New in version 2.1.
The below requirements are needed on the host that executes this module.
Parameter |
Choices/Defaults |
Comments |
|---|---|---|
|
default_persistence_profile
|
|
Default Profile which manages the session persistence.
If you want to remove the existing default persistence profile, specify an empty value;
"". See the documentation for an example. |
|
description
|
|
Virtual server description.
|
|
destination
required |
|
Destination IP of the virtual server.
Required when
state is present and virtual server does not exist.aliases: address, ip |
|
disabled_vlans
(added in 2.5) |
|
List of VLANs to be disabled. If the partition is not specified in the VLAN, then the
partition option of this module will be used.This parameter is mutually exclusive with the
enabled_vlans parameters. |
|
enabled_vlans
(added in 2.2) |
|
List of VLANs to be enabled. When a VLAN named
all is used, all VLANs will be allowed. VLANs can be specified with or without the leading partition. If the partition is not specified in the VLAN, then the partition option of this module will be used.This parameter is mutually exclusive with the
disabled_vlans parameter. |
|
fallback_persistence_profile
(added in 2.3) |
|
Specifies the persistence profile you want the system to use if it cannot use the specified default persistence profile.
If you want to remove the existing fallback persistence profile, specify an empty value;
"". See the documentation for an example. |
|
irules
(added in 2.2) |
|
List of rules to be applied in priority order.
If you want to remove existing iRules, specify a single empty value;
"". See the documentation for an example.aliases: all_rules |
|
metadata
(added in 2.5) |
|
Arbitrary key/value pairs that you can attach to a pool. This is useful in situations where you might want to annotate a virtual to me managed by Ansible.
Key names will be stored as strings; this includes names that are numbers.
Values for all of the keys will be stored as strings; this includes values that are numbers.
Data will be persisted, not ephemeral.
|
|
name
required |
|
Virtual server name.
aliases: vs |
|
partition
(added in 2.5) |
Default:
Common
|
Device partition to manage resources on.
|
|
password
required |
|
The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable
F5_PASSWORD is set.aliases: pass, pwd |
|
policies
|
|
Specifies the policies for the virtual server
aliases: all_policies |
|
pool
|
|
Default pool for the virtual server.
If you want to remove the existing pool, specify an empty value;
"". See the documentation for an example. |
|
port
|
|
Port of the virtual server. Required when
state is present and virtual server does not exist.If you do not want to specify a particular port, use the value
0. The result is that the virtual server will listen on any port. |
|
profiles
|
|
List of profiles (HTTP, ClientSSL, ServerSSL, etc) to apply to both sides of the connection (client-side and server-side).
If you only want to apply a particular profile to the client-side of the connection, specify
client-side for the profile's context.If you only want to apply a particular profile to the server-side of the connection, specify
server-side for the profile's context.If
context is not provided, it will default to all.aliases: all_profiles |
|
name
|
|
Name of the profile.
If this is not specified, then it is assumed that the profile item is only a name of a profile.
This must be specified if a context is specified.
|
|
context
|
|
The side of the connection on which the profile should be applied.
|
|
provider
(added in 2.5) |
|
A dict object containing connection details.
|
|
ssh_keyfile
|
|
Specifies the SSH keyfile to use to authenticate the connection to the remote device. This argument is only used for cli transports. If the value is not specified in the task, the value of environment variable
ANSIBLE_NET_SSH_KEYFILE will be used instead. |
|
timeout
|
Default:
10
|
Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error.
|
|
server
required |
|
The BIG-IP host. You can omit this option if the environment variable
F5_SERVER is set. |
|
user
required |
|
The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable
F5_USER is set. |
|
server_port
|
Default:
443
|
The BIG-IP server port. You can omit this option if the environment variable
F5_SERVER_PORT is set. |
|
password
required |
|
The password for the user account used to connect to the BIG-IP. You can omit this option if the environment variable
F5_PASSWORD is set.aliases: pass, pwd |
|
validate_certs
|
|
If
no, SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable F5_VALIDATE_CERTS is set. |
|
transport
required |
|
Configures the transport connection to use when connecting to the remote device.
|
|
server
required |
|
The BIG-IP host. You can omit this option if the environment variable
F5_SERVER is set. |
|
server_port
(added in 2.2) |
Default:
443
|
The BIG-IP server port. You can omit this option if the environment variable
F5_SERVER_PORT is set. |
|
snat
|
|
Source network address policy.
|
|
source
(added in 2.5) |
|
Specifies an IP address or network from which the virtual server accepts traffic.
The virtual server accepts clients only from one of these IP addresses.
For this setting to function effectively, specify a value other than 0.0.0.0/0 or ::/0 (that is, any/0, any6/0).
In order to maximize utility of this setting, specify the most specific address prefixes covering all customer addresses and no others.
Specify the IP address in Classless Inter-Domain Routing (CIDR) format; address/prefix, where the prefix length is in bits. For example, for IPv4, 10.0.0.1/32 or 10.0.0.0/24, and for IPv6, ffe1::0020/64 or 2001:ed8:77b5:2:10:10:100:42/64.
|
|
state
|
|
The virtual server state. If
absent, delete the virtual server if it exists. present creates the virtual server and enable it. If enabled, enable the virtual server if it exists. If disabled, create the virtual server if needed, and set state to disabled. |
|
user
required |
|
The username to connect to the BIG-IP with. This user must have administrative privileges on the device. You can omit this option if the environment variable
F5_USER is set. |
|
validate_certs
(added in 2.0) |
|
If
no, SSL certificates will not be validated. Use this only on personally controlled sites using self-signed certificates. You can omit this option if the environment variable F5_VALIDATE_CERTS is set. |
Note
- name: Modify Port of the Virtual Server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
state: present
partition: Common
name: my-virtual-server
port: 8080
delegate_to: localhost
- name: Delete virtual server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
state: absent
partition: Common
name: my-virtual-server
delegate_to: localhost
- name: Add virtual server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
state: present
partition: Common
name: my-virtual-server
destination: 10.10.10.10
port: 443
pool: my-pool
snat: Automap
description: Test Virtual Server
profiles:
- http
- fix
- name: clientssl
context: server-side
- name: ilx
context: client-side
policies:
- my-ltm-policy-for-asm
- ltm-uri-policy
- ltm-policy-2
- ltm-policy-3
enabled_vlans:
- /Common/vlan2
delegate_to: localhost
- name: Add FastL4 virtual server
bigip_virtual_server:
destination: 1.1.1.1
name: fastl4_vs
port: 80
profiles:
- fastL4
state: present
- name: Add iRules to the Virtual Server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
name: my-virtual-server
irules:
- irule1
- irule2
delegate_to: localhost
- name: Remove one iRule from the Virtual Server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
name: my-virtual-server
irules:
- irule2
delegate_to: localhost
- name: Remove all iRules from the Virtual Server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
name: my-virtual-server
irules: ""
delegate_to: localhost
- name: Remove pool from the Virtual Server
bigip_virtual_server:
server: lb.mydomain.net
user: admin
password: secret
name: my-virtual-server
pool: ""
delegate_to: localhost
- name: Add metadata to virtual
bigip_pool:
server: lb.mydomain.com
user: admin
password: secret
state: absent
name: my-pool
partition: Common
metadata:
ansible: 2.4
updated_at: 2017-12-20T17:50:46Z
delegate_to: localhost
Common return values are documented here, the following are the fields unique to this module:
Key |
Returned |
Description |
|---|---|---|
|
default_persistence_profile
string
|
changed |
Default persistence profile set on the virtual server.
Sample:
/Common/dest_addr
|
|
description
string
|
changed |
New description of the virtual server.
Sample:
This is my description
|
|
destination
string
|
changed |
Destination of the virtual server.
Sample:
1.1.1.1
|
|
disabled
bool
|
changed |
Whether the virtual server is disabled, or not.
Sample:
True
|
|
disabled_vlans
list
|
changed |
List of VLANs that the virtual is disabled for.
Sample:
['/Common/vlan1', '/Common/vlan2']
|
|
enabled
bool
|
changed |
Whether the virtual server is enabled, or not.
|
|
enabled_vlans
list
|
changed |
List of VLANs that the virtual is enabled for.
Sample:
['/Common/vlan5', '/Common/vlan6']
|
|
fallback_persistence_profile
string
|
changed |
Fallback persistence profile set on the virtual server.
Sample:
/Common/source_addr
|
|
irules
list
|
changed |
iRules set on the virtual server.
Sample:
['/Common/irule1', '/Common/irule2']
|
|
metadata
dict
|
changed |
The new value of the virtual.
Sample:
{'key2': 'bar', 'key1': 'foo'}
|
|
policies
list
|
changed |
List of policies attached to the virtual.
Sample:
['/Common/policy1', '/Common/policy2']
|
|
pool
string
|
changed |
Pool that the virtual server is attached to.
Sample:
/Common/my-pool
|
|
port
int
|
changed |
Port that the virtual server is configured to listen on.
Sample:
80
|
|
profiles
list
|
changed |
List of profiles set on the virtual server.
Sample:
[{'name': 'tcp', 'context': 'server-side'}, {'name': 'tcp-legacy', 'context': 'client-side'}]
|
|
snat
string
|
changed |
SNAT setting of the virtual server.
Sample:
Automap
|
|
source
string
|
changed |
Source address, in CIDR form, set on the virtual server.
Sample:
1.2.3.4/32
|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.