Skip to content

Added support for Static AAEPs via EPG - fvRsAepAtt #279

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
manofcolombia wants to merge 7 commits into
base: main
Choose a base branch
from
Open

Added support for Static AAEPs via EPG - fvRsAepAtt #279

manofcolombia wants to merge 7 commits into from

Conversation

@manofcolombia
Copy link

@manofcolombia manofcolombia commented Aug 6, 2025

Tested on apic: 6.1.3g

Here is a sample of the yaml for updating the nac json schema

endpoint_groups:
  - name: TEST_EPG
    static_aaeps:
      - aaep: TEST_AAEP (required)
        encap: 1500  (required)
        primary_encap: <int> (optional)
        mode: <default: regular> (optional)
        deployment_immediacy: <default: lazy> (optional)

@manofcolombia manofcolombia mentioned this pull request Aug 11, 2025
Closed
@manofcolombia
Copy link
Author

manofcolombia commented Aug 11, 2025
edited
Loading

In this state, subsequent deployments of fvRsAepAtt objects will consistently come back with changed annotations due to annotation being utilized to indicate if the relationship to AAEP has been formed properly.

  # module.nac_aci.module.aci_endpoint_group["LU/NUTANIX_APP_PROF/AHVPROD_EPG"].aci_rest_managed.fvRsAepAtt["AHV_AAEP"] will be updated in-place
  ~ resource "aci_rest_managed" "fvRsAepAtt" {
      ~ annotation  = "FORMED" -> "orchestrator:terraform"
        id          = "uni/tn-LU/ap-NUTANIX_APP_PROF/epg-AHVPROD_EPG/rsaepAtt-AHV_AAEP"
        # (4 unchanged attributes hidden)
    }

I have not seen an annotation used to indicate the formation of a relationship before. Is this intended or a misuse of annotation? For now I have set annotation to be ignored.

@manofcolombia manofcolombia mentioned this pull request Aug 14, 2025
Open
@camrossi
Copy link
Contributor

camrossi commented Nov 18, 2025

@manofcolombia Let me try to figure out the issue with the Annotation but this is also the case in ACI 614h so for now I think we can just ignore it as you did in the code and potentially improve this once ACI address this.

@camrossi
Copy link
Contributor

camrossi commented Nov 19, 2025
edited
Loading

@manofcolombia I have confirmed with engineering this was an oversight and will be fixed in an upcoming release but for now we need to go on with your workaround. I will open a cisco defect and link it here tomorrow :)

@manofcolombia
Copy link
Author

manofcolombia commented Nov 19, 2025

@manofcolombia I have confirmed with engineering this was an oversight and will be fixed in an upcoming release but for now we need to go on with your workaround. I will open a cisco defect and link it here tomorrow :)

Thanks for looking into this. I will be interested in the bug id, once it's public. I've got a few things manually deployed this way already so I just want to be aware when they change the object props to test it in my lab before the prod upgrade.

@camrossi
Copy link
Contributor

camrossi commented Nov 20, 2025

@manofcolombia I have created the bug: CSCws18431 ACI fvRsAepAtt annotation should not be set by APIC

Might take a moment before is available publicly

@jmmarquezg jmmarquezg mentioned this pull request Dec 6, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@manofcolombia @camrossi