Note
This plugin is part of the community.general collection.
To install it use: ansible-galaxy collection install community.general.
To use it in a playbook, specify: community.general.rax_clb_ssl.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| api_key string | Rackspace API key, overrides credentials. aliases: password | |
| auth_endpoint string | Default: "https://identity.api.rackspacecloud.com/v2.0/" | The URI of the authentication service. |
| certificate string | The public SSL certificates as a string in PEM format. | |
| credentials path | File to find the Rackspace credentials in. Ignored if api_key and username are provided. aliases: creds_file | |
| enabled boolean |
| If set to "false", temporarily disable SSL termination without discarding existing credentials. |
| env string | Environment as configured in ~/.pyrax.cfg, see https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration. | |
| https_redirect boolean |
| If "true", the load balancer will redirect HTTP traffic to HTTPS. Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL termination is also applied or removed. |
| identity_type string | Default: "rackspace" | Authentication mechanism to use, such as rackspace or keystone. |
| intermediate_certificate string | One or more intermediate certificate authorities as a string in PEM format, concatenated into a single string. | |
| loadbalancer string / required | Name or ID of the load balancer on which to manage SSL termination. | |
| private_key string | The private SSL key as a string in PEM format. | |
| region string | Default: "DFW" | Region to create an instance in. |
| secure_port string | Default: 443 | The port to listen for secure traffic. |
| secure_traffic_only boolean |
| If "true", the load balancer will *only* accept secure traffic. |
| state string |
| If set to "present", SSL termination will be added to this load balancer. If "absent", SSL termination will be removed instead. |
| tenant_id string | The tenant ID used for authentication. | |
| tenant_name string | The tenant name used for authentication. | |
| username string | Rackspace username, overrides credentials. | |
| validate_certs boolean |
| Whether or not to require SSL validation of API endpoints. aliases: verify_ssl |
| wait boolean |
| Wait for the balancer to be in state "running" before turning. |
| wait_timeout string | Default: 300 | How long before "wait" gives up, in seconds. |
Note
RAX_USERNAME, RAX_API_KEY, RAX_CREDS_FILE, RAX_CREDENTIALS, RAX_REGION.RAX_CREDENTIALS and RAX_CREDS_FILE points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating
RAX_USERNAME and RAX_API_KEY obviate the use of a credentials fileRAX_REGION defines a Rackspace Public Cloud region (DFW, ORD, LON, …)RAX_USERNAME, RAX_API_KEY, RAX_CREDS_FILE, RAX_CREDENTIALS, RAX_REGION.RAX_CREDENTIALS and RAX_CREDS_FILE points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating
RAX_USERNAME and RAX_API_KEY obviate the use of a credentials fileRAX_REGION defines a Rackspace Public Cloud region (DFW, ORD, LON, …)- name: Enable SSL termination on a load balancer
community.general.rax_clb_ssl:
loadbalancer: the_loadbalancer
state: present
private_key: "{{ lookup('file', 'credentials/server.key' ) }}"
certificate: "{{ lookup('file', 'credentials/server.crt' ) }}"
intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}"
secure_traffic_only: true
wait: true
- name: Disable SSL termination
community.general.rax_clb_ssl:
loadbalancer: "{{ registered_lb.balancer.id }}"
state: absent
wait: true
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/general/rax_clb_ssl_module.html