Documentation

bigip_virtual_server - Manages F5 BIG-IP LTM virtual servers

New in version 2.1.

Synopsis

  • Manages F5 BIG-IP LTM virtual servers via iControl SOAP API

Options

parameter required default choices comments
all_policies
(added in 2.3)
no None
List of all policies enabled for the virtual server.
all_profiles
no None
List of all Profiles (HTTP,ClientSSL,ServerSSL,etc) that must be used by the virtual server
all_rules
(added in 2.2)
no None
List of rules to be applied in priority order
default_persistence_profile
no None
Default Profile which manages the session persistence
description
no None
Virtual server description
destination
yes
Destination IP of the virtual server (only host is currently supported). Required when state=present and vs does not exist.

aliases: address, ip
enabled_vlans
(added in 2.2)
no None
List of vlans to be enabled. When a VLAN named ALL is used, all VLANs will be allowed.
fallback_persistence_profile
(added in 2.3)
no None
Specifies the persistence profile you want the system to use if it cannot use the specified default persistence profile.
name
yes
Virtual server name

aliases: vs
partition
no Common
Partition
password
yes
The password for the user account used to connect to the BIG-IP. This option can be omitted if the environment variable F5_PASSWORD is set.
pool
no None
Default pool for the virtual server
port
no None
Port of the virtual server . Required when state=present and vs does not exist
route_advertisement_state
(added in 2.3)
no disabled
Enable route advertisement for destination
server
yes
The BIG-IP host. This option can be omitted if the environment variable F5_SERVER is set.
server_port
(added in 2.2)
no 443
The BIG-IP server port. This option can be omitted if the environment variable F5_SERVER_PORT is set.
snat
no None
  • None
  • Automap
  • Name of a SNAT pool (eg "/Common/snat_pool_name") to enable SNAT with the specific pool
Source network address policy
state
no present
  • present
  • absent
  • enabled
  • disabled
Virtual Server state
Absent, delete the VS if present
present (and its synonym enabled), create if needed the VS and set state to enabled
disabled, create if needed the VS and set state to disabled
user
yes
The username to connect to the BIG-IP with. This user must have administrative privileges on the device. This option can be omitted if the environment variable F5_USER is set.
validate_certs
(added in 2.0)
no True
  • True
  • False
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. This option can be omitted if the environment variable F5_VALIDATE_CERTS is set.

Examples

- name: Add virtual server
  bigip_virtual_server:
      server: lb.mydomain.net
      user: admin
      password: secret
      state: present
      partition: MyPartition
      name: myvirtualserver
      destination: "{{ ansible_default_ipv4['address'] }}"
      port: 443
      pool: "{{ mypool }}"
      snat: Automap
      description: Test Virtual Server
      all_profiles:
          - http
          - clientssl
      enabled_vlans:
          - /Common/vlan2
  delegate_to: localhost

- name: Modify Port of the Virtual Server
  bigip_virtual_server:
      server: lb.mydomain.net
      user: admin
      password: secret
      state: present
      partition: MyPartition
      name: myvirtualserver
      port: 8080
  delegate_to: localhost

- name: Delete virtual server
  bigip_virtual_server:
      server: lb.mydomain.net
      user: admin
      password: secret
      state: absent
      partition: MyPartition
      name: myvirtualserver
  delegate_to: localhost

Return Values

Common return values are documented here Return Values, the following are the fields unique to this module:

name description returned type sample
deleted Name of a virtual server that was deleted changed string my-virtual-server


Notes

Note

  • Requires BIG-IP software version >= 11
  • F5 developed module ‘bigsuds’ required (see http://devcentral.f5.com)
  • Best run as a local_action in your playbook

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Support

This module is community maintained without core committer oversight.

For more information on what this means please read Module Support

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.