google.cloud.gcp_compute_network_endpoint_group – Creates a GCP NetworkEndpointGroup

Note

This plugin is part of the google.cloud collection (version 1.0.2).

To install it use: ansible-galaxy collection install google.cloud.

To use it in a playbook, specify: google.cloud.gcp_compute_network_endpoint_group.

Synopsis

  • Network endpoint groups (NEGs) are zonal resources that represent collections of IP address and port combinations for GCP resources within a single subnet. Each IP address and port combination is called a network endpoint.

  • Network endpoint groups can be used as backends in backend services for HTTP(S), TCP proxy, and SSL proxy load balancers. You cannot use NEGs as a backend with internal load balancers. Because NEG backends allow you to specify IP addresses and ports, you can distribute traffic in a granular fashion among applications or containers running within VM instances.

  • Recreating a network endpoint group that’s in use by another resource will give a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy to avoid this type of error.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6

  • requests >= 2.18.4

  • google-auth >= 1.3.0

Parameters

Parameter Choices/Defaults Comments
auth_kind
string / required
    Choices:
  • application
  • machineaccount
  • serviceaccount
The type of credential used.
default_port
integer
The default port used if the port number is not specified in the network endpoint.
description
string
An optional description of this resource. Provide this property when you create the resource.
env_type
string
Specifies which Ansible environment you're running this module within.
This should not be set unless you know what you're doing.
This only alters the User Agent string for any API requests.
name
string / required
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
network
dictionary / required
The network to which all network endpoints in the NEG belong.
Uses "default" project network if unspecified.
This field represents a link to a Network resource in GCP. It can be specified in two ways. First, you can place a dictionary with key 'selfLink' and value of your resource's selfLink Alternatively, you can add `register: name-of-resource` to a gcp_compute_network task and then set this network field to "{{ name-of-resource }}"
network_endpoint_type
string
Default:
"GCE_VM_IP_PORT"
Type of network endpoints in this network endpoint group.
Some valid choices include: "GCE_VM_IP_PORT"
project
string
The Google Cloud Platform project to use.
scopes
list / elements=string
Array of scopes to be used
service_account_contents
jsonarg
The contents of a Service Account JSON file, either in a dictionary or as a JSON string that represents it.
service_account_email
string
An optional service account email address if machineaccount is selected and the user does not wish to use the default email.
service_account_file
path
The path of a Service Account JSON file if serviceaccount is selected as type.
state
string
    Choices:
  • present ←
  • absent
Whether the given object should exist in GCP
subnetwork
dictionary
Optional subnetwork to which all network endpoints in the NEG belong.
This field represents a link to a Subnetwork resource in GCP. It can be specified in two ways. First, you can place a dictionary with key 'selfLink' and value of your resource's selfLink Alternatively, you can add `register: name-of-resource` to a gcp_compute_subnetwork task and then set this subnetwork field to "{{ name-of-resource }}"
zone
string / required
Zone where the network endpoint group is located.

Notes

Note

  • API Reference: https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups

  • Official Documentation: https://cloud.google.com/load-balancing/docs/negs/

  • for authentication, you can set service_account_file using the gcp_service_account_file env variable.

  • for authentication, you can set service_account_contents using the GCP_SERVICE_ACCOUNT_CONTENTS env variable.

  • For authentication, you can set service_account_email using the GCP_SERVICE_ACCOUNT_EMAIL env variable.

  • For authentication, you can set auth_kind using the GCP_AUTH_KIND env variable.

  • For authentication, you can set scopes using the GCP_SCOPES env variable.

  • Environment variables values will only be used if the playbook values are not set.

  • The service_account_email and service_account_file options are mutually exclusive.

Examples

- name: create a network
  google.cloud.gcp_compute_network:
    name: "{{ resource_name }}"
    auto_create_subnetworks: 'false'
    project: "{{ gcp_project }}"
    auth_kind: "{{ gcp_cred_kind }}"
    service_account_file: "{{ gcp_cred_file }}"
    state: present
  register: network

- name: create a subnetwork
  google.cloud.gcp_compute_subnetwork:
    name: "{{ resource_name }}"
    ip_cidr_range: 10.0.0.0/16
    region: us-central1
    network: "{{ network }}"
    project: "{{ gcp_project }}"
    auth_kind: "{{ gcp_cred_kind }}"
    service_account_file: "{{ gcp_cred_file }}"
    state: present
  register: subnetwork

- name: create a network endpoint group
  google.cloud.gcp_compute_network_endpoint_group:
    name: test_object
    network: "{{ network }}"
    subnetwork: "{{ subnetwork }}"
    default_port: 90
    zone: us-central1-a
    project: test_project
    auth_kind: serviceaccount
    service_account_file: "/tmp/auth.pem"
    state: present

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
defaultPort
integer
success
The default port used if the port number is not specified in the network endpoint.

description
string
success
An optional description of this resource. Provide this property when you create the resource.

id
integer
success
The unique identifier for the resource.

name
string
success
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

network
dictionary
success
The network to which all network endpoints in the NEG belong.
Uses "default" project network if unspecified.

networkEndpointType
string
success
Type of network endpoints in this network endpoint group.

size
integer
success
Number of network endpoints in the network endpoint group.

subnetwork
dictionary
success
Optional subnetwork to which all network endpoints in the NEG belong.

zone
string
success
Zone where the network endpoint group is located.



Authors

  • Google Inc. (@googlecloudplatform)