I've cerated a baisc Ansible playbook that will create the following:
- Tenent, VRF, App Profile, BD, BD Gateway Address, EPG, Contracts (Provider and Consumer for full mesh between EPG's), Conracts associate (prov/cons).
It does this from around 7 line of config in a VAR file where some values and dictionary are defined.
The VAR file could be an application such as "Intranet" or "AD"
It works great but before I productionise I have a few questions around best practice. We really want to standardise on Ansible and Ansible Tower for production. That will be a challenge enough for most of our engineers.
At first I thought the above could be deined as Infra As Code, but it's not really. If the EPG name is changed, or a the L3 address for the BD is change, Ansible will create an additional resource - it has no way of knowing this is a replacement like Terraform might.
So my questions are:
1) How are people using an Ansible and ACI - As a one-time deployment tool or as IAAC and rebuilding based on the code when changes are made.
2) How might I store and deploy the various VAR files with Ansible Tower. A single template for each "app"? A single template and pass in an argument for the required VAR file to be deployed?
Any other suggestions around App Profile build in ACI would be appreciated. I'll try and attach my POC VAR file as an example later.