community.general.rax_clb_ssl module – Manage SSL termination for a Rackspace Cloud Load Balancer
Note
This module is part of the community.general collection (version 8.6.8).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.general.rax_clb_ssl
.
DEPRECATED
- Removed in:
version 9.0.0
- Why:
This module relies on the deprecated package pyrax.
- Alternative:
Use the Openstack modules instead.
Synopsis
Set up, reconfigure, or remove SSL termination for an existing load balancer.
Aliases: cloud.rackspace.rax_clb_ssl
Requirements
The below requirements are needed on the host that executes this module.
pyrax
Parameters
Parameter |
Comments |
---|---|
Rackspace API key, overrides |
|
The URI of the authentication service. If not specified will be set to https://identity.api.rackspacecloud.com/v2.0/. |
|
The public SSL certificates as a string in PEM format. |
|
If set to “false”, temporarily disable SSL termination without discarding existing credentials. Choices:
|
|
Environment as configured in |
|
If “true”, the load balancer will redirect HTTP traffic to HTTPS. Requires “secure_traffic_only” to be true. Incurs an implicit wait if SSL termination is also applied or removed. Choices:
|
|
Authentication mechanism to use, such as rackspace or keystone. Default: |
|
One or more intermediate certificate authorities as a string in PEM format, concatenated into a single string. |
|
Name or ID of the load balancer on which to manage SSL termination. |
|
The private SSL key as a string in PEM format. |
|
Region to create an instance in. |
|
The port to listen for secure traffic. Default: |
|
If “true”, the load balancer will *only* accept secure traffic. Choices:
|
|
If set to “present”, SSL termination will be added to this load balancer. If “absent”, SSL termination will be removed instead. Choices:
|
|
The tenant ID used for authentication. |
|
The tenant name used for authentication. |
|
Rackspace username, overrides |
|
Whether or not to require SSL validation of API endpoints. Choices:
|
|
Wait for the balancer to be in state “running” before turning. Choices:
|
|
How long before “wait” gives up, in seconds. Default: |
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: none |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
Notes
Note
The following environment variables can be used,
RAX_USERNAME
,RAX_API_KEY
,RAX_CREDS_FILE
,RAX_CREDENTIALS
,RAX_REGION
.RAX_CREDENTIALS
andRAX_CREDS_FILE
point to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating.RAX_USERNAME
andRAX_API_KEY
obviate the use of a credentials file.RAX_REGION
defines a Rackspace Public Cloud region (DFW, ORD, LON, …).The following environment variables can be used,
RAX_USERNAME
,RAX_API_KEY
,RAX_CREDS_FILE
,RAX_CREDENTIALS
,RAX_REGION
.RAX_CREDENTIALS
andRAX_CREDS_FILE
points to a credentials file appropriate for pyrax. See https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#authenticating.RAX_USERNAME
andRAX_API_KEY
obviate the use of a credentials file.RAX_REGION
defines a Rackspace Public Cloud region (DFW, ORD, LON, …).
Examples
- name: Enable SSL termination on a load balancer
community.general.rax_clb_ssl:
loadbalancer: the_loadbalancer
state: present
private_key: "{{ lookup('file', 'credentials/server.key' ) }}"
certificate: "{{ lookup('file', 'credentials/server.crt' ) }}"
intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}"
secure_traffic_only: true
wait: true
- name: Disable SSL termination
community.general.rax_clb_ssl:
loadbalancer: "{{ registered_lb.balancer.id }}"
state: absent
wait: true
Status
This module will be removed in version 9.0.0. [deprecated]
For more information see DEPRECATED.