Terraform で ACI に vzAny を設定する

2022.08.27

Terraform を使い、ACI で vzAny を設定する .tf ファイル例をメモしておきます。 以下の環境で動作確認しました。

  • ACI 6.0(1g)
  • Terraform 1.2.9
  • ACI Provider 2.5.2

構成図

file

.tf ファイル例

terraform {
  required_providers {
    aci = {
      source  = "CiscoDevNet/aci"
      version = "2.5.2"
    }
  }
}

provider "aci" {
  url      = "https://10.0.0.1"
  username = "admin"
  password = "PASSWORD"
  insecure = true
}

# Tenant
resource "aci_tenant" "tenant1" {
  name = "Tenant1"
}

# Contract / Subject / Filter
resource "aci_filter" "filter1" {
  tenant_dn = aci_tenant.tenant1.id
  name      = "Filter1"
}

resource "aci_filter_entry" "entry1" {
  name      = "0010"
  filter_dn = aci_filter.filter1.id
  ether_t   = "unspecified"
}

resource "aci_contract" "contract1" {
  tenant_dn = aci_tenant.tenant1.id
  name      = "Contract1"
}

resource "aci_contract_subject" "subject1" {
  contract_dn                  = aci_contract.contract1.id
  name                         = "Subject1"
  relation_vz_rs_subj_filt_att = [aci_filter.filter1.id]
}

# VRF
resource "aci_vrf" "vrf1" {
  tenant_dn = aci_tenant.tenant1.id
  name      = "Vrf1"
}

resource "aci_any" "vzany1" {
  vrf_dn                     = aci_vrf.vrf1.id
  relation_vz_rs_any_to_cons = [aci_contract.contract1.id]
  relation_vz_rs_any_to_prov = [aci_contract.contract1.id]
}

# Application Profile
resource "aci_application_profile" "ap1" {
  tenant_dn = aci_tenant.tenant1.id
  name      = "Ap1"
}

# Domain
data "aci_physical_domain" "physdom" {
  name = "PhysDom"
}

# BD&EPG #1
resource "aci_bridge_domain" "bd1" {
  tenant_dn          = aci_tenant.tenant1.id
  name               = "Bd1"
  relation_fv_rs_ctx = aci_vrf.vrf1.id
}

resource "aci_subnet" "bd1_subnet" {
  parent_dn = aci_bridge_domain.bd1.id
  ip        = "10.0.101.254/24"
}

resource "aci_application_epg" "epg1" {
  application_profile_dn = aci_application_profile.ap1.id
  name                   = "Epg1"
  relation_fv_rs_bd      = aci_bridge_domain.bd1.id
}

resource "aci_epg_to_domain" "epg1_physdom" {
  application_epg_dn = aci_application_epg.epg1.id
  tdn                = data.aci_physical_domain.physdom.id
}

resource "aci_epg_to_static_path" "egp1_port1" {
  application_epg_dn = aci_application_epg.epg1.id
  tdn                = "topology/pod-1/paths-201/pathep-[eth1/1]"
  encap              = "vlan-101"
}

# BD&EPG #2
resource "aci_bridge_domain" "bd2" {
  tenant_dn          = aci_tenant.tenant1.id
  name               = "Bd2"
  relation_fv_rs_ctx = aci_vrf.vrf1.id
}

resource "aci_subnet" "bd2_subnet" {
  parent_dn = aci_bridge_domain.bd2.id
  ip        = "10.0.102.254/24"
}

resource "aci_application_epg" "epg2" {
  application_profile_dn = aci_application_profile.ap1.id
  name                   = "Epg2"
  relation_fv_rs_bd      = aci_bridge_domain.bd2.id
}

resource "aci_epg_to_domain" "epg2_physdom" {
  application_epg_dn = aci_application_epg.epg2.id
  tdn                = data.aci_physical_domain.physdom.id
}

resource "aci_epg_to_static_path" "egp2_port1" {
  application_epg_dn = aci_application_epg.epg2.id
  tdn                = "topology/pod-1/paths-202/pathep-[eth1/1]"
  encap              = "vlan-102"
}

コメント

タイトルとURLをコピーしました