ngine_io.cloudstack.cs_vpn_connection – Manages site-to-site VPN connections on Apache CloudStack based clouds.

Note

This plugin is part of the ngine_io.cloudstack collection (version 2.1.0).

To install it use: ansible-galaxy collection install ngine_io.cloudstack.

To use it in a playbook, specify: ngine_io.cloudstack.cs_vpn_connection.

New in version 0.1.0: of ngine_io.cloudstack

Synopsis

• Create and remove VPN connections.

Requirements

The below requirements are needed on the host that executes this module.

• python >= 2.6

• cs >= 0.9.0

Parameters

Parameter	Choices/Defaults	Comments
account string		Account the VPN connection is related to.
api_http_method string	Choices: get ← post	HTTP method used to query the API endpoint. If not given, the CLOUDSTACK_METHOD env variable is considered.
api_key string / required		API key of the CloudStack API. If not given, the CLOUDSTACK_KEY env variable is considered.
api_secret string / required		Secret key of the CloudStack API. If not set, the CLOUDSTACK_SECRET env variable is considered.
api_timeout integer	Default: 10	HTTP timeout in seconds. If not given, the CLOUDSTACK_TIMEOUT env variable is considered.
api_url string / required		URL of the CloudStack API e.g. https://cloud.example.com/client/api. If not given, the CLOUDSTACK_ENDPOINT env variable is considered.
api_verify_ssl_cert string		Verify CA authority cert file. If not given, the CLOUDSTACK_VERIFY env variable is considered.
domain string		Domain the VPN connection is related to.
force boolean	Choices: no ← yes	Activate the VPN gateway if not already activated on state=present. Also see cs_vpn_gateway.
passive boolean	Choices: no ← yes	State of the VPN connection. Only considered when state=present.
poll_async boolean	Choices: no yes ←	Poll async jobs until job has finished.
project string		Name of the project the VPN connection is related to.
state string	Choices: present ← absent	State of the VPN connection.
vpc string / required		Name of the VPC the VPN connection is related to.
vpn_customer_gateway string / required		Name of the VPN customer gateway.
zone string / required		Name of the zone the VPC is related to.

Notes

Note

• A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.

• This module supports check mode.

Examples

- name: Create a VPN connection with activated VPN gateway
  ngine_io.cloudstack.cs_vpn_connection:
    vpn_customer_gateway: my vpn connection
    vpc: my vpc
    zone: zone01

- name: Create a VPN connection and force VPN gateway activation
  ngine_io.cloudstack.cs_vpn_connection:
    vpn_customer_gateway: my vpn connection
    vpc: my vpc
    zone: zone01
    force: yes

- name: Remove a vpn connection
  ngine_io.cloudstack.cs_vpn_connection:
    vpn_customer_gateway: my vpn connection
    vpc: my vpc
    zone: zone01
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
account string	success	Account the VPN connection is related to. Sample: example account
cidrs list / elements=string	success	List of CIDRs of the customer gateway. Sample: ['10.10.10.0/24']
created string	success	Date the connection was created. Sample: 2014-12-01T14:57:57+0100
domain string	success	Domain the VPN connection is related to. Sample: example domain
dpd boolean	success	Whether dead pear detection is enabled or not. Sample: True
esp_lifetime integer	success	Lifetime in seconds of phase 2 VPN connection. Sample: 86400
esp_policy string	success	IKE policy of the VPN connection. Sample: aes256-sha1;modp1536
force_encap boolean	success	Whether encapsulation for NAT traversal is enforced or not. Sample: True
gateway string	success	IP address of the VPN customer gateway. Sample: 10.101.214.10
id string	success	UUID of the VPN connection. Sample: 04589590-ac63-4ffc-93f5-b698b8ac38b6
ike_lifetime integer	success	Lifetime in seconds of phase 1 VPN connection. Sample: 86400
ike_policy string	success	ESP policy of the VPN connection. Sample: aes256-sha1;modp1536
passive boolean	success	Whether the connection is passive or not.
project string	success	Name of project the VPN connection is related to. Sample: Production
public_ip string	success	IP address of the VPN gateway. Sample: 10.100.212.10
state string	success	State of the VPN connection. Sample: Connected
vpn_gateway_id string	success	UUID of the VPN gateway. Sample: 04589590-ac63-93f5-4ffc-b698b8ac38b6

Authors

• René Moser (@resmo)