APIC configure trunk port with multiple VLANS with Ansible

irenof · ‎11-15-2024

Hi all,

I have asked to configure many trunk interfaces for a migration to ACI.

I have an excel table like this :

I am using ansible to create the stati binds in order to reduce the time, there are may interfaces.

My question is how to configure trunk with multiple vlans?

I create many EPGs as the VLAN I have and then I create the same static bind for each EPG with the correct VLAN encapsulation.

I have just one VLAN pool with all the vlans.

Basically, for each VLAN X in legacy I created a VLAN_X EPG and I created this script

- name: Split EPGs
  set_fact:
    epg_list: "{{ item.EPG.split(',') }}"

- name: Deploy Static Path binding for given EPG
  cisco.aci.aci_static_binding_to_epg:
    hostname: '{{ ansible_host }}'
    username: '{{ username }}'
    password: '{{ password }}'
    validate_certs: no
    tenant: "{{ item.tenant }}"
    ap: "{{ item.AP }}"
    epg: "{{ epg }}"
    encap_id: "{{ epg | replace('VLAN_','') }}"
    deploy_immediacy: immediate
    interface_mode: "{{ item.interface_mode }}"
    interface_type: "{{ item.interface_type }}"
    pod_id:  "{{ item.pod }}"
    leafs:  "{{ item.leaf }}"
    interface:  "{{ item.port | replace('Ethernet','')  }}"
    state: present
  delegate_to: localhost
  loop: "{{epg_list}}"
  loop_control:
    loop_var: "epg"

The split task split cells in ["VLAN_1", "VLAN_X", "VLAN_N"]

and then I iterate over it to create the static bind for interface 1/X for each vlan in the trunk.

Does exist a cleverer way?

Thanks,

Irenof

bigevilbeard · ‎11-15-2024

Not an expert on this one (APIC) and my Ansible is flakey these days... could you create a separate static binding for each EPG and VLAN? This would streamline your process by grouping VLANs, by using a single task to create the trunk configuration.

Might look like (please double check this!)

- name: Define VLANs and EPGs
  set_fact:
    vlan_epg_map:
      - vlan: 10
        epg: "VLAN_10"
      - vlan: 20
        epg: "VLAN_20"
      - vlan: 30
        epg: "VLAN_30"
      # Add more VLANs and EPGs as needed

- name: Create Trunk Interface with Multiple VLANs
  cisco.aci.aci_static_binding_to_epg:
    hostname: '{{ ansible_host }}'
    username: '{{ username }}'
    password: '{{ password }}'
    validate_certs: no
    tenant: "{{ item.tenant }}"
    ap: "{{ item.AP }}"
    epg: "{{ item.epg }}"
    encap_id: "{{ item.vlan }}"
    deploy_immediacy: immediate
    interface_mode: "{{ item.interface_mode }}"
    interface_type: "{{ item.interface_type }}"
    pod_id:  "{{ item.pod }}"
    leafs:  "{{ item.leaf }}"
    interface:  "{{ item.port | replace('Ethernet','') }}"
    state: present
  delegate_to: localhost
  loop: "{{ vlan_epg_map }}"
  loop_control:
    loop_var: "item"

Please mark this as helpful or solution accepted to help others
Connect with me https://bigevilbeard.github.io

irenof · ‎11-15-2024

hi @bigevilbeard thank you for you answer. The method you propose is the same as mine (1 EPG : 1 VLAN and then I loop over the EPG to create the binding). I am asking if does exist an ACI method to create a trunk interface with multiple VLAN, for example a secret field where to place vlan ranges

M02@rt37 · ‎11-15-2024

Hello @irenof

you can optimize your approach by grouping VLANs for each trunk interface instead of creating individual bindings for each VLAN. ACI supports defining multiple VLANs in a single static path binding, either as a range (e.g., 1-100) or a comma-separated list (e.g., 10,20,30).

So, you can preprocess your Excel data to group VLANs by trunk interface, reducing redundancy. In your Ansible playbook, modify the encap_id field to accept the grouped VLANs and use Ansible’s combine or groupby filter to process the data by interface. This approach eliminates the need to split and iterate over individual VLANs, allowing for a single operation per trunk interface. By using this method, you simplify the configuration process, reduce execution time, and ensure scalability for larger migrations.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

irenof · ‎11-15-2024

Hi M02@rt37 your answer could solve my problem, but I am no able to reproduce that in my APIC 6.0.3, I cannot select vlan ranges when I crete static bindings.Is something available in a different release, or am I missing something?

Many thanks

Torbjørn · ‎11-15-2024

I unfortunately believe that there is no more optimized way to achieve this than what you've already found.

The encap_id field only allows integers, no lists or ranges.
See the following doc:
https://docs.ansible.com/ansible/latest/collections/cisco/aci/aci_static_binding_to_epg_module.html#parameter-encap_id

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

irenof · ‎11-15-2024

Hi @Torbjørn, do exist methods tha allow range of VLANS? it seems that also APIC do not allow me to use ranges (APIC 6.0.3)

Torbjørn · ‎11-15-2024

I can't see any way to do it through the ACI ansible module at least. There might be a way to do this using the API and the ACI rest module, but I would probably stick to using aci_static_binding_to_epg like you're already doing unless there is _a lot_ of time to save by doing this.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev