New in version 2.4.
The below requirements are needed on the host that executes this module.
Parameter |
Choices/Defaults |
Comments |
---|---|---|
certificate_name
|
Default:
C(private_key) basename
|
The X.509 certificate name attached to the APIC AAA user used for signature-based authentication.
It defaults to the
private_key basename, without extension.aliases: cert_name |
content
|
|
When used instead of
src , sets the payload of the API request directly.This may be convenient to template simple requests, for anything complex use the template module.
|
host
required |
|
IP Address or hostname of APIC resolvable by Ansible control host.
aliases: hostname |
method
|
|
The HTTP method of the request.
Using
delete is typically used for deleting objects.Using
get is typically used for querying objects.Using
post is typically used for modifying objects.aliases: action |
output_level
|
|
Influence the output of this ACI module.
normal means the standard output, incl. current dictinfo means informational output, incl. previous , proposed and sent dictsdebug means debugging output, incl. filter_string , method , response , status and url information |
password
required |
|
The password to use for authentication.
|
path
required |
|
URI being used to execute API calls.
Must end in
.xml or .json .aliases: uri |
port
|
Default:
443 (for https) and 80 (for http)
|
Port number to be used for REST connection.
|
private_key
|
|
PEM formatted file that contains your private key to be used for signature-based authentication.
The name of the key (without extension) is used as the certificate name in ACI, unless
certificate_name is specified.aliases: cert_key |
src
|
|
Name of the absolute path of the filname that includes the body of the http request being sent to the ACI fabric.
aliases: config_file |
timeout
|
Default:
30
|
The socket level timeout in seconds.
|
use_proxy
|
|
If
no , it will not use a proxy, even if one is defined in an environment variable on the target hosts. |
use_ssl
|
|
If
no , an HTTP connection will be used instead of the default HTTPS connection. |
username
required |
Default:
admin
|
The username to use for authentication.
aliases: user |
validate_certs
|
|
If
no , SSL certificates will not be validated.This should only set to
no used on personally controlled sites using self-signed certificates. |
Note
- name: Add a tenant using certifcate authentication
aci_rest:
host: apic
username: admin
private_key: pki/admin.key
method: post
path: /api/mo/uni.xml
src: /home/cisco/ansible/aci/configs/aci_config.xml
delegate_to: localhost
- name: Add a tenant using inline YAML
aci_rest:
host: apic
username: admin
private_key: pki/admin.key
validate_certs: no
path: /api/mo/uni.json
method: post
content:
fvTenant:
attributes:
name: Sales
descr: Sales departement
delegate_to: localhost
- name: Add a tenant using a JSON string
aci_rest:
host: apic
username: admin
private_key: pki/admin.key
validate_certs: no
path: /api/mo/uni.json
method: post
content:
{
"fvTenant": {
"attributes": {
"name": "Sales",
"descr": "Sales departement"
}
}
}
delegate_to: localhost
- name: Add a tenant using an XML string
aci_rest:
host: apic
username: admin
private_key: pki/{{ aci_username}}.key
validate_certs: no
path: /api/mo/uni.xml
method: post
content: '<fvTenant name="Sales" descr="Sales departement"/>'
delegate_to: localhost
- name: Get tenants using password authentication
aci_rest:
host: apic
username: admin
password: SomeSecretPassword
method: get
path: /api/node/class/fvTenant.json
delegate_to: localhost
- name: Configure contracts
aci_rest:
host: apic
username: admin
private_key: pki/admin.key
method: post
path: /api/mo/uni.xml
src: /home/cisco/ansible/aci/configs/contract_config.xml
delegate_to: localhost
- name: Register leaves and spines
aci_rest:
host: apic
username: admin
private_key: pki/admin.key
validate_certs: no
method: post
path: /api/mo/uni/controller/nodeidentpol.xml
content: |
<fabricNodeIdentPol>
<fabricNodeIdentP name="{{ item.name }}" nodeId="{{ item.nodeid }}" status="{{ item.status }}" serial="{{ item.serial }}"/>
</fabricNodeIdentPol>
with_items:
- '{{ apic_leavesspines }}'
delegate_to: localhost
- name: Wait for all controllers to become ready
aci_rest:
host: apic
username: admin
private_key: pki/admin.key
validate_certs: no
path: /api/node/class/topSystem.json?query-target-filter=eq(topSystem.role,"controller")
register: apics
until: "'totalCount' in apics and apics.totalCount|int >= groups['apic']|count"
retries: 120
delay: 30
delegate_to: localhost
run_once: yes
Common return values are documented here, the following are the fields unique to this module:
Key |
Returned |
Description |
---|---|---|
error_code
int
|
always |
The REST ACI return code, useful for troubleshooting on failure
Sample:
122
|
error_text
string
|
always |
The REST ACI descriptive text, useful for troubleshooting on failure
Sample:
unknown managed object class foo
|
imdata
string
|
always |
Converted output returned by the APIC REST (register this for post-processing)
Sample:
[{'error': {'attributes': {'text': 'unknown managed object class foo', 'code': '122'}}}]
|
payload
string
|
always |
The (templated) payload send to the APIC REST API (xml or json)
Sample:
<foo bar="boo"/>
|
raw
string
|
parse error |
The raw output returned by the APIC REST API (xml or json)
Sample:
<?xml version="1.0" encoding="UTF-8"?><imdata totalCount="1"><error code="122" text="unknown managed object class foo"/></imdata>
|
response
string
|
always |
HTTP response string
Sample:
HTTP Error 400: Bad Request
|
status
int
|
always |
HTTP status code
Sample:
400
|
totalCount
string
|
always |
Number of items in the imdata array
Sample:
0
|
url
string
|
success |
URL used for APIC REST call
Sample:
https://1.2.3.4/api/mo/uni/tn-[Dag].json?rsp-subtree=modified
|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.