Number of extra fabric settings plus a couple of bug fixes #275
Conversation
mthurstocisco
added
bug
| @@ -1,4 +1,4 @@ | |||
| {# Auto-generated NDFC DC VXLAN EVPN General config data structure for fabric {{ vxlan.global.name }} #} | |||
| BGP_AS: {{ global.bgp_asn }} | |||
| BGP_AS: "{{ global.bgp_asn }}" | |||
There was a problem hiding this comment.
What's your data type in the data model for this now?
There was a problem hiding this comment.
Still using a string
roles/validate/files/defaults.yml
Outdated
| ptp: | ||
| ptp_enable: false | ||
| enable_nxapi: true | ||
| enable_nxapi_http: true |
There was a problem hiding this comment.
Can we default NXAPI HTTP to false and disabled? Even on the switch nowadays, http is disabled by default whereas https is enabled by default.
There was a problem hiding this comment.
Happy to change to whatever, we were just mirroring the defaults in NDFC, should we diverge and make different decisions to the tool?
| - name: Config-Save block | ||
| block: | ||
| - name: Config-Save for Fabric {{ MD.vxlan.global.name }} | ||
| cisco.dcnm.dcnm_rest: | ||
| method: POST | ||
| path: "/appcenter/cisco/ndfc/api/v1/lan-fabric/rest/control/fabrics/{{ MD.vxlan.global.name }}/config-save" | ||
| when: MD_Extended.vxlan.topology.switches | length > 0 | ||
| register: config_save | ||
| # TODO: Need to add logic to only save if changes are made | ||
|
|
||
| rescue: | ||
| - name: Config-Save for Fabric {{ MD.vxlan.global.name }} - Failed | ||
| ansible.builtin.debug: | ||
| msg: "{{ config_save.msg.DATA }}" | ||
|
|
There was a problem hiding this comment.
I think I know what this is and @mikewiebe was talking to me about this some, but want to understand this better in our standups.
There was a problem hiding this comment.
sure, basic reason for save at this state is so that NDFC can do its easy fabric stuff (around both links and VPC config), happy to run through it though next time we chat
| # -------------------------------------------------------------------- | ||
| # Manage Interface Trunk Configuration on NDFC | ||
| # -------------------------------------------------------------------- | ||
|
|
||
| - name: Manage Interface Trunk | ||
| cisco.dcnm.dcnm_interface: | ||
| fabric: "{{ MD.vxlan.global.name }}" | ||
| state: replaced | ||
| config: "{{ interface_trunk }}" | ||
| when: MD_Extended.vxlan.topology.interfaces.modes.trunk.count > 0 | ||
|
|
||
| # -------------------------------------------------------------------- | ||
| # Manage Interface Access Routed Configuration on NDFC | ||
| # -------------------------------------------------------------------- | ||
|
|
||
| - name: Manage Interface Access | ||
| cisco.dcnm.dcnm_interface: | ||
| fabric: "{{ MD.vxlan.global.name }}" | ||
| state: replaced | ||
| config: "{{ interface_access }}" | ||
| when: MD_Extended.vxlan.topology.interfaces.modes.access.count > 0 | ||
|
|
There was a problem hiding this comment.
Why is this net new for trunks and access interfaces?
There was a problem hiding this comment.
shouldn't be new, just moved around the ordering (basically if the member ports from a PO don't exist then you cant add them to the PO, again, all this for pre provisioning)
| {% if MD_Extended.vxlan.topology.leaf is defined and vpc_peer.peer1 in MD_Extended.vxlan.topology.leaf %} | ||
| {% if MD_Extended.vxlan.topology.leaf[vpc_peer.peer1].management_ipv4_address is not none %} | ||
| - peerOneId: {{ MD_Extended.vxlan.topology.leaf[vpc_peer.peer1].management_ipv4_address }} | ||
| {% elif MD_Extended.vxlan.topology.leaf[vpc_peer.peer1].management_ipv6_address is not none %} | ||
| - peerOneId: {{ MD_Extended.vxlan.topology.leaf[vpc_peer.peer1].management_ipv6_address }} | ||
| {% else %} | ||
| - peerOneId: {{ vpc_peer.peer1 }} | ||
| {% endif %} | ||
| {% else %} | ||
| - peerOneId: {{ vpc_peer.peer1 }} | ||
| {% endif %} | ||
| {% if MD_Extended.vxlan.topology.leaf is defined and vpc_peer.peer2 in MD_Extended.vxlan.topology.leaf %} | ||
| {% if MD_Extended.vxlan.topology.leaf[vpc_peer.peer2].management_ipv4_address is not none %} | ||
| peerTwoId: {{ MD_Extended.vxlan.topology.leaf[vpc_peer.peer2].management_ipv4_address }} | ||
| {% elif MD_Extended.vxlan.topology.leaf[vpc_peer.peer2].management_ipv6_address is not none %} | ||
| peerTwoId: {{ MD_Extended.vxlan.topology.leaf[vpc_peer.peer2].management_ipv6_address }} | ||
| {% else %} | ||
| peerTwoId: {{ vpc_peer.peer2 }} | ||
| {% endif %} | ||
| {% else %} | ||
| peerTwoId: {{ vpc_peer.peer2 }} |
There was a problem hiding this comment.
So, for this template, there's an action plugin that is setting up the index by role that we actually need to refactor and not do it that way as it limits things to only leaf roles now for some reason.
There was a problem hiding this comment.
lets discuss more in person, think @peter8498 can speak more to this one
| peer1_cmds: |2- | ||
| {{ switches[peer1].freeform_config | default('') | indent(6, false) }} | ||
| peer2_cmds: |2- | ||
| {{ switches[peer2].freeform_config | default('') | indent(6, false) }} |
There was a problem hiding this comment.
Just want to make sure I understand this in next standup.
There was a problem hiding this comment.
just adding support for freeform under each peer
| {% if (vxlan.underlay.general.replication_mode | default(defaults.vxlan.underlay.general.replication_mode) ) == 'multicast' %} | ||
| BFD_PIM_ENABLE: {{ vxlan.underlay.bfd.pim | default(defaults.vxlan.underlay.bfd.pim) }} | ||
| {% endif %} |
There was a problem hiding this comment.
There's a bunch of refactor in PR #268 for IPv6 and mcast; lets just make sure we don't create a conflict here.
There was a problem hiding this comment.
looks like we are setting BRD_PIM_ENABLE in very different circumstances from reading your PR, lets discuss on a call
| {% if global.bootstrap is defined and global.bootstrap.cdp_enable is defined %} | ||
| CDP_ENABLE: global.bootstrap.cdp_enable | ||
| {% endif %} |
There was a problem hiding this comment.
Does this only apply to bootstrap?
There was a problem hiding this comment.
Yeah this is only to set CDP to on on the management interface at bootstrap, just tested on an already bootstrapped fabric, doesn't attempt to change any existing switch config, just a badly named key on the NDFC side
| fabric_vpc_qos: false | ||
| fabric_vpc_qos_policy_name: spine_qos_for_fabric_vpc_peering | ||
| enable_ipv6_nd_sync: true |
There was a problem hiding this comment.
Just general comment, don't forget updating defaults in schema repo.
Related Issue(s)
Related Collection Role
Related Data Model Element
Proposed Changes
Test Notes
Cisco NDFC Version
Checklist