Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Enhancement: Support VM attributes in uSeg EPGs #93

Open
micronemo opened this issue May 27, 2024 · 6 comments
Open

Enhancement: Support VM attributes in uSeg EPGs #93

micronemo opened this issue May 27, 2024 · 6 comments
Labels
enhancement New feature or request

Comments

@micronemo
Copy link

How can I create a useg epg

@danischm
Copy link
Member

Will be included in the coming release.

@danischm danischm added the enhancement New feature or request label May 27, 2024
@micronemo
Copy link
Author

micronemo commented May 29, 2024

hi @danischm
i see the new configuration of useg epg but i don't find a resource for fvVmAttr

resource "aci_rest_managed" "fvVmAttr" {
  class_name = "fvVmAttr"
  dn         = "${aci_rest_managed.fvCrtrn_ubuntu.dn}/vmattr-0"
  content = {
    operator = "startsWith"
    type     = "vm-name"
    value    = "ubuntu"
    name     = "0"
  }
}

@guilinyan
Copy link
Contributor

Hi @micronemo,

Currently VM based uSeg attribute is not supported and it needs to be implemented by updating sub-module terraform-aci-useg-endpoint-group. In my undertanding, VM based uSeg attribute supports unlimited nesting which makes it more complex than network based IP/MAC uSeg attribute (not support nesting).

@micronemo
Copy link
Author

micronemo commented Jun 2, 2024

---
apic:
  tenants:
    - name: NWKT-T1
      application_profiles:
        - name: ANP1
          useg_endpoint_groups:
            - name: Ubuntu-SRV
              useg_attributes:
                match_type: any
                vm_attributes:
                  - block: 0
                    value: ubuntu
                    type: vm-name
                    operator: startsWith
            - name: Win10-EPG
              useg_attributes:
                match_type: any
                vm_attributes:
                  - block: 0
                    value: Win
                    type: vm-name
                    operator: startsWith
locals {
  model = yamldecode(file("${path.module}/../../custom_case_data/useg.yaml"))

  useg_epg_list = flatten([
    for tenant in local.model.apic.tenants : [
      for ap in tenant.application_profiles : [
        for epg in ap.useg_endpoint_groups : [
          for atb in epg.useg_attributes.vm_attributes :
          {
            tenant                = tenant.name
            application_profile   = ap.name
            useg_endpoint_group   = epg.name
            useg_attributes_match = epg.useg_attributes.match_type
            vm_attributes         = atb
          }
        ]
      ]
    ]
  ])
}

resource "aci_rest_managed" "fvCrtrn" {
  for_each   = { for blk in local.useg_epg_list : "blk_${blk.tenant}_${blk.application_profile}_${blk.useg_endpoint_group}_${blk.useg_attributes_match}_${blk.vm_attributes.block}" => blk }
  class_name = "fvCrtrn"
  dn         = "uni/tn-${each.value.tenant}/ap-${each.value.application_profile}/epg-${each.value.useg_endpoint_group}/crtrn"
  content = {
    match = each.value.useg_attributes_match
    name  = "default"
    prec  = "0"
    scope = "scope-bd"
  }
}

resource "aci_rest_managed" "fvVmAttr" {
  for_each   = { for blk in local.useg_epg_list : "blk_${blk.tenant}_${blk.application_profile}_${blk.useg_endpoint_group}_${blk.useg_attributes_match}_${blk.vm_attributes.block}" => blk }
  class_name = "fvVmAttr"
  dn         = "${aci_rest_managed.fvCrtrn[each.key].dn}/vmattr-${each.value.vm_attributes.block}"
  content = {
    operator = each.value.vm_attributes.operator
    type     = each.value.vm_attributes.type
    value    = each.value.vm_attributes.value
    name     = each.value.vm_attributes.block
  }
}

@Exonical
Copy link

Exonical commented Jun 7, 2024

VmAttr is much needed. Possibly could be supported by limiting the amount of tags so don't have to account for unlimited nesting? I don't think anyone uses huge amounts of nest so it could be limited to a certain number

@guilinyan
Copy link
Contributor

guilinyan commented Jun 7, 2024

Yeah, I'm also thinking this. Thanks for your suggestions and the sample code.

@andbyrne andbyrne changed the title question: How can I create a useg epg Enhancement: Support VM attributes in uSeg EPGs Aug 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

4 participants