/terraform-mso-nac-ndo

Terraform Cisco NDO Nexus-as-Code Module

Primary LanguageHCLApache License 2.0Apache-2.0

Tests

Terraform NDO Nexus-as-Code Module

A Terraform module to configure Nexus Dashboard Orchestrator (NDO).

This module is part of the Cisco Nexus-as-Code project. Its goal is to allow users to instantiate network fabrics in minutes using an easy to use, opinionated data model. It takes away the complexity of having to deal with references, dependencies or loops. By completely separating data (defining variables) from logic (infrastructure declaration), it allows the user to focus on describing the intended configuration while using a set of maintained and tested Terraform Modules without the need to understand the low-level ACI object model. More information can be found here: https://cisco.com/go/nexusascode.

Usage

This module supports an inventory driven approach, where a complete NDO configuration or parts of it are either modeled in one or more YAML files or natively using Terraform variables.

There are six configuration sections which can be selectively enabled or disabled using module flags:

  • system: Manage system level configuration like banners
  • sites: Enable sites in NDO
  • site_connectivity: Manage Multi-Site connectivity configuration
  • tenants: Configure tenants using NDO
  • schemas: Configurations applied at the schema and template level (e.g., VRFs and Bridge Domains)
  • deploy_templates: Automatically deploy templates

The full data model documentation is available here: https://developer.cisco.com/docs/nexus-as-code/#!data-model

The module currently supports only NDO version 3.7.

Examples

Configuring a Tenant using YAML:

ndo.yaml

ndo:
  sites:
    - name: APIC1
      id: 1
      apic_urls:
        - "https://10.1.1.1"
  tenants:
    - name: NDO1
      sites:
        - name: APIC1

main.tf

module "tenant" {
  source  = "netascode/nac-ndo/mso"
  version = ">= 0.7.0"

  yaml_files = ["ndo.yaml"]

  manage_sites   = true
  manage_tenants = true
}

Configuring a Site using native HCL:

main.tf

module "site" {
  source  = "netascode/nac-ndo/mso"
  version = ">= 0.7.0"

  model = {
    ndo = {
      sites = [
        {
          name      = "APIC1"
          id        = 1
          apic_urls = ["https://10.1.1.1"]
        }
      ]
    }
  }

  manage_sites = true
}

Issues

Depending on the exact configuration, there might be issues with the NDO API returning errors due to concurrent operations. In this case one can use the parallelism=1 command line attribute to ensure all resource operations are executed in sequence.

$ terraform apply -parallelism=1

Alternatively, an environment variable can be used as well.

$ export TF_CLI_ARGS_apply="-parallelism=1"

Requirements

Name Version
terraform >= 1.4.0
local >= 2.3.0
mso = 1.2.2
utils >= 0.2.5

Inputs

Name Description Type Default Required
deploy_templates Flag to indicate if templates should be deployed. bool false no
manage_schemas Flag to indicate if schemas should be managed. bool false no
manage_site_connectivity Flag to indicate if site connectivity be managed. bool false no
manage_sites Flag to indicate if sites should be managed. bool false no
manage_system Flag to indicate if system level configuration should be managed. bool false no
manage_tenants Flag to indicate if tenants be managed. bool false no
managed_schemas List of schema names to be managed. By default all schemas will be managed. list(string) [] no
managed_tenants List of tenant names to be managed. By default all tenants will be managed. list(string) [] no
model As an alternative to YAML files, a native Terraform data structure can be provided as well. map(any) {} no
write_default_values_file Write all default values to a YAML file. Value is a path pointing to the file to be created. string "" no
yaml_directories List of paths to YAML directories. list(string) [] no
yaml_files List of paths to YAML files. list(string) [] no

Outputs

Name Description
default_values All default values.
model Full model.

Providers

Name Version
local >= 2.3.0
mso = 1.2.2
utils >= 0.2.5

Resources

Name Type
local_sensitive_file.defaults resource
mso_remote_location.remote_location resource
mso_rest.schema_site_contract resource
mso_rest.schema_site_service_graph resource
mso_rest.site_connectivity resource
mso_rest.system_config resource
mso_schema.schema resource
mso_schema_site.schema_site resource
mso_schema_site_anp.schema_site_anp resource
mso_schema_site_anp_epg.schema_site_anp_epg resource
mso_schema_site_anp_epg_bulk_staticport.schema_site_anp_epg_bulk_staticport resource
mso_schema_site_anp_epg_domain.schema_site_anp_epg_domain_physical resource
mso_schema_site_anp_epg_domain.schema_site_anp_epg_domain_vmware resource
mso_schema_site_anp_epg_selector.schema_site_anp_epg_selector resource
mso_schema_site_anp_epg_static_leaf.schema_site_anp_epg_static_leaf resource
mso_schema_site_anp_epg_subnet.schema_site_anp_epg_subnet resource
mso_schema_site_bd.schema_site_bd resource
mso_schema_site_bd_l3out.schema_site_bd_l3out resource
mso_schema_site_bd_subnet.schema_site_bd_subnet resource
mso_schema_site_contract_service_graph.schema_site_contract_service_graph resource
mso_schema_site_external_epg.schema_site_external_epg resource
mso_schema_site_external_epg_selector.schema_site_external_epg_selector resource
mso_schema_site_service_graph.schema_site_service_graph resource
mso_schema_site_vrf.schema_site_vrf resource
mso_schema_site_vrf_region.schema_site_vrf_region resource
mso_schema_template_anp.schema_template_anp resource
mso_schema_template_anp_epg.schema_template_anp_epg resource
mso_schema_template_anp_epg_contract.schema_template_anp_epg_contract resource
mso_schema_template_anp_epg_subnet.schema_template_anp_epg_subnet resource
mso_schema_template_bd.schema_template_bd resource
mso_schema_template_bd_subnet.schema_template_bd_subnet resource
mso_schema_template_contract.schema_template_contract resource
mso_schema_template_contract_service_graph.schema_template_contract_service_graph resource
mso_schema_template_deploy_ndo.template resource
mso_schema_template_deploy_ndo.template2 resource
mso_schema_template_deploy_ndo.template3 resource
mso_schema_template_external_epg.schema_template_external_epg resource
mso_schema_template_external_epg_contract.schema_template_external_epg_contract resource
mso_schema_template_external_epg_selector.schema_template_external_epg_selector resource
mso_schema_template_external_epg_subnet.schema_template_external_epg_subnet resource
mso_schema_template_filter_entry.schema_template_filter_entry resource
mso_schema_template_l3out.schema_template_l3out resource
mso_schema_template_service_graph.schema_template_service_graph resource
mso_schema_template_vrf.schema_template_vrf resource
mso_schema_template_vrf_contract.schema_template_vrf_contract resource
mso_site.site resource
mso_tenant.tenant resource
mso_rest.ndo_version data source
mso_rest.system_config data source
mso_schema.schema data source
mso_schema.template_schema data source
mso_site.site data source
mso_site.template_site data source
mso_site.tenant_site data source
mso_tenant.template_tenant data source
mso_user.tenant_user data source
utils_yaml_merge.defaults data source
utils_yaml_merge.model data source

Modules

No modules.