Terraform Cisco NX-OS EVPN Overlay Module
This module can manage a Cisco Nexus 9000 EVPN fabric overlay.
The following assumptions have been made:
A working underlay network including VTEP loopbacks is pre-configured (e.g., using the EVPN OSPF Underlay Terraform Module )
A single BGP AS is used for all devices with spines acting as route reflectors
All services will be provisioned on all leafs
No L2 or L3 access interfaces will be provisioned
A l3_service
refers to a single VRF and L3 VNI
A l2_service
refers to a single L2 VNI with or without an SVI (VLAN interface)
An SVI (VLAN interface) will be provisioned as an anycast gateway on all leafs
If no ipv4_multicast_group
is configured ingress replication will be used
module "nxos_evpn_overlay" {
source = " netascode/evpn-overlay/nxos"
version = " >= 0.3.0"
leafs = [" LEAF-1" , " LEAF-2" ]
spines = [" SPINE-1" , " SPINE-2" ]
underlay_loopback_id = 0
underlay_loopbacks = [
{
device = " SPINE-1" ,
ipv4_address = " 10.1.100.1"
},
{
device = " SPINE-2" ,
ipv4_address = " 10.1.100.2"
},
{
device = " LEAF-1" ,
ipv4_address = " 10.1.100.3"
},
{
device = " LEAF-2" ,
ipv4_address = " 10.1.100.4"
}
]
vtep_loopback_id = 1
bgp_asn = 65000
l3_services = [
{
name = " GREEN"
id = 1000
},
{
name = " BLUE"
id = 1010
}
]
l2_services = [
{
name = " L2_101"
id = 101
ipv4_multicast_group = " 225.0.0.101"
},
{
name = " L2_102"
id = 102
},
{
name = " GREEN_1001"
id = 1001
ipv4_multicast_group = " 225.0.1.1"
l3_service = " GREEN"
ipv4_address = " 172.16.1.1/24"
},
{
name = " BLUE_1011"
id = 1011
l3_service = " BLUE"
ipv4_address = " 172.17.1.1/24"
}
]
}
Name
Version
nxos
>= 0.5.0
Name
Description
Type
Default
Required
leafs
List of leaf device names. This list of devices must also be added to the provider configuration.
set(string)
[]
no
spines
List of spine device names. This list of devices must also be added to the provider configuration.
set(string)
[]
no
underlay_loopback_id
Loopback ID used for underlay routing and BGP.
number
0
no
underlay_loopbacks
List of underlay loopback interfaces. These loopbacks are assumed to be pre-configured on every device.
list(object({ device = string ipv4_address = string }))
[]
no
vtep_loopback_id
Loopback ID used for VTEP loopbacks. These loopbacks are assumed to be pre-configured on all leafs.
number
1
no
bgp_asn
BGP AS number.
number
65000
no
l3_services
List of L3 services. name
is the VRF name. id
is the core-facing SVI VLAN ID. If no ipv4_multicast_group
is specified, ingress replication will be used.
list(object({ name = string id = number }))
[]
no
l2_services
List of L2 services. id
is the access VLAN ID. If no ipv4_multicast_group
is specified, ingress replication will be used.
list(object({ name = string id = number ipv4_multicast_group = optional(string) l3_service = optional(string) ipv4_address = optional(string) }))
[]
no
No outputs.