Note
This plugin is part of the community.general collection (version 3.8.1).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.rax_clb_ssl.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| api_key string | Rackspace API key, overrides credentials. aliases: password | |
| auth_endpoint string | The URI of the authentication service. If not specified will be set to https://identity.api.rackspacecloud.com/v2.0/
| |
| certificate string | The public SSL certificates as a string in PEM format. | |
| credentials path | File to find the Rackspace credentials in. Ignored if api_key and username are provided. aliases: creds_file | |
| enabled boolean |
| If set to "false", temporarily disable SSL termination without discarding existing credentials. |
| env string | Environment as configured in ~/.pyrax.cfg, see https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration. | |
| https_redirect boolean |
| If "true", the load balancer will redirect HTTP traffic to HTTPS. Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL termination is also applied or removed. |
| identity_type string | Default: "rackspace" | Authentication mechanism to use, such as rackspace or keystone. |
| intermediate_certificate string | One or more intermediate certificate authorities as a string in PEM format, concatenated into a single string. | |
| loadbalancer string / required | Name or ID of the load balancer on which to manage SSL termination. | |
| private_key string | The private SSL key as a string in PEM format. | |
| region string | Region to create an instance in. | |
| secure_port integer | Default: 443 | The port to listen for secure traffic. |
| secure_traffic_only boolean |
| If "true", the load balancer will *only* accept secure traffic. |
| state string |
| If set to "present", SSL termination will be added to this load balancer. If "absent", SSL termination will be removed instead. |
| tenant_id string | The tenant ID used for authentication. | |
| tenant_name string | The tenant name used for authentication. | |
| username string | Rackspace username, overrides credentials. | |
| validate_certs boolean |
| Whether or not to require SSL validation of API endpoints. aliases: verify_ssl |
| wait boolean |
| Wait for the balancer to be in state "running" before turning. |
| wait_timeout integer | Default: 300 | How long before "wait" gives up, in seconds. |
Note
RAX_USERNAME, RAX_API_KEY, RAX_CREDS_FILE, RAX_CREDENTIALS, RAX_REGION.RAX_CREDENTIALS and RAX_CREDS_FILE points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating
RAX_USERNAME and RAX_API_KEY obviate the use of a credentials fileRAX_REGION defines a Rackspace Public Cloud region (DFW, ORD, LON, …)RAX_USERNAME, RAX_API_KEY, RAX_CREDS_FILE, RAX_CREDENTIALS, RAX_REGION.RAX_CREDENTIALS and RAX_CREDS_FILE points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating
RAX_USERNAME and RAX_API_KEY obviate the use of a credentials fileRAX_REGION defines a Rackspace Public Cloud region (DFW, ORD, LON, …)- name: Enable SSL termination on a load balancer
community.general.rax_clb_ssl:
loadbalancer: the_loadbalancer
state: present
private_key: "{{ lookup('file', 'credentials/server.key' ) }}"
certificate: "{{ lookup('file', 'credentials/server.crt' ) }}"
intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}"
secure_traffic_only: true
wait: true
- name: Disable SSL termination
community.general.rax_clb_ssl:
loadbalancer: "{{ registered_lb.balancer.id }}"
state: absent
wait: true
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/general/rax_clb_ssl_module.html