cisco.mso.ndo_schema_template_contract_service_chain module – Manage the Schema Template Contract Service Chaining workflow on Cisco Nexus Dashboard Orchestrator (NDO).

Note

This module is part of the cisco.mso collection (version 2.11.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.mso. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.mso.ndo_schema_template_contract_service_chain.

New in cisco.mso 2.11.0

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • Multi Site Orchestrator v2.1 or newer

Parameters

Parameter

Comments

contract

string

The name of the contract.

This parameter is mutually exclusive with contract_uuid.

contract_uuid

string

The UUID of the contract.

This parameter is mutually exclusive with contract.

host

aliases: hostname

string

IP Address or hostname of the ACI Multi Site Orchestrator host.

If the value is not specified in the task, the value of environment variable MSO_HOST will be used instead.

login_domain

string

The login domain name to use for authentication.

The default value is Local.

If the value is not specified in the task, the value of environment variable MSO_LOGIN_DOMAIN will be used instead.

When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_login_domain will be used if this attribute is not specified.

node_filter

aliases: filter_after_first_device

string

The Filter After First Device option of the contract service chain.

This enables traffic filtering to be dynamically applied after the first device in the chain has processed the traffic.

Defaults to node_filter=allow_all when unset during creation.

Choices:

  • "allow_all"

  • "filters_from_contract"

output_level

string

Influence the output of this MSO module.

normal means the standard output, incl. current dict

info adds informational output, incl. previous, proposed and sent dicts

debug adds debugging output, incl. filter_string, method, response, status and url information

If the value is not specified in the task, the value of environment variable MSO_OUTPUT_LEVEL will be used instead.

Choices:

  • "debug"

  • "info"

  • "normal" ← (default)

password

string

The password to use for authentication.

If the value is not specified in the task, the value of environment variables MSO_PASSWORD or ANSIBLE_NET_PASSWORD will be used instead.

port

integer

Port number to be used for the REST connection.

The default value depends on parameter `use_ssl`.

If the value is not specified in the task, the value of environment variable MSO_PORT will be used instead.

schema

string

The name of the schema.

This parameter is mutually exclusive with schema_id.

This parameter or schema_id is required when template is set.

schema_id

string

The ID of the schema.

This parameter is mutually exclusive with schema.

This parameter or schema is required when template is set.

service_nodes

list / elements=dictionary

The list of service nodes for the contract service chain.

This parameter is required for creating the contract service chain.

Providing a new list of service_nodes will completely replace an existing one from the contract service chain.

consumer_interface_name

aliases: consumer_interface, consumer

string / required

The name of the service device interface used as the consumer interface in the contract service chain.

consumer_redirect

boolean

The consumer redirect option of the contract service chain.

Defaults to service_nodes.consumer_redirect=false when unset during creation.

Choices:

  • false

  • true

device

dictionary

The service device details for the contract service chain.

This parameter is mutually exclusive with service_nodes.uuid.

This parameter or service_nodes.uuid is required.

name

string / required

The name of the service device.

template

string

The template name of the service device.

This parameter is mutually exclusive with service_nodes.device.template_id.

This parameter or service_nodes.device.template_id is required.

template_id

string

The template id of the service device.

This parameter is mutually exclusive with service_nodes.device.template.

This parameter or service_nodes.device.template is required.

device_type

aliases: type

string / required

The type of the service device.

Choices:

  • "firewall"

  • "load_balancer"

  • "other"

provider_interface_name

aliases: provider_interface, provider

string / required

The name of the service device interface used as the provider interface in the contract service chain.

provider_redirect

boolean

The provider redirect option of the contract service chain.

Defaults to service_nodes.provider_redirect=false when unset during creation.

Choices:

  • false

  • true

uuid

aliases: device_uuid

string

The UUID of the service device.

This parameter is mutually exclusive with service_nodes.device.

This parameter or service_nodes.device is required.

state

string

Use present or absent for adding or removing.

Use query for listing an object or multiple objects.

Choices:

  • "absent"

  • "present" ← (default)

  • "query"

template

string

The name of the template.

This parameter is mutually exclusive with template_id.

template_id

string

The ID of the template.

This parameter is mutually exclusive with template.

timeout

integer

The socket level timeout in seconds.

The default value is 30 seconds.

If the value is not specified in the task, the value of environment variable MSO_TIMEOUT will be used instead.

use_proxy

boolean

If false, it will not use a proxy, even if one is defined in an environment variable on the target hosts.

If the value is not specified in the task, the value of environment variable MSO_USE_PROXY will be used instead.

The default is true.

Choices:

  • false

  • true

use_ssl

boolean

If false, an HTTP connection will be used instead of the default HTTPS connection.

If the value is not specified in the task, the value of environment variable MSO_USE_SSL will be used instead.

When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_use_ssl will be used if this attribute is not specified.

The default is false when using a HTTPAPI connection plugin (mso or nd) and true when using the legacy connection method (only for mso).

Choices:

  • false

  • true

username

string

The username to use for authentication.

If the value is not specified in the task, the value of environment variables MSO_USERNAME or ANSIBLE_NET_USERNAME will be used instead.

validate_certs

boolean

If false, SSL certificates will not be validated.

This should only set to false when used on personally controlled sites using self-signed certificates.

If the value is not specified in the task, the value of environment variable MSO_VALIDATE_CERTS will be used instead.

The default is true.

Choices:

  • false

  • true

Notes

Note

  • This module was written to support Multi Site Orchestrator v2.1 or newer. Some or all functionality may not work on earlier versions.

See Also

See also

cisco.mso.mso_schema_template_contract_filter

Manage contract filters in schema templates.

Examples

- name: Add schema template contract service chain
  cisco.mso.ndo_schema_template_contract_service_chain:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    schema: schema1
    template: template1
    contract: contract1
    node_filter: allow_all
    service_nodes:
      - device_type: load_balancer
        consumer_interface_name: lb_interface1
        provider_interface_name: lb_interface2
        consumer_redirect: true
        provider_redirect: true
        device:
          name: load_balancer_device
          template: service_device_template
    state: present

- name: Update schema template contract service chain with multiple nodes
  cisco.mso.ndo_schema_template_contract_service_chain:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    schema: schema1
    template: template1
    contract: contract1
    node_filter: "filters_from_contract"
    service_nodes:
      - device_type: load_balancer
        consumer_interface_name: lb_interface1
        provider_interface_name: lb_interface2
        consumer_redirect: true
        provider_redirect: true
        device:
          name: load_balancer_device
          template: service_device_template
      - device_type: firewall
        consumer_interface_name: fw_interface1
        provider_interface_name: fw_interface2
        uuid: "{{ service_device.current.uuid }}"
    state: present

- name: Query schema template contract service chain
  cisco.mso.ndo_schema_template_contract_service_chain:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    schema: schema1
    template: template1
    contract: contract1
    state: query
  register: query_service_chain

- name: Delete schema template contract service chain
  cisco.mso.ndo_schema_template_contract_service_chain:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    schema: schema1
    template: template1
    contract: contract1
    state: absent

Authors

  • Sabari Jaganathan (@sajagana)