Enhancement: Create resource and datasource for igmpIfP

joeTheK commented 5 days ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

I am trying to create a L3BD and have no idea how to relate the igmp interface policy to the bridge domain. After some digging it look s like there is no relationship built into the bridge domain class.

New or Affected Resource(s) + ACI Class(es):

aci_bridge_domain + fvBD

aci_XXXXX + fv:XXXX

policy resource already implemented: aci_igmp_interface_policy class for policy: igmpIfPol

APIC version and APIC Platform

V x.x.x and on-prem/cloud-aws/cloud-azure/all. V 2.14.0
Potential Terraform Configuration

n/a

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

References

0000

akinross commented 5 days ago

Hi @joeTheK,

Currently this is not supported in the aci terraform provider yet, but you can leverage the aci_rest_managed resource as shown in example below to achieve this.

resource "aci_tenant" "test" {
  name = "abr_tenant"
}

resource "aci_bridge_domain" "test" {
  name = "abr_bd"
  tenant_dn = aci_tenant.test.id
}

resource "aci_rest_managed" "test" {
  dn         = "${aci_bridge_domain.test.id}/igmpIfP"
  class_name = "igmpIfP"
  child {
    rn         = "rsIfPol"
    class_name = "igmpRsIfPol"
    content = {
      tDn = "uni/tn-abr_tenant/igmpIfPol-abr_igmp_int_policy"
    }
  }
}

I will be add this issue to the open TODO list so we can prioritise and create new resource and data source for the igmpIfP class.

joeTheK commented 4 days ago

Thanks for the reply @akinross but I believe my issue was misunderstood.

The resource and data source for the igmpIfP class exists. https://registry.terraform.io/providers/CiscoDevNet/aci/latest/docs/resources/igmp_interface_policy

The issue is that you cannot relate this class to a bridge domain like is available in the apic GUI. (see image below)

What I cannot find in the documentation/code is a relation to add this policy to a bridge domain via terraform like other policies (example below)

  # the three below exist within
  relation_fv_rs_igmpsn = local.l2bd_pol.igmpSnoop
  relation_fv_rs_mldsn = local.l2bd_pol.mldSnoop
  relation_fv_rs_bd_to_ep_ret = local.l2bd_pol.eprPol

  # what I want
  # relation_fv_rs_igmpifp = aci_igmp_interface_policy.igmpifpol.id

And thanks for the code snippet, that is currently how I am relating the two.

akinross commented 4 days ago

Hi @joeTheK,

I believe I understood you correctly but let me try to explain my train of thought.

The aci_igmp_interface_policy refers to the igmpIfPol. Which is creating the actual interface policy. My understanding is that you are trying to form the relation from BD to this IGMP interface policy. It is a bit confusing and I would from consistency point of view perhaps also expected a name like fvRs. However for BD per my understanding this is different and you would require a igmpIfP ( notice to slight difference in classname compared to igmpIfPol like also referred to in the terraform registry documentation ) to be created first on the BD which has a relationship pointing to the IGMP interface policy through it's child igmpRsIfPol. You could verify this configuration by configuring it via the UI and using the model explorer.

So regarding the enhancement it would be a new resource for this specific class, since we typically only add relationship class to the parent resource. There is currently some work being done at the moment that might provide the possibility to include this into the resource it self.

joeTheK commented 4 days ago

Ah okay, thank you for the clarification, I am new to this so that was helpful, thanks!

akinross commented 4 days ago

Hi,

Sure no worries, some of the things are also a bit confusing so feel free to ask questions. On top of that we are also working on migration to hashicorp's plugin framework for our current resources ( we started with ESG, see pr https://github.com/CiscoDevNet/terraform-provider-aci/pull/1223 ). EPG and BD are next candidates as soon as the PR is merged.

CiscoDevNet / terraform-provider-aci