Solved: ansible domain profile

tdubb123 · ‎03-05-2024

hi

any examples on using ansible to create domain profile? I have the policies in place but want to crewate a profile but assign later.

Sandeep Kumar · ‎03-06-2024

Yes, split the task "Configure A Switch Profile" into two tasks:

1. Create Switch Profile

2. Assign Policies to the Switch Profile

View solution in original post

tdubb123 · ‎03-06-2024

i tried this but its not creating anything. i dont have any FIs to assign so i want to assign later. any idea?

- name: "Configure domain profile"
  vars:
    api_info: &api_info
      api_private_key: "{{ api_private_key }}"
      api_key_id: "{{ api_key_id }}"
      api_uri: "{{ api_uri | default(omit) }}"
      validate_certs: "{{ validate_certs | default(omit) }}"
      state: "{{ state | default(omit) }}"

  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SwitchClusterProfiles
    query_params:
      $filter: "Name eq '{{ profile_name }}'"
    api_body: {
      Name: "{{ profile_name }}",
      Description: "{{ description_of_domain_profile }}",
      Organization: {
          "Moid": "{{ intersight_org.api_response.Moid }}"
        }}  
  register: profile_resp

  # Get the QoS Policy
- name: "Get Qos Policy Moid"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SystemQosPolicies
    query_params:
      $filter: "Name eq '{{ system_qos_policy_name }}'"
  register: qos_resp

- name: "Configure A Switch Profile"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SwitchProfiles
    query_params:
      $filter: "Name eq '{{ profile_name }}-A'"
    api_body: {
      "Name": "{{ profile_name }}-A",
      "SwitchClusterProfile": {
        "Moid": "{{ profile_resp.api_response.Moid }}"
      },
      "PolicyBucket": [
        {
          "Moid": "{{ port_resp.api_response.Moid }}",
          "ObjectType": "fabric.PortPolicy"
        },
        {
          "Moid": "{{ qos_resp.api_response.Moid }}",
          "ObjectType": "fabric.SystemQosPolicy"
        }
      ],
      #"AssignedSwitch": {
      #      "Moid": "{{ fib_resp.api_response.Moid }}"
      #    },
      #    "Action": "{{ profile_action | default('No-op') }}"
      }
  when: profile_resp.api_response is defined and profile_resp.api_response

Sandeep Kumar · ‎03-06-2024

Creating a Domain profile is a 3 step process from what I understand. As per your code, you are creating a Switch Profile and associating a policy in a single step, that may be causing this issue. Please use below approach and share if you are still running into any issues.

Step-1: Create Switch Cluster Profile

api/v1/fabric/SwitchClusterProfiles
{
    "Name": "demoX",
    "Organization": {
        "ObjectType": "organization.Organization",
        "Moid": "xxxxxxxxxxxx"
    }
}

Step-2: Create Switch Profiles

/api/v1/fabric/SwitchProfiles
{"Name":"demoX-A","SwitchClusterProfile":"yyyyyyyyyyy"}
yyyyyyyy11111

{"Name":"demoX-B","SwitchClusterProfile":"yyyyyyyyyyy"}
yyyyyyyy22222

Step-3: Associate Policies to the Switch Profiles

api/v1/fabric/SwitchProfiles/yyyyyyyy11111/PolicyBucket
[{"ObjectType":"fabric.EthNetworkPolicy","Moid":"xxxxxx111111"}]

api/v1/fabric/SwitchProfiles/yyyyyyyy22222/PolicyBucket
[{"ObjectType":"fabric.EthNetworkPolicy","Moid":"xxxxxx111111"}]

tdubb123 · ‎03-06-2024

hi

are you saying they should be 3 separate tasks/playbooks

Sandeep Kumar · ‎03-06-2024

Yes, split the task "Configure A Switch Profile" into two tasks:

1. Create Switch Profile

2. Assign Policies to the Switch Profile

tdubb123 · ‎03-06-2024

ok got it working now. thanks

- name: "Configure domain profile"
  vars:
    api_info: &api_info
      api_private_key: "{{ api_private_key }}"
      api_key_id: "{{ api_key_id }}"
      api_uri: "{{ api_uri | default(omit) }}"
      validate_certs: "{{ validate_certs | default(omit) }}"
      state: "{{ state | default(omit) }}"

  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SwitchClusterProfiles
    query_params:
      $filter: "Name eq '{{ profile_name }}'"
    api_body: {
      Name: "{{ profile_name }}",
      Description: "{{ description_of_domain_profile }}",
      Organization: {
          "Moid": "{{ intersight_org.api_response.Moid }}"
        }}  
  register: profile_resp

# Get the Organization Moid
- name: "Get Organization Moid"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /organization/Organizations
    query_params:
      $filter: "Name eq '{{ org_name }}'"
  register: org_resp

  # Get the QoS Policy
- name: "Get Qos Policy Moid"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SystemQosPolicies
    query_params:
      $filter: "Name eq '{{ system_qos_policy_name }}'"
  register: qos_resp

 # Get the Port Policy A
- name: "Get Port Policy A Moid"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/PortPolicies
    query_params:
      $filter: "Name eq '{{ port_policy_name_A  }}'"
  register: portA_resp

 # Get the Port Policy B
- name: "Get Port Policy B Moid"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/PortPolicies
    query_params:
      $filter: "Name eq '{{ port_policy_name_B  }}'"
  register: portB_resp

- name: "get switchcontrol policy"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SwitchControlPolicies
    query_params:
      $filter: "Name eq '{{ switchcontrol_policy_name }}'"
  register: switchcontrol_policy

- name: get snmp policy
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /snmp/Policies
    query_params:
      $filter: "Name eq '{{ snmp_policy_name }}'"
  register: snmp_policy

- name: get network connectivity policy
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /networkconfig/Policies
    query_params:
      $filter: "Name eq '{{ netcon_policy_name }}'"
  register: netcon_policy

- name: get syslog policy
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /syslog/Policies
    query_params:
      $filter: "Name eq '{{ syslog_policy_name }}'"
  register: syslog_policy

# Get Moid for domain_vlan_policy
- name: "Get Moid for Domain VLAN Policy"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/EthNetworkPolicies
    query_params:
      $filter: "Name eq '{{ name_of_vlan_domain_policy }}'"
  register: domain_vlan_policy

- name: "Get Moid for Domain VSAN Policy A"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/FcNetworkPolicies
    query_params:
      $filter: "Name eq '{{ name_of_vsan_policy_A }}'"
  register: vsan_policy_A

- name: "Get Moid for Domain VSAN Policy B"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/FcNetworkPolicies
    query_params:
      $filter: "Name eq '{{ name_of_vsan_policy_B }}'"
  register: vsan_policy_B

# Config Switch Profile A with Policy Bucket
- name: "Configure A Switch Profile"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SwitchProfiles
    query_params:
      $filter: "Name eq '{{ profile_name }}-A'"
    api_body: {
      "Name": "{{ profile_name }}-A",
      "SwitchClusterProfile": {
        "Moid": "{{ profile_resp.api_response.Moid }}"
      },
      "PolicyBucket": [
        {
          "Moid": "{{ portA_resp.api_response.Moid }}",
          "ObjectType": "fabric.PortPolicy"
        },
        {
          "Moid": "{{ qos_resp.api_response.Moid }}",
          "ObjectType": "fabric.SystemQosPolicy"
        },
        {
          "Moid": "{{ switchcontrol_policy.api_response.Moid }}",
          "ObjectType": "fabric.SwitchControlPolicy"
        },
        {
          "Moid": "{{ snmp_policy.api_response.Moid }}",
          "ObjectType": "snmp.Policy"
        },
        {
          "Moid": "{{ netcon_policy.api_response.Moid }}",
          "ObjectType": "networkconfig.Policy"
        },
        {
          "Moid": "{{ syslog_policy.api_response.Moid }}",
          "ObjectType": "syslog.Policy"
        },
        {
          "Moid": "{{ domain_vlan_policy.api_response.Moid }}",
          "ObjectType": "fabric.EthNetworkPolicy"
        },
        {
          "Moid": "{{ vsan_policy_A.api_response.Moid }}",
          "ObjectType": "fabric.FcNetworkPolicy"
        },
      ]
    }
  when: profile_resp.api_response is defined and profile_resp.api_response

# Config Switch Profile B with Policy Bucket
- name: "Configure B Switch Profile"
  cisco.intersight.intersight_rest_api:
    <<: *api_info
    resource_path: /fabric/SwitchProfiles
    query_params:
      $filter: "Name eq '{{ profile_name }}-B'"
    api_body: {
      "Name": "{{ profile_name }}-B",
      "SwitchClusterProfile": {
        "Moid": "{{ profile_resp.api_response.Moid }}"
      },
      "PolicyBucket": [
        {
          "Moid": "{{ portB_resp.api_response.Moid }}",
          "ObjectType": "fabric.PortPolicy"
        },
        {
          "Moid": "{{ qos_resp.api_response.Moid }}",
          "ObjectType": "fabric.SystemQosPolicy"
        },
        {
          "Moid": "{{ switchcontrol_policy.api_response.Moid }}",
          "ObjectType": "fabric.SwitchControlPolicy"
        },
        {
          "Moid": "{{ snmp_policy.api_response.Moid }}",
          "ObjectType": "snmp.Policy"
        },
        {
          "Moid": "{{ netcon_policy.api_response.Moid }}",
          "ObjectType": "networkconfig.Policy"
        },
        {
          "Moid": "{{ syslog_policy.api_response.Moid }}",
          "ObjectType": "syslog.Policy"
        },
        {
          "Moid": "{{ domain_vlan_policy.api_response.Moid }}",
          "ObjectType": "fabric.EthNetworkPolicy"
        },
        {
          "Moid": "{{ vsan_policy_B.api_response.Moid }}",
          "ObjectType": "fabric.FcNetworkPolicy"
        }
      ]
    }
  when: profile_resp.api_response is defined and profile_resp.api_response

tdubb123 · ‎03-07-2024

i have problem with assigning the ntp policy. any idea

- name: get ntp policy
  cisco.intersight.intersight_ntp_policy:
    <<: *api_info
    name: "{{ ntp_policy_name }}"
    ntp_servers: "{{ ntp_server_list }}"
    timezone: "{{ ntp_timezone }}"
    organization: "{{ org_name }}"
  register: ntp_policy

tdubb123 · ‎03-07-2024

 {
          "Moid": "{{ ntp_policy.api_response.Moid }}",
          "ObjectType": "ntp.Policy"
        }

tdubb123 · ‎03-11-2024

not sure why but i tried running this same playbook in a CVA environment and keep getting this error

fatal: [localhost]: FAILED! => {
"msg": "The task includes an option with an undefined variable. The error was: 'dict object' has no attribute 'Moid'. 'dict object' has no attribute 'Moid'\n\nThe error appears to be in '/Users/git/Ansible-Intersight/roles/create_server_policies/tasks/create_domain_profile.yml': line 117, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# Config Switch Profile A with Policy Bucket\n- name: \"Configure A Switch Profile\"\n ^ here\n"
}

tdubb123 · ‎03-11-2024

after i change my org to anther name, the domain profile is no longer woriking. now i am getting this error:

"msg": "API error: (400, 'HTTP Error 400: Bad Request', b'{\"code\":\"InvalidRequest\",\"message\":\"Switch Profile must have a reference to Switch Cluster Profile.\",\"messageId\":\"reno_switch_cluster_profile_required\",\"traceId\":\"uAvT-pr0mEaHVSA94MyPgXeIz767K9u45dfMHg0iDxHR3dU5MSPkhg==\"}') "
}

any idea?

Sandeep Kumar · ‎03-12-2024

Sample code which works in lab:
Steps:

1. Create Domain Cluster Profile

2. Create Switch Profiles

3. Get VLAN Policy and link to Switch Profiles

---
- hosts: localhost
  connection: local
  gather_facts: false
  vars:
    api_info: &api_info
      api_private_key: "{{ api_private_key }}"
      api_key_id: "{{ api_key_id }}"
      api_uri: "https://intersight.com/api/v1"
      validate_certs: "{{ validate_certs }}"
      state: present
    org_name: "default"
    domain_profile_name: "ansible_demoX"
    vlan_policy_name: "demoX"
  tasks:
  # Get Org Info
  - name: Get Organization Info
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: /organization/Organizations
      query_params:
        $filter: "Name eq '{{ org_name }}'"
    register: org_info

  - name: Print Organization Moid
    ansible.builtin.debug:
      var: org_info.api_response.Moid

  # Create Domain Cluster Profile
  - name: Create Domain Cluster Profile
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: /fabric/SwitchClusterProfiles
      api_body: {
        "Organization": {
            "ObjectType": "organization.Organization",
            "Moid": "{{ org_info.api_response.Moid }}"
        },
        "Name": "{{ domain_profile_name }}"
      }
      state: present
    register: domain_profile_X

  - name: Print Domain Profile Moid
    ansible.builtin.debug:
      var: domain_profile_X.api_response.Moid


  # Get Domain Switch-A Profile
  - name: Create Domain Switch-A Profile
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: /fabric/SwitchProfiles
      api_body: {
        "SwitchClusterProfile": "{{ domain_profile_X.api_response.Moid }}",
        "Name": "{{ domain_profile_name }}-A"
      }
      state: present
      update_method: "post"
    register: domain_profile_XA

  - name: Print Domain Switch-A Profile Moid
    ansible.builtin.debug:
      var: domain_profile_XA.api_response.Moid

  - name: Print Domain Switch-A Profile Name
    ansible.builtin.debug:
      var: domain_profile_XA.api_response.Name

  # Create Domain Switch-B Profile
  - name: Create Domain Switch-B Profile
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: /fabric/SwitchProfiles
      api_body: {
        "SwitchClusterProfile": "{{ domain_profile_X.api_response.Moid }}",
        "Name": "{{ domain_profile_name }}-B"
      }
      state: present
      update_method: "post"
    register: domain_profile_XB

  - name: Print Domain Switch-B Profile Moid
    ansible.builtin.debug:
      var: domain_profile_XB.api_response.Moid

  - name: Print Domain Switch-B Profile Name
    ansible.builtin.debug:
      var: domain_profile_XB.api_response.Name


  # Get VLAN Policy Info
  - name: Get VLAN Policy
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: "/fabric/EthNetworkPolicies"
      query_params:
        $filter: "Name eq '{{ vlan_policy_name }}'"
    register: vlan_policy_X

  - name: Print VLAN Policy
    ansible.builtin.debug:
      var: vlan_policy_X.api_response.Moid


  # Add VLAN Policy to the Domain Switch-A Profile
  - name: Add VLAN Policy to Domain Switch-A Profile
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: "/fabric/SwitchProfiles/{{ domain_profile_XA.api_response.Moid }}"
      api_body: {
        "PolicyBucket": [
          {
            "ObjectType": "fabric.EthNetworkPolicy",
            "Moid": "{{ vlan_policy_X.api_response.Moid }}"
          }
        ]
      }
      state: present
    register: domain_profile_XA_update

  - name: Print Updated Domain Switch-A Profile
    ansible.builtin.debug:
      var: domain_profile_XA_update.api_response

  # Add VLAN Policy to the Domain Switch-B Profile
  - name: Add VLAN Policy to Domain Switch-B Profile
    cisco.intersight.intersight_rest_api:
      <<: *api_info
      resource_path: "/fabric/SwitchProfiles/{{ domain_profile_XB.api_response.Moid }}"
      api_body: {
        "PolicyBucket": [
          {
            "ObjectType": "fabric.EthNetworkPolicy",
            "Moid": "{{ vlan_policy_X.api_response.Moid }}"
          }
        ]
      }
      state: present
    register: domain_profile_XB_update

  - name: Print Updated Domain Switch-B Profile
    ansible.builtin.debug:
      var: domain_profile_XB_update.api_response