Skip to content

terraform-cisco-modules/terraform-dcnm-freeform

BranchesTags

Repository files navigation

terraform-dcnm-freeform

published

Terraform module for deploying freeform CLi configuration to one or more switches. This uses the dcnm_policy resource to deploy switch_freeform type templates. This should not be used for interface-level freeform CLI.

  • Access control lists (ACLs)
  • Prefix lists
  • Route-maps

Note: Please be careful in the use of switch_freeform template instances. These should be used when no other options for freefrom configuration exists. There are already options in NDFC for freeform configuration at the following locations and these should be used instead if appropriate:

  • Fabric (All Leaf role switches, All Spine role switches, All ToR role switches)
  • Interfaces (inc. vPC interfaces)
  • VRFs (per VRF attachment/switch, not for all switches/attachments)
  • VRF-lite Peering/Link Templates (both source & destination switches)
  • Networks (per Network attachmen/switch, not for all networks/attachments)

Usage Examples

The example code belows shows various options for using this module to deploy an ACL across selected switches. For more details please see the example Terraform code that uses in this module in the example directory.

## Example 1 - Single ACL Inline ##

module "test-acl" {
  source  = "terraform-cisco-modules/freeform/dcnm"
  version = "1.0.0"

  content = <<-EOT
  ip access-list TF-TEST-ACL
    10 permit ip any any
    20 permit ip 1.1.1.1/32 2.2.2.2/32
  EOT
  switches  = {
    DC1-LEAF-1 = {
      name = "DC1-LEAF-1"
      fabric = "CML2-DC1"
    }
    DC1-LEAF-2 = {
      name = "DC1-LEAF-2"
      fabric = "CML2-DC1"
    }
  }
}

## Example 2 - Multiple ACLs from Input Variable ##

module "acls" {
  for_each = var.acls
  source  = "terraform-cisco-modules/freeform/dcnm"
  version = "1.0.0"

  content   = each.value.content
  switches  = each.value.switches
}


## Example 3 - Single ACL read from text file ##

module "file-acl" {
  source  = "terraform-cisco-modules/freeform/dcnm"
  version = "1.0.0"

  content = file("example_acl.txt")
  switches  = {
    DC1-LEAF-1 = {
      name = "DC1-LEAF-1"
      fabric = "CML2-DC1"
    }
    DC1-LEAF-2 = {
      name = "DC1-LEAF-2"
      fabric = "CML2-DC1"
    }
  }
}

Requirements

Name Version
dcnm 1.2.3

Providers

Name Version
dcnm 1.2.3

Modules

Name Source Version
freeform ./modules/dcnm_policy n/a

Resources

Name Type
dcnm_inventory.switches data source

Inputs

Name Description Type Default Required
content Switch CLI content as multiline string string n/a yes
switches Map of switches to configure with freeform CLI policy 
map(object({
    name    = string
    fabric  = string
  }))
 n/a yes

Outputs

Name Description
serial_numbers n/a

About

Terraform module for deploying ACLs to DCNM/NDFC

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 2

Updated docs Latest
Oct 21, 2022
+ 1 release

Packages

No packages published

Languages