ngine_io.cloudstack.cs_portforward – Manages port forwarding rules on Apache CloudStack based clouds.

Note

This plugin is part of the ngine_io.cloudstack collection (version 2.1.0).

To install it use: ansible-galaxy collection install ngine_io.cloudstack.

To use it in a playbook, specify: ngine_io.cloudstack.cs_portforward.

New in version 0.1.0: of ngine_io.cloudstack

Synopsis

  • Create, update and remove port forwarding rules.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6

  • cs >= 0.9.0

Parameters

Parameter Choices/Defaults Comments
account
string
Account the vm is related to.
api_http_method
string
    Choices:
  • get ←
  • post
HTTP method used to query the API endpoint.
If not given, the CLOUDSTACK_METHOD env variable is considered.
api_key
string / required
API key of the CloudStack API.
If not given, the CLOUDSTACK_KEY env variable is considered.
api_secret
string / required
Secret key of the CloudStack API.
If not set, the CLOUDSTACK_SECRET env variable is considered.
api_timeout
integer
Default:
10
HTTP timeout in seconds.
If not given, the CLOUDSTACK_TIMEOUT env variable is considered.
api_url
string / required
URL of the CloudStack API e.g. https://cloud.example.com/client/api.
If not given, the CLOUDSTACK_ENDPOINT env variable is considered.
api_verify_ssl_cert
string
Verify CA authority cert file.
If not given, the CLOUDSTACK_VERIFY env variable is considered.
domain
string
Domain the vm is related to.
ip_address
string / required
Public IP address the rule is assigned to.
network
string
Name of the network. Required when forwarding ports in a VPC.
open_firewall
boolean
    Choices:
  • no ←
  • yes
Whether the firewall rule for public port should be created, while creating the new rule.
Not supported when forwarding ports in a VPC.
Use cs_firewall for managing firewall rules.
poll_async
boolean
    Choices:
  • no
  • yes ←
Poll async jobs until job has finished.
private_end_port
integer
End private port for this rule.
If not specified equal private_port.
private_port
integer / required
Start private port for this rule.
project
string
Name of the project the vm is located in.
protocol
string
    Choices:
  • tcp ←
  • udp
Protocol of the port forwarding rule.
public_end_port
integer
End public port for this rule.
If not specified equal public_port.
public_port
integer / required
Start public port for this rule.
state
string
    Choices:
  • present ←
  • absent
State of the port forwarding rule.
tags
list / elements=dictionary
List of tags. Tags are a list of dictionaries having keys key and value.
To delete all tags, set a empty list e.g. tags: [].

aliases: tag
vm
string
Name of virtual machine which we make the port forwarding rule for.
Required if state=present.
vm_guest_ip
string
VM guest NIC secondary IP address for the port forwarding rule.
vpc
string
Name of the VPC.
zone
string / required
Name of the zone in which the virtual machine is in.

Notes

Note

  • A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.

  • This module supports check mode.

Examples

- name: 1.2.3.4:80 -> web01:8080
  ngine_io.cloudstack.cs_portforward:
    ip_address: 1.2.3.4
    zone: zone01
    vm: web01
    public_port: 80
    private_port: 8080

- name: forward SSH and open firewall
  ngine_io.cloudstack.cs_portforward:
    ip_address: '{{ public_ip }}'
    zone: zone01
    vm: '{{ inventory_hostname }}'
    public_port: '{{ ansible_ssh_port }}'
    private_port: 22
    open_firewall: true

- name: forward DNS traffic, but do not open firewall
  ngine_io.cloudstack.cs_portforward:
    ip_address: 1.2.3.4
    zone: zone01
    vm: '{{ inventory_hostname }}'
    public_port: 53
    private_port: 53
    protocol: udp

- name: remove ssh port forwarding
  ngine_io.cloudstack.cs_portforward:
    ip_address: 1.2.3.4
    zone: zone01
    public_port: 22
    private_port: 22
    state: absent

- name: forward SSH in backend tier of VPC
  ngine_io.cloudstack.cs_portforward:
    ip_address: '{{ public_ip }}'
    zone: zone01
    vm: '{{ inventory_hostname }}'
    public_port: '{{ ansible_ssh_port }}'
    private_port: 22
    vpc: myVPC
    network: backend

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
id
string
success
UUID of the public IP address.

Sample:
a6f7a5fc-43f8-11e5-a151-feff819cdc9f
ip_address
string
success
Public IP address.

Sample:
1.2.3.4
network
string
success
Name of the network.

Sample:
dmz
private_end_port
integer
success
End port on the virtual machine's IP address.

Sample:
80
private_port
integer
success
Start port on the virtual machine's IP address.

Sample:
80
protocol
string
success
Protocol.

Sample:
tcp
public_end_port
integer
success
End port on the public IP address.

Sample:
80
public_port
integer
success
Start port on the public IP address.

Sample:
80
tags
list / elements=string
success
Tags related to the port forwarding.

vm_display_name
string
success
Display name of the virtual machine.

Sample:
web-01
vm_guest_ip
string
success
IP of the virtual machine.

Sample:
10.101.65.152
vm_name
string
success
Name of the virtual machine.

Sample:
web-01
vpc
string
success
Name of the VPC.

Sample:
my_vpc


Authors

  • René Moser (@resmo)