Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding a control parameter use_desc_as_key to the dcnm_policy module #279

Open
dsx1123 opened this issue Mar 27, 2024 · 0 comments
Open
Labels

Comments

@dsx1123
Copy link

dsx1123 commented Mar 27, 2024

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

The policy in DCNM/NDFC is using policy ID as the key in the backend which creates the problem of idempotency for Ansible, we created a parameter called create_additional_policy which can be used to prevent duplicated policy get created if the policy is not changed. However, if the user would like to modify or delete the policy, the user must use the policy ID to identify the policy that he/she would like to modify.

The notion of this proposal is to treat the description of policy as key to identifying the policy within the switch scope.

New or Affected modules(s):

  • dcnm_policy

NDFC version

  • V 12.x

Potential ansible task config

# Copy-paste your ansible playbook
    - name: Create policy for k8s subnet peering
      cisco.dcnm.dcnm_policy:
        fabric: "{{ fabric }}"
        state: merged
        use_desc_as_key: true     #  default is false
        config:
          - name: switch_freeform
            description: "bgp peer {{ k8s_node_subnet }}"
            policy_vars:
              CONF: "{{ lookup('template', 'templates/k8s_ibgp_peer.tmpl.j2') }}"
          - switch:
            - ip: 172.31.217.122
            - ip: 172.31.217.123
            - ip: 172.31.219.7
            - ip: 172.31.217.102

behavior:

  • use_desc_as_key is a global level config, and should affect all the policies listed in the config section
  • When use_desc_as_key is false, the behavior of the module doesn't change
  • When use_desc_as_key is true, the behavior should be as below:
    • the description must not be empty, error the module when any of the policies defined in the playbook is empty or not defined
    • the unicity of the description is in the switch scope
    • the unicity of the description is maintained by the user, when the user creates the policies, the user needs to make sure the description of the policy is unique
    • However, the module should check if there is duplication in the description of the NDFC, If there is more than one policy having the same description, the module should exit with an error
    • The module should search the existing policies associated with the switch, if found, and policy_vars is changed, the module should modify the existing policy, if not found, module should create a new one
    • if the name(template name) is changed, module should delete the existing one and create a new one with the new template

References

Additional context
Add any other context or screenshots about the feature request here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant