rax_clb_ssl - Manage SSL termination for a Rackspace Cloud Load Balancer.
New in version 2.0.
Synopsis
- Set up, reconfigure, or remove SSL termination for an existing load balancer.
Requirements (on host that executes module)
- python >= 2.6
- pyrax
Options
parameter | required | default | choices | comments |
---|---|---|---|---|
api_key | no | Rackspace API key, overrides credentials. aliases: password | ||
certificate | no | The public SSL certificates as a string in PEM format. | ||
credentials | no | File to find the Rackspace credentials in. Ignored if api_key and username are provided. aliases: creds_file | ||
enabled | no | True | If set to "false", temporarily disable SSL termination without discarding existing credentials. | |
env (added in 1.5)
| no | Environment as configured in ~/.pyrax.cfg, see https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration. | ||
https_redirect | no | If "true", the load balancer will redirect HTTP traffic to HTTPS. Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL termination is also applied or removed. | ||
intermediate_certificate | no | One or more intermediate certificate authorities as a string in PEM format, concatenated into a single string. | ||
loadbalancer | yes | Name or ID of the load balancer on which to manage SSL termination. | ||
private_key | no | The private SSL key as a string in PEM format. | ||
region | no | DFW | Region to create an instance in. | |
secure_port | no | 443 | The port to listen for secure traffic. | |
secure_traffic_only | no | If "true", the load balancer will *only* accept secure traffic. | ||
state | no | present |
| If set to "present", SSL termination will be added to this load balancer. If "absent", SSL termination will be removed instead. |
username | no | Rackspace username, overrides credentials. | ||
verify_ssl (added in 1.5)
| no | Whether or not to require SSL validation of API endpoints. | ||
wait | no | Wait for the balancer to be in state "running" before turning. | ||
wait_timeout | no | 300 | How long before "wait" gives up, in seconds. |
Examples
- name: Enable SSL termination on a load balancer rax_clb_ssl: loadbalancer: the_loadbalancer state: present private_key: "{{ lookup('file', 'credentials/server.key' ) }}" certificate: "{{ lookup('file', 'credentials/server.crt' ) }}" intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}" secure_traffic_only: true wait: true - name: Disable SSL termination rax_clb_ssl: loadbalancer: "{{ registered_lb.balancer.id }}" state: absent wait: true
Notes
Note
- The following environment variables can be used,
RAX_USERNAME
,RAX_API_KEY
,RAX_CREDS_FILE
,RAX_CREDENTIALS
,RAX_REGION
. -
RAX_CREDENTIALS
andRAX_CREDS_FILE
points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating -
RAX_USERNAME
andRAX_API_KEY
obviate the use of a credentials file -
RAX_REGION
defines a Rackspace Public Cloud region (DFW, ORD, LON, ...)
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/rax_clb_ssl_module.html