Documentation

rax_clb_ssl - Manage SSL termination for a Rackspace Cloud Load Balancer.

New in version 2.0.

Synopsis

  • Set up, reconfigure, or remove SSL termination for an existing load balancer.

Options

parameter required default choices comments
api_key
no
Rackspace API key, overrides credentials.

aliases: password
certificate
no
The public SSL certificates as a string in PEM format.
credentials
no
File to find the Rackspace credentials in. Ignored if api_key and username are provided.

aliases: creds_file
enabled
no True
If set to "false", temporarily disable SSL termination without discarding
existing credentials.
env
(added in 1.5)
no
https_redirect
no
If "true", the load balancer will redirect HTTP traffic to HTTPS.
Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL
termination is also applied or removed.
intermediate_certificate
no
One or more intermediate certificate authorities as a string in PEM
format, concatenated into a single string.
loadbalancer
yes
Name or ID of the load balancer on which to manage SSL termination.
private_key
no
The private SSL key as a string in PEM format.
region
no DFW
Region to create an instance in.
secure_port
no 443
The port to listen for secure traffic.
secure_traffic_only
no
If "true", the load balancer will *only* accept secure traffic.
state
no present
  • present
  • absent
If set to "present", SSL termination will be added to this load balancer.
If "absent", SSL termination will be removed instead.
username
no
Rackspace username, overrides credentials.
verify_ssl
(added in 1.5)
no
Whether or not to require SSL validation of API endpoints.
wait
no
Wait for the balancer to be in state "running" before turning.
wait_timeout
no 300
How long before "wait" gives up, in seconds.

Examples

- name: Enable SSL termination on a load balancer
  rax_clb_ssl:
    loadbalancer: the_loadbalancer
    state: present
    private_key: "{{ lookup('file', 'credentials/server.key' ) }}"
    certificate: "{{ lookup('file', 'credentials/server.crt' ) }}"
    intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}"
    secure_traffic_only: true
    wait: true

- name: Disable SSL termination
  rax_clb_ssl:
    loadbalancer: "{{ registered_lb.balancer.id }}"
    state: absent
    wait: true

Notes

Note

  • The following environment variables can be used, RAX_USERNAME, RAX_API_KEY, RAX_CREDS_FILE, RAX_CREDENTIALS, RAX_REGION.
  • RAX_CREDENTIALS and RAX_CREDS_FILE points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating
  • RAX_USERNAME and RAX_API_KEY obviate the use of a credentials file
  • RAX_REGION defines a Rackspace Public Cloud region (DFW, ORD, LON, ...)

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Support

This module is community maintained without core committer oversight.

For more information on what this means please read Module Support

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Helping Testing PRs and Developing Modules.