search

netascode / terraform-aci-nac-aci

Terraform Cisco ACI Nexus-as-Code Module
https://registry.terraform.io/modules/netascode/nac-aci/aci
Apache License 2.0
17 stars 14 forks source link

Multiple sr_mpls_infra_l3out entries in sr_mpls_l3outs ? #55

Closed gdenxo closed 1 week ago

gdenxo commented 4 months ago

Hello,

First of all, thanks for your work, that's great !

I'm using 4 SR-MPLS_L3OUT in the infra tenant : SR-MPLS_RT1, SR-MPLS_RT2, SR-MPLS_RT3 and SR-MPLS_RT4. In a tenant configuration on nac yaml files, i would like to add all 4 sr_mpls_infra_l3out entries in 1 sr_mpls_l3outs like this (with 2) :

      sr_mpls_l3outs:
        - name: SR-MPLS_DEV
          external_endpoint_groups:
              - name: ExtEPG_SR-MPLS_DEV
                subnets:
                  - prefix: 0.0.0.0/0
                contracts:
                  consumers:
                  - Contract_Permit-All_DEV
          vrf: VRF_DEV
          sr_mpls_infra_l3out: SR-MPLS_L3Out_RT1
          outbound_route_map: RM4RC_export_RT1
          inbound_route_map: RM4RC_import_RT1
          sr_mpls_infra_l3out: SR-MPLS_L3Out_RT2
          outbound_route_map: RM4RC_export_RT2
          inbound_route_map: RM4RC_import_RT2

I understand with the online documentation that sr_mpls_infra_l3out, outbound_route_map and inbound_route_map are strings and then cannot be duplicate.

Confirmed by terraform's error :

terraform apply
module.aci.data.utils_yaml_merge.model: Reading...
╷
│ Error: Error reading YAML string
│
│   with module.aci.data.utils_yaml_merge.model,
│   on .terraform\modules\aci\merge.tf line 20, in data "utils_yaml_merge" "model":
│   20: data "utils_yaml_merge" "model" {
│
│ Error reading YAML string: yaml: unmarshal errors:
│   line 137: mapping key "sr_mpls_infra_l3out" already defined at line 133
│   line 138: mapping key "outbound_route_map" already defined at line 134
│   line 139: mapping key "inbound_route_map" already defined at line 135

I was able to create 4 sr_mpls_l3outs with 1 sr_mpls_infra_l3out on each but that is not the way it should work because it adds 3 more L3Out per tenant. It would be nice to be capable of associate different outbound_route_map and inbound_route_map (and even external_endpoint_groups) to each sr_mpls_infra_l3out ! Is there a way to do this configuration ? Or should I wait for an upcoming release with this feature ? A maybe a "feature request" ?

Thank you.

juchowan commented 4 months ago

Hi, Single tenant SR MPLS L3OUT can only have reference to one infra SR MPLS L3out, you cannot make multiple references, even you try to do the same operation from GUI. I can see your infra SR MPLS L3outs are called with the external router names - perhaps it would be better to combine all 4 routers under single SR MPLS L3out with multiple Node/Interface Profiles per external router? In this way you wouldn't need to have 4 references from the user tenant.

gdenxo commented 4 months ago

Hi,

I understand what you said but if I do 1 SR-MPLS containing 4 nodes profiles on the infra tenant, I haven't find a way to add some more information like priority (with Set Rules) on the client tenant side.

For exemple on the gui : SR-MPLSX2

I tested it on a "real" testing environnement and this configuration was working well.

danischm commented 1 month ago

This will be addressed in the next release.