rax_clb_ssl - Manage SSL termination for a Rackspace Cloud Load Balancer.
New in version 2.0.
Synopsis
- Set up, reconfigure, or remove SSL termination for an existing load balancer.
Requirements
The below requirements are needed on the host that executes this module.
- pyrax
- python >= 2.6
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| api_key |
Rackspace API key, overrides credentials.
aliases: password |
|
| auth_endpoint
(added in 1.5)
|
Default:
"https://identity.api.rackspacecloud.com/v2.0/"
|
The URI of the authentication service.
|
| certificate |
The public SSL certificates as a string in PEM format.
|
|
| credentials |
File to find the Rackspace credentials in. Ignored if api_key and username are provided.
aliases: creds_file |
|
| enabled | Default:
"yes"
|
If set to "false", temporarily disable SSL termination without discarding
existing credentials.
|
| env
(added in 1.5)
|
Environment as configured in ~/.pyrax.cfg, see https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration.
|
|
| https_redirect |
If "true", the load balancer will redirect HTTP traffic to HTTPS.
Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL
termination is also applied or removed.
|
|
| identity_type
(added in 1.5)
|
Default:
"rackspace"
|
Authentication mechanism to use, such as rackspace or keystone.
|
| intermediate_certificate |
One or more intermediate certificate authorities as a string in PEM
format, concatenated into a single string.
|
|
| loadbalancer
required
|
Name or ID of the load balancer on which to manage SSL termination.
|
|
| private_key |
The private SSL key as a string in PEM format.
|
|
| region | Default:
"DFW"
|
Region to create an instance in.
|
| secure_port | Default:
443
|
The port to listen for secure traffic.
|
| secure_traffic_only | Default:
"no"
|
If "true", the load balancer will *only* accept secure traffic.
|
| state |
|
If set to "present", SSL termination will be added to this load balancer.
If "absent", SSL termination will be removed instead.
|
| tenant_id
(added in 1.5)
|
The tenant ID used for authentication.
|
|
| tenant_name
(added in 1.5)
|
The tenant name used for authentication.
|
|
| username |
Rackspace username, overrides credentials.
|
|
| verify_ssl
(added in 1.5)
|
Whether or not to require SSL validation of API endpoints.
|
|
| wait | Default:
"no"
|
Wait for the balancer to be in state "running" before turning.
|
| wait_timeout | Default:
300
|
How long before "wait" gives up, in seconds.
|
Notes
Note
- The following environment variables can be used,
RAX_USERNAME,RAX_API_KEY,RAX_CREDS_FILE,RAX_CREDENTIALS,RAX_REGION. RAX_CREDENTIALSandRAX_CREDS_FILEpoints to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticatingRAX_USERNAMEandRAX_API_KEYobviate the use of a credentials fileRAX_REGIONdefines a Rackspace Public Cloud region (DFW, ORD, LON, …)- The following environment variables can be used,
RAX_USERNAME,RAX_API_KEY,RAX_CREDS_FILE,RAX_CREDENTIALS,RAX_REGION. RAX_CREDENTIALSandRAX_CREDS_FILEpoints to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticatingRAX_USERNAMEandRAX_API_KEYobviate the use of a credentials fileRAX_REGIONdefines a Rackspace Public Cloud region (DFW, ORD, LON, …)
Examples
- name: Enable SSL termination on a load balancer
rax_clb_ssl:
loadbalancer: the_loadbalancer
state: present
private_key: "{{ lookup('file', 'credentials/server.key' ) }}"
certificate: "{{ lookup('file', 'credentials/server.crt' ) }}"
intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}"
secure_traffic_only: true
wait: true
- name: Disable SSL termination
rax_clb_ssl:
loadbalancer: "{{ registered_lb.balancer.id }}"
state: absent
wait: true
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Maintenance
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Author
- Ash Wilson
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/rax_clb_ssl_module.html