, the “Sample Code”). By downloading, copying, modifying, compiling, or redistributing the Sample Code, you accept and agree to be bound by the following terms and conditions (the “License”). If you are accepting the License on behalf of an entity, you represent that you have the authority to do so (either you or the entity, “you”). Sample Code is not supported by Cisco TAC and is not tested for quality or performance. This is your only license to the Sample Code and all rights not expressly granted are reserved. 8 |
9 |

10 | LICENSE GRANT: Subject to the terms and conditions of this License, Cisco hereby grants to you a perpetual, worldwide, non-exclusive, non-transferable, non-sublicensable, royalty-free license to copy and modify the Sample Code in source code form, and compile and redistribute the Sample Code in binary/object code or other executable forms, in whole or in part, solely for use with Cisco products and services. For interpreted languages like Java and Python, the executable form of the software may include source code and compilation is not required. 11 |
12 |

13 |

14 | CONDITIONS: You shall not use the Sample Code independent of, or to replicate or compete with, a Cisco product or service. Cisco products and services are licensed under their own separate terms and you shall not use the Sample Code in any way that violates or is inconsistent with those terms (for more information, please visit: www.cisco.com/go/terms). 15 |
16 |

17 |

18 | OWNERSHIP: Cisco retains sole and exclusive ownership of the Sample Code, including all intellectual property rights therein, except with respect to any third-party material that may be used in or by the Sample Code. Any such third-party material is licensed under its own separate terms (such as an open source license) and all use must be in full accordance with the applicable license. This License does not grant you permission to use any trade names, trademarks, service marks, or product names of Cisco. If you provide any feedback to Cisco regarding the Sample Code, you agree that Cisco, its partners, and its customers shall be free to use and incorporate such feedback into the Sample Code, and Cisco products and services, for any purpose, and without restriction, payment, or additional consideration of any kind. If you initiate or participate in any litigation against Cisco, its partners, or its customers (including cross-claims and counter-claims) alleging that the Sample Code and/or its use infringe any patent, copyright, or other intellectual property right, then all rights granted to you under this License shall terminate immediately without notice. 19 |
20 |

21 |

22 | LIMITATION OF LIABILITY: CISCO SHALL HAVE NO LIABILITY IN CONNECTION WITH OR RELATING TO THIS LICENSE OR USE OF THE SAMPLE CODE, FOR DAMAGES OF ANY KIND, INCLUDING BUT NOT LIMITED TO DIRECT, INCIDENTAL, AND CONSEQUENTIAL DAMAGES, OR FOR ANY LOSS OF USE, DATA, INFORMATION, PROFITS, BUSINESS, OR GOODWILL, HOWEVER CAUSED, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. 23 | DISCLAIMER OF WARRANTY: SAMPLE CODE IS INTENDED FOR EXAMPLE PURPOSES ONLY AND IS PROVIDED BY CISCO “AS IS” WITH ALL FAULTS AND WITHOUT WARRANTY OR SUPPORT OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY LAW, ALL EXPRESS AND IMPLIED CONDITIONS, REPRESENTATIONS, AND WARRANTIES INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTY OR CONDITION OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, SATISFACTORY QUALITY, NON-INTERFERENCE, AND ACCURACY, ARE HEREBY EXCLUDED AND EXPRESSLY DISCLAIMED BY CISCO. CISCO DOES NOT WARRANT THAT THE SAMPLE CODE IS SUITABLE FOR PRODUCTION OR COMMERCIAL USE, WILL OPERATE PROPERLY, IS ACCURATE OR COMPLETE, OR IS WITHOUT ERROR OR DEFECT. 24 |
25 |

26 | GENERAL: This License shall be governed by and interpreted in accordance with the laws of the State of California, excluding its conflict of laws provisions. You agree to comply with all applicable United States export laws, rules, and regulations. If any provision of this License is judged illegal, invalid, or otherwise unenforceable, that provision shall be severed and the rest of the License shall remain in full force and effect. No failure by Cisco to enforce any of its rights related to the Sample Code or to a breach of this License in a particular situation will act as a waiver of such rights. In the event of any inconsistencies with any other terms, this License shall take precedence. 27 |
28 | -------------------------------------------------------------------------------- /CTF/uni/initial-setup-bgp.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ./global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # route-reflectors 41 | #============================================================================================== 42 | - import_playbook: ./snapshot.yaml 43 | vars: 44 | snapshotDescription: Prior-to-Route-Reflector-Configuration 45 | tags: snapshot 46 | 47 | #============================================================================================== 48 | # Create/Delete BGP Route Reflector Addresses 49 | #============================================================================================== 50 | - name: Manage Route Reflector Addresses 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: ./global-vars/bgp.yaml 56 | 57 | tasks: 58 | - name: Create/Delete BGP Route Reflectors 59 | aci_rest: 60 | <<: *apic_info 61 | <<: *rest_info 62 | content: 63 | bgpInstPol: 64 | attributes: 65 | annotation: '' 66 | descr: '' 67 | dn: uni/fabric/bgpInstP-default 68 | name: default 69 | nameAlias: '' 70 | ownerKey: '' 71 | ownerTag: '' 72 | children: 73 | - bgpRRP: 74 | attributes: 75 | annotation: '' 76 | descr: '' 77 | name: '' 78 | nameAlias: '' 79 | children: 80 | - bgpRRNodePEp: 81 | attributes: 82 | annotation: '' 83 | descr: '' 84 | id: '201' 85 | nameAlias: '' 86 | podId: '1' 87 | - bgpRRNodePEp: 88 | attributes: 89 | annotation: '' 90 | descr: '' 91 | id: '202' 92 | nameAlias: '' 93 | podId: '1' 94 | - bgpExtRRP: 95 | attributes: 96 | annotation: '' 97 | descr: '' 98 | name: '' 99 | nameAlias: '' 100 | - bgpAsP: 101 | attributes: 102 | annotation: '' 103 | asn: '65000' 104 | descr: '' 105 | name: '' 106 | nameAlias: '' 107 | # with_items: 108 | # "{{bgpRRNodePEp}}" 109 | tags: route-reflectors 110 | -------------------------------------------------------------------------------- /CTF/uni/tenants/vmware/application-profiles/application-profiles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # ap 41 | # epg 42 | # domain 43 | # static_binding 44 | #============================================================================================== 45 | - import_playbook: ../../../snapshot.yaml 46 | vars: 47 | snapshotDescription: Prior-to-configuring-APs-in-the-vmware-tenant 48 | tags: snapshot 49 | 50 | #============================================================================================== 51 | # Create Application Profile 52 | #============================================================================================== 53 | - name: Create Application Profiles, EPG and Bindings 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: 59 | - ./vars/esx-hosts-vars.yaml 60 | 61 | tasks: 62 | - name: Create Application Profile 63 | aci_ap: 64 | <<: *apic_info 65 | tenant: "{{ item.tenant }}" 66 | ap: "{{ item.app_profile }}" 67 | description: 68 | state: "{{ desired_state }}" 69 | with_items: 70 | - "{{ ap }}" 71 | loop_control: 72 | pause: 1 73 | tags: 74 | - ap 75 | 76 | - name: Create EPG 77 | aci_epg: 78 | <<: *apic_info 79 | tenant: "{{ item.tenant }}" 80 | ap: "{{ item.app_profile }}" 81 | bd: "{{ item.bd }}" 82 | epg: "{{ item.epg }}" 83 | description: 84 | state: "{{ desired_state }}" 85 | with_items: 86 | - "{{ epg }}" 87 | loop_control: 88 | pause: 1 89 | tags: 90 | - epg 91 | 92 | - name: Add domain to an EPG 93 | aci_epg_to_domain: 94 | <<: *apic_info 95 | tenant: "{{ item.tenant }}" 96 | ap: "{{ item.app_profile }}" 97 | epg: "{{ item.epg }}" 98 | domain: "{{ item.domain_name }}" 99 | domain_type: "{{ item.domain_type }}" 100 | state: "{{ desired_state }}" 101 | with_items: 102 | - "{{ domain }}" 103 | loop_control: 104 | pause: 1 105 | tags: 106 | - domain 107 | 108 | - name: Deploy Static Path binding for given EPG 109 | aci_static_binding_to_epg: 110 | <<: *apic_info 111 | tenant: "{{ item.tenant }}" 112 | ap: "{{ item.app_profile }}" 113 | epg: "{{ item.epg }}" 114 | encap_id: "{{ item.vlan }}" 115 | deploy_immediacy: immediate 116 | interface_mode: trunk 117 | interface_type: "{{ item.interface_type }}" 118 | pod_id: 1 119 | leafs: "{{ item.leafs }}" 120 | interface: "{{ item.path }}" 121 | state: "{{ desired_state }}" 122 | with_items: 123 | - "{{ static_binding }}" 124 | loop_control: 125 | pause: 1 126 | tags: 127 | - static_binding 128 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/application-profiles-linux.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # ap 41 | # epg 42 | # domain 43 | # static_binding 44 | #============================================================================================== 45 | - import_playbook: ../../../snapshot.yaml 46 | vars: 47 | snapshotDescription: Prior-to-configuring-Linux-APs-in-the-ctf-tenant 48 | tags: snapshot 49 | 50 | #============================================================================================== 51 | # Create Application Profile 52 | #============================================================================================== 53 | - name: Create Application Profiles, EPG and Bindings 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: 59 | - ./vars/linux-servers-vars.yaml 60 | 61 | tasks: 62 | - name: Create Application Profile 63 | aci_ap: 64 | <<: *apic_info 65 | tenant: "{{ item.tenant }}" 66 | ap: "{{ item.app_profile }}" 67 | description: 68 | state: "{{ desired_state }}" 69 | with_items: 70 | - "{{ ap }}" 71 | loop_control: 72 | pause: 1 73 | tags: 74 | - ap 75 | 76 | 77 | - name: Create EPG 78 | aci_epg: 79 | <<: *apic_info 80 | tenant: "{{ item.tenant }}" 81 | ap: "{{ item.app_profile }}" 82 | bd: "{{ item.bd }}" 83 | epg: "{{ item.epg }}" 84 | description: 85 | state: "{{ desired_state }}" 86 | with_items: 87 | - "{{ epg }}" 88 | loop_control: 89 | pause: 1 90 | tags: 91 | - epg 92 | 93 | 94 | - name: Add domain to an EPG 95 | aci_epg_to_domain: 96 | <<: *apic_info 97 | tenant: "{{ item.tenant }}" 98 | ap: "{{ item.app_profile }}" 99 | epg: "{{ item.epg }}" 100 | domain: "{{ item.domain_name }}" 101 | domain_type: "{{ item.domain_type }}" 102 | state: "{{ desired_state }}" 103 | with_items: 104 | - "{{ domain }}" 105 | loop_control: 106 | pause: 1 107 | tags: 108 | - domain 109 | 110 | 111 | - name: Deploy Static Path binding for given EPG 112 | aci_static_binding_to_epg: 113 | <<: *apic_info 114 | tenant: "{{ item.tenant }}" 115 | ap: "{{ item.app_profile }}" 116 | epg: "{{ item.epg }}" 117 | encap_id: "{{ item.vlan }}" 118 | deploy_immediacy: immediate 119 | interface_mode: trunk 120 | interface_type: "{{ item.interface_type }}" 121 | pod_id: 1 122 | leafs: "{{ item.leafs }}" 123 | interface: "{{ item.path }}" 124 | state: "{{ desired_state }}" 125 | with_items: 126 | - "{{ static_binding }}" 127 | loop_control: 128 | pause: 1 129 | tags: 130 | - static_binding 131 | -------------------------------------------------------------------------------- /CTF/uni/tenants/ctf/application-profiles/application-profiles-windows.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | desired_state: present 17 | #desired_state: absent 18 | #desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # ap 41 | # epg 42 | # domain 43 | # static_binding 44 | #============================================================================================== 45 | - import_playbook: ../../../snapshot.yaml 46 | vars: 47 | snapshotDescription: Prior-to-configuring-Windows-APs-in-the-ctf-tenant 48 | tags: snapshot 49 | 50 | #============================================================================================== 51 | # Create Application Profile 52 | #============================================================================================== 53 | - name: Create Application Profiles, EPG and Bindings 54 | hosts: localhost 55 | connection: local 56 | gather_facts: no 57 | 58 | vars_files: 59 | - ./vars/windows-servers-vars.yaml 60 | 61 | tasks: 62 | - name: Create Application Profile 63 | aci_ap: 64 | <<: *apic_info 65 | tenant: "{{ item.tenant }}" 66 | ap: "{{ item.app_profile }}" 67 | description: 68 | state: "{{ desired_state }}" 69 | with_items: 70 | - "{{ ap }}" 71 | loop_control: 72 | pause: 1 73 | tags: 74 | - ap 75 | 76 | 77 | - name: Create EPG 78 | aci_epg: 79 | <<: *apic_info 80 | tenant: "{{ item.tenant }}" 81 | ap: "{{ item.app_profile }}" 82 | bd: "{{ item.bd }}" 83 | epg: "{{ item.epg }}" 84 | description: 85 | state: "{{ desired_state }}" 86 | with_items: 87 | - "{{ epg }}" 88 | loop_control: 89 | pause: 1 90 | tags: 91 | - epg 92 | 93 | 94 | - name: Add domain to an EPG 95 | aci_epg_to_domain: 96 | <<: *apic_info 97 | tenant: "{{ item.tenant }}" 98 | ap: "{{ item.app_profile }}" 99 | epg: "{{ item.epg }}" 100 | domain: "{{ item.domain_name }}" 101 | domain_type: "{{ item.domain_type }}" 102 | state: "{{ desired_state }}" 103 | with_items: 104 | - "{{ domain }}" 105 | loop_control: 106 | pause: 1 107 | tags: 108 | - domain 109 | 110 | 111 | - name: Deploy Static Path binding for given EPG 112 | aci_static_binding_to_epg: 113 | <<: *apic_info 114 | tenant: "{{ item.tenant }}" 115 | ap: "{{ item.app_profile }}" 116 | epg: "{{ item.epg }}" 117 | encap_id: "{{ item.vlan }}" 118 | deploy_immediacy: immediate 119 | interface_mode: trunk 120 | interface_type: "{{ item.interface_type }}" 121 | pod_id: 1 122 | leafs: "{{ item.leafs }}" 123 | interface: "{{ item.path }}" 124 | state: "{{ desired_state }}" 125 | with_items: 126 | - "{{ static_binding }}" 127 | loop_control: 128 | pause: 1 129 | tags: 130 | - static_binding 131 | -------------------------------------------------------------------------------- /CTF/uni/global-vars/application_profiles.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Available tags: 4 | # 5 | # 6 | #============================================================================================== 7 | 8 | - import_playbook: ../../../snapshot.yaml 9 | 10 | #============================================================================================== 11 | # Global Configuration 12 | #============================================================================================== 13 | - name: Define global settings 14 | hosts: localhost 15 | connection: local 16 | gather_facts: no 17 | 18 | #============================================================================================== 19 | # Set local and global variables 20 | #============================================================================================== 21 | vars_files: 22 | - ../../../global-vars/apic-details.yaml 23 | 24 | tasks: 25 | - name: 26 | set_fact: 27 | desired_state: present 28 | # desired_state: absent 29 | 30 | #============================================================================================== 31 | # APIC access information 32 | #============================================================================================== 33 | - name: apic details 34 | set_fact: 35 | apic_info: &apic_info 36 | host: "{{ apic_info.host }}" 37 | username: "{{ apic_info.username }}" 38 | password: "{{ apic_info.password }}" 39 | validate_certs: no 40 | 41 | rest_info: &rest_info 42 | use_proxy: no 43 | path: /api/mo/.json 44 | method: post 45 | tags: always 46 | 47 | #============================================================================================== 48 | # Create Application Profile 49 | #============================================================================================== 50 | - name: Create Application Profiles, EPG and Bindings 51 | hosts: localhost 52 | connection: local 53 | gather_facts: no 54 | 55 | vars_files: 56 | # - ./vars/application-profile-vars.yaml 57 | - ./vars/esx-hosts-vars.yaml 58 | - ./vars/windows-servers-vars.yaml 59 | 60 | 61 | tasks: 62 | - name: Create Application Profile 63 | aci_ap: 64 | <<: *apic_info 65 | tenant: "{{ item.tenant }}" 66 | ap: "{{ item.app_profile }}" 67 | description: 68 | state: "{{ desired_state }}" 69 | with_items: 70 | - "{{ ap }}" 71 | tags: 72 | - ap 73 | 74 | 75 | - name: Create EPG 76 | aci_epg: 77 | <<: *apic_info 78 | tenant: "{{ item.tenant }}" 79 | ap: "{{ item.app_profile }}" 80 | bd: "{{ item.bd }}" 81 | epg: "{{ item.epg }}" 82 | description: 83 | state: "{{ desired_state }}" 84 | with_items: 85 | - "{{ epg }}" 86 | tags: 87 | - epg 88 | 89 | 90 | - name: Add domain to an EPG 91 | aci_epg_to_domain: 92 | <<: *apic_info 93 | tenant: "{{ item.tenant }}" 94 | ap: "{{ item.app_profile }}" 95 | epg: "{{ item.epg }}" 96 | domain: "{{ item.domain_name }}" 97 | domain_type: "{{ item.domain_type }}" 98 | state: "{{ desired_state }}" 99 | with_items: 100 | - "{{ domain }}" 101 | tags: 102 | - domain 103 | 104 | 105 | - name: Deploy Static Path binding for given EPG 106 | aci_static_binding_to_epg: 107 | <<: *apic_info 108 | tenant: "{{ item.tenant }}" 109 | ap: "{{ item.app_profile }}" 110 | epg: "{{ item.epg }}" 111 | encap_id: "{{ item.vlan }}" 112 | deploy_immediacy: immediate 113 | interface_mode: trunk 114 | interface_type: "{{ item.interface_type }}" 115 | pod_id: 1 116 | leafs: "{{ item.leafs }}" 117 | interface: "{{ item.path }}" 118 | state: "{{ desired_state }}" 119 | with_items: 120 | - "{{ static_binding }}" 121 | tags: 122 | - static_binding 123 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/interface-policy-groups.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | #============================================================================================== 3 | # Global Configuration 4 | #============================================================================================== 5 | - name: Define global settings 6 | hosts: localhost 7 | connection: local 8 | gather_facts: no 9 | 10 | vars_files: 11 | - ../../global-vars/apic-details.yaml 12 | 13 | tasks: 14 | - name: 15 | set_fact: 16 | #desired_state: present 17 | #desired_state: absent 18 | desired_status: modified,created 19 | #desired_status: deleted 20 | 21 | - name: apic details 22 | set_fact: 23 | apic_info: &apic_info 24 | host: "{{ apic_info.host }}" 25 | username: "{{ apic_info.username }}" 26 | password: "{{ apic_info.password }}" 27 | validate_certs: no 28 | 29 | rest_info: &rest_info 30 | use_proxy: no 31 | path: /api/mo/.json 32 | method: post 33 | tags: always 34 | 35 | #============================================================================================== 36 | # Begin Plays 37 | # 38 | # Available Tags: 39 | # snapshot 40 | # access-interface-policy-groups 41 | # vpc-interface-policy-group 42 | #============================================================================================== 43 | - import_playbook: ../../snapshot.yaml 44 | vars: 45 | snapshotDescription: Prior-to-configuring-Interface-Policy-Groups 46 | tags: snapshot 47 | 48 | #============================================================================================== 49 | # Create Policy Groups 50 | #============================================================================================== 51 | - name: Configure Interface Policies 52 | hosts: localhost 53 | connection: local 54 | gather_facts: no 55 | 56 | vars_files: 57 | - ./vars/interfaces-vars.yaml 58 | 59 | tasks: 60 | - name: Create/Delete Access Interface Policy Group 61 | aci_rest: 62 | <<: *apic_info 63 | <<: *rest_info 64 | content: 65 | infraAccPortGrp: 66 | attributes: 67 | dn: "uni/infra/funcprof/accportgrp-{{ item.accessPolicyGroupName }}" 68 | name: "{{ item.accessPolicyGroupName }}" 69 | descr: "{{ item.descr }}" 70 | rn: "accportgrp-{{ item.accessPolicyGroupName }}" 71 | status: "{{ desired_status }}" 72 | children: 73 | - infraRsCdpIfPol: 74 | attributes: 75 | tnCdpIfPolName: "{{ item.policies_interface_cdpInterface }}" 76 | status: "{{ desired_status }}" 77 | - infraRsAttEntP: 78 | attributes: 79 | tDn: "uni/infra/attentp-{{ item.aaepName }}" 80 | status: "{{ desired_status }}" 81 | with_items: 82 | "{{ interfaces_leafInterfaces_policyGroups_leafAccessPort }}" 83 | loop_control: 84 | pause: 1 85 | tags: access-interface-policy-groups 86 | 87 | 88 | - name: Create/Delete vPC Host Interface Policy Group 89 | aci_rest: 90 | <<: *apic_info 91 | <<: *rest_info 92 | content: 93 | infraAccBndlGrp: 94 | attributes: 95 | descr: "{{ item.descr }}" 96 | dn: "uni/infra/funcprof/accbundle-{{ item.vpcPolicyGroupName }}" 97 | lagT: 'node' 98 | name: "{{ item.vpcPolicyGroupName }}" 99 | status: "{{ desired_status }}" 100 | children: 101 | - infraRsCdpIfPol: 102 | attributes: 103 | tnCdpIfPolName: "{{ item.policies_interface_cdpInterface }}" 104 | - infraRsLacpPol: 105 | attributes: 106 | tnLacpLagPolName: "{{ item.policies_interface_portChannel }}" 107 | - infraRsAttEntP: 108 | attributes: 109 | tDn: "uni/infra/attentp-{{ item.aaepName }}" 110 | with_items: 111 | "{{ interfaces_leafInterfaces_policyGroups_vpcInterface }}" 112 | loop_control: 113 | pause: 1 114 | tags: vpc-interface-policy-group 115 | -------------------------------------------------------------------------------- /CTF/vmware/tmp/AnsibleDemo.yaml: -------------------------------------------------------------------------------- 1 | - name: Create Test Demo 2 EPGs 2 | hosts: 10.61.124.32 3 | connection: local 4 | gather_facts: no 5 | vars: 6 | # Create block resuable code for login of APIC and vCenter 7 | aci_login: &aci_login 8 | hostname: 10.61.124.32 9 | username: admin 10 | password: C!sco12345 11 | validate_certs: no 12 | tenant: "{{ tenant }}" 13 | vcenter_login: &vcenter_login 14 | hostname: vcenter-amslab.cisco.com 15 | username: administrator@vsphere.local 16 | password: "C!sco12345" 17 | validate_certs: False 18 | # Contract variables hardcoded 19 | filter: icmp_filter 20 | contract: TestApp-contract 21 | subject: icmp-subject 22 | 23 | 24 | # Ask for variable inputs 25 | vars_prompt: 26 | - name: "tenant" 27 | prompt: "Tenant name?" 28 | default: "AnsibleDemo" 29 | private: no 30 | - name: "vrf" 31 | prompt: "VRF name?" 32 | default: "vrf-test" 33 | private: no 34 | - name: "bd" 35 | prompt: "Bridge Domain name?" 36 | default: "bd-test" 37 | private: no 38 | - name: "ap" 39 | prompt: "Application Profile name?" 40 | default: "TestApp" 41 | private: no 42 | - name: "epg_name1" 43 | prompt: "EPG1 name?" 44 | default: "frontend" 45 | private: no 46 | - name: "epg_name2" 47 | prompt: "EPG2 name?" 48 | default: "backend" 49 | private: no 50 | - name: "vmm_domain" 51 | prompt: "VMM domain name?" 52 | default: "HX-ACI" 53 | private: no 54 | - name: "vm1" 55 | prompt: "VM1 name?" 56 | default: "AnsibleFrontend" 57 | private: no 58 | - name: "vm2" 59 | prompt: "VM2 name?" 60 | default: "AnsibleBackend" 61 | private: no 62 | 63 | tasks: 64 | 65 | - name: Create Tenant 66 | aci_tenant: 67 | <<: *aci_login 68 | 69 | - name: Create VRF 70 | aci_vrf: 71 | <<: *aci_login 72 | vrf: "{{ vrf }}" 73 | policy_control_preference: enforced 74 | 75 | - name: Create BD 76 | aci_bd: 77 | <<: *aci_login 78 | bd: "{{ bd }}" 79 | vrf: "{{ vrf }}" 80 | 81 | - name: Create a subnet 82 | aci_bd_subnet: 83 | <<: *aci_login 84 | bd: "{{ bd }}" 85 | gateway: 10.0.2.1 86 | mask: 24 87 | 88 | - name: Create AP 89 | aci_ap: 90 | <<: *aci_login 91 | ap: "{{ ap }}" 92 | 93 | - name: Create EPGs 94 | aci_epg: 95 | <<: *aci_login 96 | ap: "{{ ap }}" 97 | bd: "{{ bd }}" 98 | epg: "{{ item }}" 99 | intra_epg_isolation: unenforced 100 | with_items: 101 | - "{{ epg_name1 }}" 102 | - "{{ epg_name2 }}" 103 | 104 | - name: Bind EPG to VMM Domain 105 | aci_epg_to_domain: 106 | <<: *aci_login 107 | ap: "{{ ap }}" 108 | epg: "{{ item }}" 109 | domain: "{{ vmm_domain }}" 110 | domain_type: vmm 111 | vm_provider: vmware 112 | state: present 113 | with_items: 114 | - "{{ epg_name1 }}" 115 | - "{{ epg_name2 }}" 116 | 117 | - name: Create Filters 118 | aci_filter: 119 | <<: *aci_login 120 | filter: "{{ filter }}" 121 | 122 | - name: Create Filter Entries 123 | aci_filter_entry: 124 | <<: *aci_login 125 | ether_type: ip 126 | ip_protocol: icmp 127 | entry: TestApp-ICMP-Filter 128 | filter: "{{ filter }}" 129 | 130 | - name: Create Contracts 131 | aci_contract: 132 | <<: *aci_login 133 | contract: "{{ contract }}" 134 | 135 | - name: Create Contract Subjects 136 | aci_contract_subject: 137 | <<: *aci_login 138 | contract: "{{ contract }}" 139 | subject: "{{ subject }}" 140 | reverse_filter: yes 141 | 142 | - name: Create Subject Filter Binding 143 | aci_contract_subject_to_filter: 144 | <<: *aci_login 145 | contract: "{{ contract }}" 146 | subject: "{{ subject }}" 147 | filter: "{{ filter }}" 148 | 149 | - name: Bind EPGs to Contracts 150 | aci_epg_to_contract: 151 | <<: *aci_login 152 | ap: "{{ ap }}" 153 | contract: "{{ item.contract }}" 154 | contract_type: "{{ item.type }}" 155 | epg: "{{ item.epg }}" 156 | with_items: 157 | - { contract: "{{ contract }}", type: consumer, epg: "{{ epg_name1 }}"} 158 | - { contract: "{{ contract }}", type: provider, epg: "{{ epg_name2 }}"} 159 | 160 | - name: Bind VM to Portgroup 161 | vmware_guest: 162 | <<: *vcenter_login 163 | datacenter: Amsterdam 164 | esxi_hostname: 10.61.125.65 165 | name: "{{ item.name }}" 166 | networks: 167 | - name: "{{ item.net }}" 168 | start_connected: True 169 | state: present 170 | with_items: 171 | - { name: "{{ vm1 }}", net: "{{ tenant }}|{{ ap }}|{{ epg_name1 }}" } 172 | - { name: "{{ vm2 }}", net: "{{ tenant }}|{{ ap }}|{{ epg_name2 }}" } 173 | delegate_to: localhost 174 | -------------------------------------------------------------------------------- /CTF/uni/fabric/access-policies/vars/interfaces-leaf-101_and_102-vars.yaml: -------------------------------------------------------------------------------- 1 | #============================================================================================== 2 | # Leaf Interfaces 3 | # 4 | # status=modified,created 5 | # status=deleted 6 | # 7 | #============================================================================================== 8 | interfaces_leafInterfaces_profiles_101_and_102_ports: 9 | - port: "1" 10 | leafName: Leaf-101_and_102 11 | descr: esx-01 12 | PolicyGroupName: esx-host 13 | status: created,modified 14 | 15 | - port: "2" 16 | leafName: Leaf-101_and_102 17 | descr: esx-02 18 | PolicyGroupName: esx-host 19 | status: created,modified 20 | 21 | - port: "3" 22 | leafName: Leaf-101_and_102 23 | descr: esx-03 24 | PolicyGroupName: esx-host 25 | status: created,modified 26 | 27 | - port: "4" 28 | leafName: Leaf-101_and_102 29 | descr: esx-04 30 | PolicyGroupName: esx-host 31 | status: created,modified 32 | 33 | - port: "5" 34 | leafName: Leaf-101_and_102 35 | descr: esx-05 36 | PolicyGroupName: esx-host 37 | status: created,modified 38 | 39 | - port: "6" 40 | leafName: Leaf-101_and_102 41 | descr: esx-06 42 | PolicyGroupName: esx-host 43 | status: created,modified 44 | 45 | - port: "7" 46 | leafName: Leaf-101_and_102 47 | descr: esx-07 48 | PolicyGroupName: esx-host 49 | status: created,modified 50 | 51 | - port: "8" 52 | leafName: Leaf-101_and_102 53 | descr: esx-08 54 | PolicyGroupName: esx-host 55 | status: created,modified 56 | 57 | - port: "9" 58 | leafName: Leaf-101_and_102 59 | descr: esx-09 60 | PolicyGroupName: esx-host 61 | status: created,modified 62 | 63 | - port: "10" 64 | leafName: Leaf-101_and_102 65 | descr: esx-10 66 | PolicyGroupName: esx-host 67 | status: created,modified 68 | 69 | - port: "11" 70 | leafName: Leaf-101_and_102 71 | descr: windows-01 72 | PolicyGroupName: windows-host 73 | status: created,modified 74 | 75 | - port: "12" 76 | leafName: Leaf-101_and_102 77 | descr: windows-02 78 | PolicyGroupName: windows-host 79 | status: created,modified 80 | 81 | - port: "13" 82 | leafName: Leaf-101_and_102 83 | descr: windows-03 84 | PolicyGroupName: windows-host 85 | status: created,modified 86 | 87 | - port: "14" 88 | leafName: Leaf-101_and_102 89 | descr: linux-01 90 | PolicyGroupName: linux-host 91 | status: created,modified 92 | 93 | - port: "15" 94 | leafName: Leaf-101_and_102 95 | descr: linux-02 96 | PolicyGroupName: linux-host 97 | status: created,modified 98 | 99 | - port: "16" 100 | leafName: Leaf-101_and_102 101 | descr: linux-03 102 | PolicyGroupName: linux-host 103 | status: created,modified 104 | --------------------------------------------------------------------------------