Documentation

vmware_dvs_portgroup - Create or remove a Distributed vSwitch portgroup.

New in version 2.0.

Synopsis

  • Create or remove a Distributed vSwitch portgroup.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6
  • PyVmomi

Parameters

Parameter
Choices/Defaults
Comments
hostname
required
The hostname or IP address of the vSphere vCenter.
network_policy
(added in 2.5)
Default:
{'promiscuous': False, 'forged_transmits': False, 'mac_changes': False}
Dictionary which configures the different security values for portgroup.
Valid attributes are:
- promiscuous (bool): indicates whether promiscuous mode is allowed. (default: false)
- forged_transmits (bool): indicates whether forged transmits are allowed. (default: false)
- mac_changes (bool): indicates whether mac changes are allowed. (default: false)
num_ports
required
The number of ports the portgroup should contain.
password
required
The password of the vSphere vCenter.

aliases: pass, pwd
port
(added in 2.5)
Default:
443
The port number of the vSphere vCenter or ESXi server.
port_policy
(added in 2.5)
Default:
{'traffic_filter_override': False, 'network_rp_override': False, 'live_port_move': False, 'security_override': False, 'vendor_config_override': False, 'port_config_reset_at_disconnect': True, 'uplink_teaming_override': False, 'block_override': True, 'shaping_override': False, 'vlan_override': False, 'ipfix_override': False}
Dictionary which configures the advanced policy settings for the portgroup.
Valid attributes are:
- block_override (bool): indicates if the block policy can be changed per port. (default: true)
- ipfix_override (bool): indicates if the ipfix policy can be changed per port. (default: false)
- live_port_move (bool): indicates if a live port can be moved in or out of the portgroup. (default: false)
- network_rp_override (bool): indicates if the network resource pool can be changed per port. (default: false)
- port_config_reset_at_disconnect (bool): indicates if the configuration of a port is reset automatically after disconnect. (default: true)
- security_override (bool): indicates if the security policy can be changed per port. (default: false)
- shaping_override (bool): indicates if the shaping policy can be changed per port. (default: false)
- traffic_filter_override (bool): indicates if the traffic filter can be changed per port. (default: false)
- uplink_teaming_override (bool): indicates if the uplink teaming policy can be changed per port. (default: false)
- vendor_config_override (bool): indicates if the vendor config can be changed per port. (default: false)
- vlan_override (bool): indicates if the vlan can be changed per port. (default: false)
portgroup_name
required
The name of the portgroup that is to be created or deleted.
portgroup_type
required
    Choices:
  • earlyBinding
  • lateBinding
  • ephemeral
See VMware KB 1022312 regarding portgroup types.
state
required

(added in 2.5)
    Choices:
  • no
  • yes
Determines if the portgroup should be present or not.
switch_name
required
The name of the distributed vSwitch the port group should be created on.
teaming_policy
(added in 2.5)
Default:
{'notify_switches': True, 'load_balance_policy': 'loadbalance_srcid', 'inbound_policy': False, 'rolling_order': False}
Dictionary which configures the different teaming values for portgroup.
Valid attributes are:
- load_balance_policy (string): Network adapter teaming policy. (default: loadbalance_srcid)
- choices: [ loadbalance_ip, loadbalance_srcmac, loadbalance_srcid, failover_explicit]
- inbound_policy (bool): Indicate whether or not the teaming policy is applied to inbound frames as well. (default: False)
- notify_switches (bool): Indicate whether or not to notify the physical switch if a link fails. (default: True)
- rolling_order (bool): Indicate whether or not to use a rolling policy when restoring links. (default: False)
username
required
The username of the vSphere vCenter.

aliases: user, admin
validate_certs
    Choices:
  • no
  • yes
Default:
True
Allows connection when SSL certificates are not valid. Set to false when certificates are not trusted.
vlan_id
required
The VLAN ID that should be configured with the portgroup, use 0 for no VLAN.
If vlan_trunk is configured to be true, this can be a range, example: 1-4094.
vlan_trunk
(added in 2.5)
    Choices:
  • no ←
  • yes
Indicates whether this is a VLAN trunk or not.

Notes

Note

  • Tested on vSphere 5.5
  • Tested on vSphere 6.5

Examples

- name: Create vlan portgroup
  connection: local
  vmware_dvs_portgroup:
     hostname: vcenter_ip_or_hostname
     username: vcenter_username
     password: vcenter_password
     portgroup_name: vlan-123-portrgoup
     switch_name: dvSwitch
     vlan_id: 123
     num_ports: 120
     portgroup_type: earlyBinding
     state: present

- name: Create vlan trunk portgroup
  connection: local
  vmware_dvs_portgroup:
     hostname: vcenter_ip_or_hostname
     username: vcenter_username
     password: vcenter_password
     portgroup_name: vlan-trunk-portrgoup
     switch_name: dvSwitch
     vlan_id: 1-1000
     vlan_trunk: True
     num_ports: 120
     portgroup_type: earlyBinding
     state: present

- name: Create no-vlan portgroup
  connection: local
  vmware_dvs_portgroup:
     hostname: vcenter_ip_or_hostname
     username: vcenter_username
     password: vcenter_password
     portgroup_name: no-vlan-portrgoup
     switch_name: dvSwitch
     vlan_id: 0
     num_ports: 120
     portgroup_type: earlyBinding
     state: present

- name: Create vlan portgroup with all security and port policies
  connection: local
  vmware_dvs_portgroup:
     hostname: vcenter_ip_or_hostname
     username: vcenter_username
     password: vcenter_password
     portgroup_name: vlan-123-portrgoup
     switch_name: dvSwitch
     vlan_id: 123
     num_ports: 120
     portgroup_type: earlyBinding
     state: present
     network_policy:
       promiscuous: yes
       forged_transmits: yes
       mac_changes: yes
     port_policy:
       block_override: yes
       ipfix_override: yes
       live_port_move: yes
       network_rp_override: yes
       port_config_reset_at_disconnect: yes
       security_override: yes
       shaping_override: yes
       traffic_filter_override: yes
       uplink_teaming_override: yes
       vendor_config_override: yes
       vlan_override: yes

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

Hint

If you notice any issues in this documentation you can edit this document to improve it.