aci_epg_to_contract module does not work for associating contracts to Node mgmt EPGs (DCNE-87)

[Ziaf007]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

• The cisco.aci.aci_epg_to_contract module requires the user to specify the Application Profile (AP) under which, the EPG(fvAEPg) is configured. However, the node Mgmt EPGs(mgmtInb, mgmtOob) are not classified under any AP, and neither is there any exclusive module for associating contracts to node Mgmt EPGs. The MOs considered in binding the contract are same (fvRsCons, fvRsProv) irrespective of the EPG, so it misleads to the module aci_epg_to_contract which is said to be configuring the MOs fvRsCons and fvRsProv
• Here is the task in my playbook for reference:

   - name: Add a new contract to EPG binding
      cisco.aci.aci_epg_to_contract:
        host:  "{{ ansible_host }}"
        username: "{{ username }}"
        password: "{{ password }}"
        tenant: "mgmt"
        epg: "Inb_EPG"
        contract: "ND_to_inb"
        contract_type: "provider"
        state: present
        validate_certs: false

Affected Module Name(s):

cisco.aci.aci_epg_to_contract

APIC version and APIC Platform

• V 6.0(3e) and on-prem

Collection versions

• cisco.aci 2.9.0

Output/ Error message

TASK [Add a new contract to EPG binding] *****************************************************************************************************************
fatal: [bgl-aci13-apic1.cisco.com]: FAILED! => {"changed": false, "msg": "state is present but all of the following are missing: ap"}

Expected Behavior

• The AP parameter should not be mandatory

Actual Behavior

• The AP parameter is mandatory and node mgmt EPGs do not have an AP

Playbook tasks to Reproduce

• -) cisco.aci.aci_node_mgmt_epg to create the node mgmt EPG
• -) cisco.aci.aci_contract to create a contract
• -) cisco.aci.aci_epg_to_contract to bind the contract to the EPG (fvRsCons, fvRsProv) >>>>>> FAILING

Important Factoids

-) The task runs on multiple different ACI versions.
-) validated_certs is set to False
-) playbook runs on remote APIC, instead of delegating to localhost(running MAC OS)
-) Multiple hosts sitting in 2 different /24 subnets
-) akinross has informed that this behaviour has not been brought up before

References

• #0000

[shrsr]

@Ziaf007 Thank you for opening the issue. Our team will look into this and get back to you.

[Ziaf007]

I'd like to work on this issue.