ngine_io.cloudstack.cs_vpn_connection – Manages site-to-site VPN connections on Apache CloudStack based clouds.

Note

This plugin is part of the ngine_io.cloudstack collection (version 2.1.0).

To install it use: ansible-galaxy collection install ngine_io.cloudstack.

To use it in a playbook, specify: ngine_io.cloudstack.cs_vpn_connection.

New in version 0.1.0: of ngine_io.cloudstack

Synopsis

  • Create and remove VPN connections.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.6

  • cs >= 0.9.0

Parameters

Parameter Choices/Defaults Comments
account
string
Account the VPN connection is related to.
api_http_method
string
    Choices:
  • get ←
  • post
HTTP method used to query the API endpoint.
If not given, the CLOUDSTACK_METHOD env variable is considered.
api_key
string / required
API key of the CloudStack API.
If not given, the CLOUDSTACK_KEY env variable is considered.
api_secret
string / required
Secret key of the CloudStack API.
If not set, the CLOUDSTACK_SECRET env variable is considered.
api_timeout
integer
Default:
10
HTTP timeout in seconds.
If not given, the CLOUDSTACK_TIMEOUT env variable is considered.
api_url
string / required
URL of the CloudStack API e.g. https://cloud.example.com/client/api.
If not given, the CLOUDSTACK_ENDPOINT env variable is considered.
api_verify_ssl_cert
string
Verify CA authority cert file.
If not given, the CLOUDSTACK_VERIFY env variable is considered.
domain
string
Domain the VPN connection is related to.
force
boolean
    Choices:
  • no ←
  • yes
Activate the VPN gateway if not already activated on state=present.
Also see cs_vpn_gateway.
passive
boolean
    Choices:
  • no ←
  • yes
State of the VPN connection.
Only considered when state=present.
poll_async
boolean
    Choices:
  • no
  • yes ←
Poll async jobs until job has finished.
project
string
Name of the project the VPN connection is related to.
state
string
    Choices:
  • present ←
  • absent
State of the VPN connection.
vpc
string / required
Name of the VPC the VPN connection is related to.
vpn_customer_gateway
string / required
Name of the VPN customer gateway.
zone
string / required
Name of the zone the VPC is related to.

Notes

Note

  • A detailed guide about cloudstack modules can be found in the CloudStack Cloud Guide.

  • This module supports check mode.

Examples

- name: Create a VPN connection with activated VPN gateway
  ngine_io.cloudstack.cs_vpn_connection:
    vpn_customer_gateway: my vpn connection
    vpc: my vpc
    zone: zone01

- name: Create a VPN connection and force VPN gateway activation
  ngine_io.cloudstack.cs_vpn_connection:
    vpn_customer_gateway: my vpn connection
    vpc: my vpc
    zone: zone01
    force: yes

- name: Remove a vpn connection
  ngine_io.cloudstack.cs_vpn_connection:
    vpn_customer_gateway: my vpn connection
    vpc: my vpc
    zone: zone01
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
account
string
success
Account the VPN connection is related to.

Sample:
example account
cidrs
list / elements=string
success
List of CIDRs of the customer gateway.

Sample:
['10.10.10.0/24']
created
string
success
Date the connection was created.

Sample:
2014-12-01T14:57:57+0100
domain
string
success
Domain the VPN connection is related to.

Sample:
example domain
dpd
boolean
success
Whether dead pear detection is enabled or not.

Sample:
True
esp_lifetime
integer
success
Lifetime in seconds of phase 2 VPN connection.

Sample:
86400
esp_policy
string
success
IKE policy of the VPN connection.

Sample:
aes256-sha1;modp1536
force_encap
boolean
success
Whether encapsulation for NAT traversal is enforced or not.

Sample:
True
gateway
string
success
IP address of the VPN customer gateway.

Sample:
10.101.214.10
id
string
success
UUID of the VPN connection.

Sample:
04589590-ac63-4ffc-93f5-b698b8ac38b6
ike_lifetime
integer
success
Lifetime in seconds of phase 1 VPN connection.

Sample:
86400
ike_policy
string
success
ESP policy of the VPN connection.

Sample:
aes256-sha1;modp1536
passive
boolean
success
Whether the connection is passive or not.

project
string
success
Name of project the VPN connection is related to.

Sample:
Production
public_ip
string
success
IP address of the VPN gateway.

Sample:
10.100.212.10
state
string
success
State of the VPN connection.

Sample:
Connected
vpn_gateway_id
string
success
UUID of the VPN gateway.

Sample:
04589590-ac63-93f5-4ffc-b698b8ac38b6


Authors

  • René Moser (@resmo)