From bf9efa98534c3611a5f6e6c50795a853736a7bf2 Mon Sep 17 00:00:00 2001 From: George Nikolopoulos Date: Thu, 19 Dec 2019 17:33:28 +0200 Subject: [PATCH 1/5] Update documentation --- docs/Makefile | 2 +- docs/generic_modules/nitro_resource.rst | 400 ++ docs/index.rst | 4 +- .../citrix_adc_appfw_confidfield_module.rst | 422 +- .../citrix_adc_appfw_fieldtype_module.rst | 416 +- ...itrix_adc_appfw_global_bindings_module.rst | 462 +- .../citrix_adc_appfw_htmlerrorpage_module.rst | 431 +- ...itrix_adc_appfw_jsoncontenttype_module.rst | 362 +- ...trix_adc_appfw_learningsettings_module.rst | 672 +-- .../citrix_adc_appfw_policy_module.rst | 412 +- .../citrix_adc_appfw_policylabel_module.rst | 362 +- .../citrix_adc_appfw_profile_module.rst | 3834 +++++------------ .../citrix_adc_appfw_settings_module.rst | 617 +-- .../citrix_adc_appfw_signatures_module.rst | 508 +-- docs/modules/citrix_adc_appfw_wsdl_module.rst | 431 +- ...citrix_adc_appfw_xmlcontenttype_module.rst | 362 +- .../citrix_adc_appfw_xmlerrorpage_module.rst | 431 +- .../citrix_adc_appfw_xmlschema_module.rst | 431 +- docs/modules/citrix_adc_cs_action_module.rst | 405 +- docs/modules/citrix_adc_cs_policy_module.rst | 427 +- docs/modules/citrix_adc_cs_vserver_module.rst | 1562 +++---- .../citrix_adc_gslb_service_module.rst | 836 ++-- docs/modules/citrix_adc_gslb_site_module.rst | 565 +-- .../citrix_adc_gslb_vserver_module.rst | 980 ++--- docs/modules/citrix_adc_lb_monitor_module.rst | 2092 +++------ docs/modules/citrix_adc_lb_vserver_module.rst | 2352 ++++------ .../citrix_adc_nitro_request_module.rst | 527 +-- .../citrix_adc_nitro_resource_module.rst | 126 + .../modules/citrix_adc_save_config_module.rst | 211 +- docs/modules/citrix_adc_server_module.rst | 559 +-- docs/modules/citrix_adc_service_module.rst | 1221 ++---- .../citrix_adc_servicegroup_module.rst | 1369 +++--- .../modules/citrix_adc_ssl_certkey_module.rst | 495 +-- .../modules/citrix_adm_application_module.rst | 834 ++-- .../citrix_adm_dns_domain_entry_module.rst | 414 +- docs/modules/citrix_adm_login_module.rst | 350 +- docs/modules/citrix_adm_mpsgroup_module.rst | 682 +-- docs/modules/citrix_adm_mpsuser_module.rst | 503 +-- docs/modules/citrix_adm_ns_facts_module.rst | 427 +- .../citrix_adm_poll_instances_module.rst | 332 +- docs/modules/citrix_adm_rba_policy_module.rst | 465 +- docs/modules/citrix_adm_rba_role_module.rst | 463 +- docs/modules/citrix_adm_stylebook_module.rst | 443 +- .../citrix_adm_tenant_facts_module.rst | 341 +- docs/modules/list_of_all_modules.rst | 86 +- docs/modules/list_of_network_modules.rst | 48 + utils/docs/formatter.py | 442 ++ utils/docs/module.rst.j2 | 40 + utils/docs/templates/cli_rst.j2 | 139 - utils/docs/templates/config.rst.j2 | 146 - .../templates/list_of_CATEGORY_modules.rst.j2 | 36 - .../templates/list_of_CATEGORY_plugins.rst.j2 | 36 - utils/docs/templates/man.j2 | 128 - .../docs/templates/modules_by_category.rst.j2 | 14 - .../docs/templates/modules_by_support.rst.j2 | 16 - .../docs/templates/playbooks_keywords.rst.j2 | 32 - utils/docs/templates/plugin.rst.j2 | 444 -- .../docs/templates/plugins_by_category.rst.j2 | 9 - .../docs/templates/plugins_by_support.rst.j2 | 15 - 59 files changed, 10470 insertions(+), 20701 deletions(-) create mode 100644 docs/generic_modules/nitro_resource.rst create mode 100644 docs/modules/citrix_adc_nitro_resource_module.rst create mode 100644 docs/modules/list_of_network_modules.rst create mode 100644 utils/docs/formatter.py create mode 100644 utils/docs/module.rst.j2 delete mode 100644 utils/docs/templates/cli_rst.j2 delete mode 100644 utils/docs/templates/config.rst.j2 delete mode 100644 utils/docs/templates/list_of_CATEGORY_modules.rst.j2 delete mode 100644 utils/docs/templates/list_of_CATEGORY_plugins.rst.j2 delete mode 100644 utils/docs/templates/man.j2 delete mode 100644 utils/docs/templates/modules_by_category.rst.j2 delete mode 100644 utils/docs/templates/modules_by_support.rst.j2 delete mode 100644 utils/docs/templates/playbooks_keywords.rst.j2 delete mode 100644 utils/docs/templates/plugin.rst.j2 delete mode 100644 utils/docs/templates/plugins_by_category.rst.j2 delete mode 100644 utils/docs/templates/plugins_by_support.rst.j2 diff --git a/docs/Makefile b/docs/Makefile index cd1dab756..c43bfd724 100644 --- a/docs/Makefile +++ b/docs/Makefile @@ -27,7 +27,7 @@ clean: .PHONY: html html: - python ../utils/docs/plugin_formatter.py --module-dir ../ansible-modules/ --template-dir ../utils/docs/templates --output-dir ../docs/modules + python ../utils/docs/formatter.py --output-dir ./modules $(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html @echo @echo "Build finished. The HTML pages are in $(BUILDDIR)/html." diff --git a/docs/generic_modules/nitro_resource.rst b/docs/generic_modules/nitro_resource.rst new file mode 100644 index 000000000..4c2277a00 --- /dev/null +++ b/docs/generic_modules/nitro_resource.rst @@ -0,0 +1,400 @@ +Using the citrix_adc_nitro_resource module +########################################## + +The ``citrix_adc_nitro_resource`` module is a generic module +that implements the creation, update and deletion of NITRO API resources +in a generic manner. + +It accepts the same parameters for connecting to ADC as the other modules. + +Its two main parameters that determine what and how it will be configured +are ``workflow`` and ``resource``. + +The ``workflow`` parameter will accept a dictionary that has several keys +which will differentiate the execution of the module. + +The ``resource`` parameter is a dictionary with the attributes of the NITRO +resource being configured. + +By providing different values for these parameters we can leverage the same +module to create a number of NITRO API resources without handling each +resource in its own specialized module. + +Workflow explained +~~~~~~~~~~~~~~~~~~ + +The basis for this reusability is the fact that NITRO objects have enough similarities +in the operations they provide so that an algorithm can be applied to many endpoints +successfully just by adjusting some key values. + +A sample workflow dictionary is shown below. + +.. code-block:: yaml + + lbgroup_workflow: + lifecycle: object + endpoint: lbgroup + primary_id_attribute: name + resource_missing_errorcode: 258 + non_updateable_attributes: + - newname + + +The most important parameter is ``lifecycle``. +This determines the main workflow which will be followed, slightly adjusted +by the rest of the parameters. + +We provide a list of workflows for use with users' playbooks in our main github repository_. + +.. _repository: https://github.com/citrix/citrix-adc-ansible-modules + +Currently the following lifecycles are supported + +- object +- binding +- bindings_list +- non_updateable_object + +The following sections detail each type of lifecycle. + +``object`` lifecycle +~~~~~~~~~~~~~~~~~~~~ + +The ``object`` lifecycle is usually relevant to NITRO objects +that can be created independent of other NITRO objects and have create, +update and delete operations. + +An example definition is shown below + +.. code-block:: yaml + + lbgroup_workflow: + lifecycle: object + endpoint: lbgroup + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - newname + +The ``endpoint`` parameter defines part of the url that will be used. +``primary_id_attribute`` identifies which of the resource's attribute +is the one that uniquely identifies the object. +``resource_missing_errorcode`` is the NITRO error code we get when we try +to retrieve an object that does not exist. This is used to determine if +the object exists without the error code aborting execution of the module. +``non_updateable_attributes`` is a list of attributes that if they are part of +a PUT request will cause the request to fail. + +``allow_recreate`` is a boolean parameter that determines what will happen +if a non updatable attribute differs. When it is ``true`` the object will be +deleted and recreated with the configured values. +If it is ``false`` then the module will fail execution warning about the attribute. + +To further explain the execution of the module we will use the following +example. + +.. code-block:: yaml + + - hosts: citrix_adc + + gather_facts: False + vars_files: + - workflows.yaml + + tasks: + - name: Setup nitro resource lb group + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: present + + workflow: + lifecycle: object + endpoint: lbgroup + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - newname + + resource: + name: mylbgroup + timeout: 150 + + +When the ``state`` is ``present`` the resource will be created or updated +if it already exists. + +The existence of the resource is determined by the value of the ``name`` attribute +since it is the one identified by the ``primary_id_attribute`` parameter +of the workflow dictionary. + +The equality of the existing object on ADC with the configured object present +in the playbook is determined by comparing all the attributes present in the +playbook. + +If an object has more attributes than what is present in the playbook, defaults +are used as determined by the NITRO API on the target ADC. + +So if in our example a lbgroup with the name ``mylbgroup`` does not exist it will +be created with the initial attributes set as shown. + +If the lbgroup exists but the ``timeout`` parameter has a different value on the +target ADC then it will be updated. + +Any other attributes the ``lbgroup`` NITRO object may have are not taken into account. + +When the ``state`` parameter is set to ``absent`` then the object will either be deleted +if it already exists or there will be no NITRO call if it does not exist. + +For the existence only the ``primary_id_attribute`` is checked. +So in our example if there exists a lbgroup with name ``mylbgroup`` it will be deleted. +In this case all other attribute values are irrelevant. + +Idempotency and check mode +************************** + +The ``citrix_adc_nitro_resource`` module tries to execute with idempotency +and also supports check mode. + +Nevertheless there is a caveat with that statement. + +Idempotency, and conversely correct operation of the check mode, depends +on the final values the NITRO object will have once configured on the target +ADC. + +If for example numeric value is stored as string but in the playboook parameter +is given as an integer then subsequent runs of the same playbook will update the +object and report so in the cli output. + +So in our previous example if the lbgroup ``timeout`` value is stored as a string +while it is defined as an integer the playbook execution will not be idempotent. + +One way around this would be to coerce the value to be string like so + +.. code-block:: yaml + + timeout: !!str 150 + +If you find you execute the same playbook but each time it reports updates then +running ``ansible-playbook`` with the ``-vvv`` option and looking at the output +will give you a clue as to what is going on under the hood. + +You should see a debug message like the following. + +.. code-block:: text + + "Attribute \"port\" differs. Playbook parameter: () 8080. Retrieved NITRO object: () 8080", + +There may also be other reasons for idempotency failure. + +Scanning through the detailed output of the playbook run will give clues as to +what was the difference that prompted an update. + +``binding`` lifecycle +~~~~~~~~~~~~~~~~~~~~~ + +The ``binding`` lifecycle is usually relevant to NITRO objects +that implement bindings between two other NITRO objects. + +These objects are the way the ``bind`` nscli commands are +implemented in NITRO API. + +We will be using the following example for this section. + + +.. code-block:: yaml + + - name: Setup lbgroup lbvserver binding + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: + lifecycle: binding + endpoint: lbgroup_lbvserver_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - vservername + + resource: + name: mylbgroup + vservername: resource-lb-vserver + +The ``endpoint`` parameter defines part of the url that will be used. +``bound_resource_missing_errorcode`` defines the NITRO error code that +will be returned when the bound object is not already configured. + +As we said this type of object implement the ``bind`` nscli commands. +As in the ``bind`` command there is a main object that other object are +bound to. + +In NITRO API when determining if the binding should be created we +retrieve a list of existing bindings from this main object. +This parameter value allows us to not abort execution when the main +object does not exist. + +This is useful for the module when running in check mode and you want +to identify if the particular binding should be created. + +If at the time of creation the main object still does not exist then +the module will fail. + +``primary_id_attribute`` identifies the attribute that is used as the +main id for the binding. It is used to identify existence of a binding +object and retrieving the existing bindings from the main object. + +``delete_id_attributes`` is a list of attributes that will be used +to identify the binding object as distinct from other bindings to +the same main object. The name comes from the fact that these attributes +must be present on the url when doing a DELETE operation. + +To determine existence of a binding we compare the set of attribute +values for ``primary_id_attribute`` and ``delete_id_attributes`` that +are present in the resource dictionary. + +It is a good practice to define as many of the ``delete_id_attributes`` for +the binding as possible since this will avoid falsely determining the existence +of a binding. + +If we find that an existing binding has the same values for these attributes +then we mark the binding as existing. + +For binding equality the process is the same as the ``object`` lifecycle. + +We compare all the present attributes to the same attributes of the configured +object. If there is a mismatch in any of these we update the binding. +Note that ``binding`` objects do not have an update NITRO API operation, so +updating one means deleting the existing binding and recreating it with +the configured attributes. + +For ``state`` ``absent`` we determine the existence as before and if we find +there is a configured binding on the target ADC we delete it. + + +``bindings_list`` lifecycle +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``bindings_list`` lifecycle is not a new kind of object +rather than an iteration on the ``binding`` lifecycle. + +It accepts a list of bindings as a resource and then +tries to limit the bindings of the main object to that +exact list, deleting extraneous bindings, creating missing ones +and updating ones that are different. + +We will be using the following example in explaining the operation + +.. code-block:: yaml + + - name: Setup lbgroup lbvserver binding + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: + lifecycle: bindings_list + binding_workflow: + lifecycle: binding + endpoint: lbgroup_lbvserver_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - vservername + + resource: + bindings_list: + - name: mylbgroup + vservername: resource-lb-vserver-1 + - name: mylbgroup + vservername: resource-lb-vserver-2 + + +As seen in the sample we have the workflow dictionary +slightly modified for this kind of lifecycle. + +We set ``lifecycle`` to the ``bindings_list`` value and then +in the ``binding_workflow`` we provide the same dictionary +we would provide for a single ``binding`` lifecycle call. + +In ``resource`` we provide the list of bindings in the ``bindings_list`` +dictionary key. + +Handling of the creation, update and deletion of each item in the list +is the same as if we were doing ``bidning`` lifecycle calls for each one. + +The extra step is that the module in this lifecycle will first get +a list of existing bindings for the main object and then try to match +this list exactly to what we have in our configured list. + + +``non_updateable_object`` lifecycle +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``non_updateable_object`` is a lifecycle similar +to the ``object`` lifecycle. + +It applies to standalone NITRO API objects. +The main difference is that these objects do not have an +update NITRO operation so if an update is needed then +the object is first deleted and then recreated. + +A sample playbook is shown below. + +.. code-block:: yaml + + - name: Setup lbroute + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: + lifecycle: non_updateable_object + endpoint: lbroute + primary_id_attribute: network + resource_missing_errorcode: 258 + delete_id_attributes: + - netmask + - td + + resource: + network: 193.168.1.0 + netmask: 255.255.255.0 + gatewayname: lbroute-gw-lbvserver + + +``primary_id_attribute`` is used to determine the existence of the object +in combination with ``delete_id_attributes``. +Existence is the same as in the ``binding`` lifecycle. That is +we gather all existing ``primary_id_attribute`` and ``delete_id_attributes`` values +we have in the playbook and compare them to the existing objects on the target ADC. + +``endpoint`` identifies the NITRO object and part of the url used. + +As noted previously there is no real update operation as in the ``object`` lifecycle. +An update is implemented by deleting and recreating the object. + + +Other operations +~~~~~~~~~~~~~~~~ + +The ``citrix_adc_nitro_resource`` module does not perform any other actions on resources. + +For example you cannot use this module to disable a server on the target ADC. + +For advanced scenarios where there is the need to manage a NITRO object with the ``citrix_adc_nitro_resource`` +module and apply some other operations as well on the same object +we recommend using the ``citrix_adc_nitro_request`` module. diff --git a/docs/index.rst b/docs/index.rst index ca35a597f..9fc753dba 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -32,13 +32,15 @@ listed below. generic_modules/intro generic_modules/template_ns_conf generic_modules/nitro_api_calls + generic_modules/nitro_resource .. toctree:: :maxdepth: 2 :caption: Module Documentation general - modules/modules_by_category + modules/list_of_all_modules + modules/list_of_network_modules .. toctree:: :maxdepth: 2 diff --git a/docs/modules/citrix_adc_appfw_confidfield_module.rst b/docs/modules/citrix_adc_appfw_confidfield_module.rst index 85b4a8b58..30505434d 100644 --- a/docs/modules/citrix_adc_appfw_confidfield_module.rst +++ b/docs/modules/citrix_adc_appfw_confidfield_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_confidfield.py - :orphan: .. _citrix_adc_appfw_confidfield_module: - -citrix_adc_appfw_confidfield - Configuration for configured confidential form fields resource -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_confidfield - Configuration for configured confidential form fields resource. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_confidfield - Configuration for configured confidential form fi :local: :depth: 2 - Synopsis -------- - Configuration for configured confidential form fields resource. @@ -25,232 +21,128 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the form field designation.
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
- fieldname -
str
 - -
Name of the form field to designate as confidential.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- isregex -
str
 -
    Choices: -
  • REGEX
    • -
  • NOTREGEX
    • -
- 		-
Method of specifying the form field name. Available settings function as follows:
-
* REGEX. Form field is a regular expression.
-
* NOTREGEX. Form field is a literal string.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- url -
str
 - -
URL of the web page that contains the web form.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the form field designation. + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - fieldname + + *(str)* + - + - Name of the form field to designate as confidential. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - isregex + + *(str)* + - Choices: + + - REGEX + - NOTREGEX + - Method of specifying the form field name. Available settings function as follows: + + * REGEX. Form field is a regular expression. + + * NOTREGEX. Form field is a literal string. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - url + + *(str)* + - + - URL of the web page that contains the web form. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup confidential field id @@ -266,76 +158,30 @@ Examples comment: 'conf id field comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_fieldtype_module.rst b/docs/modules/citrix_adc_appfw_fieldtype_module.rst index 83abdb2bb..622d9ed07 100644 --- a/docs/modules/citrix_adc_appfw_fieldtype_module.rst +++ b/docs/modules/citrix_adc_appfw_fieldtype_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_fieldtype.py - :orphan: .. _citrix_adc_appfw_fieldtype_module: - -citrix_adc_appfw_fieldtype - Configuration for application firewall form field type resource -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_fieldtype - Configuration for application firewall form field type resource. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_fieldtype - Configuration for application firewall form field t :local: :depth: 2 - Synopsis -------- - Configuration for application firewall form field type resource. @@ -25,229 +21,125 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Comment describing the type of field that this field type is intended to match.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name for the field type.
-
Must begin with a letter, number, or the underscore character (_), and must contain only letters, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore Cannot be changed after the field type is added.
-
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks (for "my field type" or 'my field type').
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nocharmaps -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
will not show internal field types added as part of FieldFormat learn rules deployment
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- priority -
str
 - -
Positive integer specifying the priority of the field type. A lower number specifies a higher Field types are checked in the order of their priority numbers.
-
- regex -
str
 - -
PCRE - format regular expression defining the characters and length allowed for this field type.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Comment describing the type of field that this field type is intended to match. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Name for the field type. + + Must begin with a letter, number, or the underscore character (_), and must contain only letters, and the hyphen (-), period (.) pound (#), space ( ), at (@), equals (=), colon (:), and underscore Cannot be changed after the field type is added. + + + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks (for "my field type" or 'my field type'). + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nocharmaps + + *(bool)* + - + - will not show internal field types added as part of FieldFormat learn rules deployment + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - priority + + *(str)* + - + - Positive integer specifying the priority of the field type. A lower number specifies a higher Field types are checked in the order of their priority numbers. + * - regex + + *(str)* + - + - PCRE - format regular expression defining the characters and length allowed for this field type. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup an AppFW fieldtype @@ -263,76 +155,30 @@ Examples comment: 'some comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_global_bindings_module.rst b/docs/modules/citrix_adc_appfw_global_bindings_module.rst index 152bd9f60..d722e1bb1 100644 --- a/docs/modules/citrix_adc_appfw_global_bindings_module.rst +++ b/docs/modules/citrix_adc_appfw_global_bindings_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_appfw_global_bindings.py - :orphan: .. _citrix_adc_appfw_global_bindings_module: - citrix_adc_appfw_global_bindings - Define global bindings for AppFW +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_appfw_global_bindings - Define global bindings for AppFW :local: :depth: 2 - Synopsis -------- - Define global bindings for AppFW @@ -26,395 +22,125 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- appfwpolicy_bindings - - -
appfwpolicy bindings
-
- mode - -
    Choices: -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
policyname
-
priority
-
gotopriorityexpression
-
invoke
-
state
-
labeltype
-
labelname
-
type
-
globalbindtype
-
- auditnslogpolicy_bindings - - -
auditnslogpolicy bindings
-
- mode - -
    Choices: -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
policyname
-
priority
-
state
-
type
-
gotopriorityexpression
-
invoke
-
labeltype
-
labelname
-
- auditsyslogpolicy_bindings - - -
auditsyslogpolicy bindings
-
- mode - -
    Choices: -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
policyname
-
priority
-
state
-
type
-
gotopriorityexpression
-
invoke
-
labeltype
-
labelname
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - appfwpolicy_bindings + - + - appfwpolicy bindings + * - auditnslogpolicy_bindings + - + - auditnslogpolicy bindings + * - auditsyslogpolicy_bindings + - + - auditsyslogpolicy bindings + * - instance_ip -Examples --------- + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. -.. code-block:: yaml+jinja + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call - + *(bool)* + *(added in 2.6.0)* + - Default: + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: -.. raw:: html + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

+ *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config -Status ------- + *(bool)* + - Default: + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + When present the resource will be created if needed and configured according to the module's parameters. + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: -Maintenance ------------ + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +Examples +-------- + +.. code-block:: yaml+jinja + + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_htmlerrorpage_module.rst b/docs/modules/citrix_adc_appfw_htmlerrorpage_module.rst index 1daf45199..d56d8a044 100644 --- a/docs/modules/citrix_adc_appfw_htmlerrorpage_module.rst +++ b/docs/modules/citrix_adc_appfw_htmlerrorpage_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_htmlerrorpage.py - :orphan: .. _citrix_adc_appfw_htmlerrorpage_module: - -citrix_adc_appfw_htmlerrorpage - Configuration for configured confidential form fields resource -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_htmlerrorpage - Configuration for configured confidential form fields resource. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_htmlerrorpage - Configuration for configured confidential form :local: :depth: 2 - Synopsis -------- - Configuration for configured confidential form fields resource. @@ -25,236 +21,133 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the HTML error object.
-
Maximum length = 128
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name of the XML error object to remove.
-
Minimum length = 1
-
Maximum length = 31
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- overwrite -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Overwrite any existing HTML error object of the same name.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- src -
str
 - -
URL (protocol, host, path, and name) for the location at which to store the imported HTML error
-
NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access.
-
Minimum length = 1
-
Maximum length = 2047
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the HTML error object. + + Maximum length = 128 + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Name of the XML error object to remove. + + Minimum length = 1 + + Maximum length = 31 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - overwrite + + *(bool)* + - + - Overwrite any existing HTML error object of the same name. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - src + + *(str)* + - + - URL (protocol, host, path, and name) for the location at which to store the imported HTML error + + NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access. + + Minimum length = 1 + + Maximum length = 2047 + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup confidential field id @@ -270,76 +163,30 @@ Examples comment: 'conf id field comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_jsoncontenttype_module.rst b/docs/modules/citrix_adc_appfw_jsoncontenttype_module.rst index b7a3d55f6..eb24053d8 100644 --- a/docs/modules/citrix_adc_appfw_jsoncontenttype_module.rst +++ b/docs/modules/citrix_adc_appfw_jsoncontenttype_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_jsoncontenttype.py - :orphan: .. _citrix_adc_appfw_jsoncontenttype_module: - -citrix_adc_appfw_jsoncontenttype - Configuration for JSON content type resource -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_jsoncontenttype - Configuration for JSON content type resource. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_jsoncontenttype - Configuration for JSON content type resource :local: :depth: 2 - Synopsis -------- - Configuration for JSON content type resource. @@ -25,195 +21,105 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- isregex -
str
 -
    Choices: -
  • REGEX
    • -
  • NOTREGEX
    • -
- 		-
Is json content type a regular expression?
-
- jsoncontenttypevalue -
str
 - -
Content type to be classified as JSON
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - isregex + + *(str)* + - Choices: + + - REGEX + - NOTREGEX + - Is json content type a regular expression? + * - jsoncontenttypevalue + + *(str)* + - + - Content type to be classified as JSON + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup json content type @@ -227,76 +133,30 @@ Examples isregex: REGEX - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_learningsettings_module.rst b/docs/modules/citrix_adc_appfw_learningsettings_module.rst index 2758061ec..86db3a07b 100644 --- a/docs/modules/citrix_adc_appfw_learningsettings_module.rst +++ b/docs/modules/citrix_adc_appfw_learningsettings_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_learningsettings.py - :orphan: .. _citrix_adc_appfw_learningsettings_module: - -citrix_adc_appfw_learningsettings - Configuration for learning settings resource -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_learningsettings - Configuration for learning settings resource. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_learningsettings - Configuration for learning settings resource :local: :depth: 2 - Synopsis -------- - Configuration for learning settings resource. @@ -25,401 +21,207 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- contenttypeminthreshold -
str
 - -
Minimum threshold to learn Content Type information.
-
- contenttypepercentthreshold -
str
 - -
Minimum threshold in percent to learn Content Type information.
-
- cookieconsistencyminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn
-
- cookieconsistencypercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular cookie pattern for learning engine to learn that cookie.
-
- creditcardnumberminthreshold -
str
 - -
Minimum threshold to learn Credit Card information.
-
- creditcardnumberpercentthreshold -
str
 - -
Minimum threshold in percent to learn Credit Card information.
-
- crosssitescriptingminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn HTML scripting patterns.
-
- crosssitescriptingpercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular cross-site pattern for the learning engine to learn that cross-site scripting pattern.
-
- csrftagminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn request forgery (CSRF) tags.
-
- csrftagpercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular CSRF tag for the engine to learn that CSRF tag.
-
- fieldconsistencyminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn field information.
-
- fieldconsistencypercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular field consistency for the learning engine to learn that field consistency pattern.
-
- fieldformatminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn field
-
- fieldformatpercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular web form field for the learning engine to recommend a field format for that form field.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- profilename -
str
 - -
Name of the profile.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- sqlinjectionminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn HTML injection patterns.
-
- sqlinjectionpercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular HTML SQL injection for the learning engine to learn that HTML SQL injection pattern.
-
- starturlminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn start
-
- starturlpercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular start URL pattern the learning engine to learn that start URL.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- xmlattachmentminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn XML patterns.
-
- xmlattachmentpercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular XML attachment for the learning engine to learn that XML attachment pattern.
-
- xmlwsiminthreshold -
str
 - -
Minimum number of application firewall sessions that the learning engine must observe to learn web interoperability (WSI) information.
-
- xmlwsipercentthreshold -
str
 - -
Minimum percentage of application firewall sessions that must contain a particular pattern for the engine to learn a web services interoperability (WSI) pattern.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - contenttypeminthreshold + + *(str)* + - + - Minimum threshold to learn Content Type information. + * - contenttypepercentthreshold + + *(str)* + - + - Minimum threshold in percent to learn Content Type information. + * - cookieconsistencyminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn + * - cookieconsistencypercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular cookie pattern for learning engine to learn that cookie. + * - creditcardnumberminthreshold + + *(str)* + - + - Minimum threshold to learn Credit Card information. + * - creditcardnumberpercentthreshold + + *(str)* + - + - Minimum threshold in percent to learn Credit Card information. + * - crosssitescriptingminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn HTML scripting patterns. + * - crosssitescriptingpercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular cross-site pattern for the learning engine to learn that cross-site scripting pattern. + * - csrftagminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn request forgery (CSRF) tags. + * - csrftagpercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular CSRF tag for the engine to learn that CSRF tag. + * - fieldconsistencyminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn field information. + * - fieldconsistencypercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular field consistency for the learning engine to learn that field consistency pattern. + * - fieldformatminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn field + * - fieldformatpercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular web form field for the learning engine to recommend a field format for that form field. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - profilename + + *(str)* + - + - Name of the profile. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - sqlinjectionminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn HTML injection patterns. + * - sqlinjectionpercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular HTML SQL injection for the learning engine to learn that HTML SQL injection pattern. + * - starturlminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn start + * - starturlpercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular start URL pattern the learning engine to learn that start URL. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - xmlattachmentminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn XML patterns. + * - xmlattachmentpercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular XML attachment for the learning engine to learn that XML attachment pattern. + * - xmlwsiminthreshold + + *(str)* + - + - Minimum number of application firewall sessions that the learning engine must observe to learn web interoperability (WSI) information. + * - xmlwsipercentthreshold + + *(str)* + - + - Minimum percentage of application firewall sessions that must contain a particular pattern for the engine to learn a web services interoperability (WSI) pattern. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup learning settings @@ -429,7 +231,7 @@ Examples nitro_pass: nsroot nsip: 192.168.1.2 state: present - + profilename: test_profile starturlminthreshold: 100 starturlpercentthreshold: 100 @@ -455,76 +257,30 @@ Examples xmlattachmentpercentthreshold: 100 - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_policy_module.rst b/docs/modules/citrix_adc_appfw_policy_module.rst index 6118dfefa..c9af991a1 100644 --- a/docs/modules/citrix_adc_appfw_policy_module.rst +++ b/docs/modules/citrix_adc_appfw_policy_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_policy.py - :orphan: .. _citrix_adc_appfw_policy_module: - -citrix_adc_appfw_policy - Manage Citrix ADC Web Application Firewall policies -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_policy - Manage Citrix ADC Web Application Firewall policies. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_policy - Manage Citrix ADC Web Application Firewall policies :local: :depth: 2 - Synopsis -------- - Manage Citrix ADC Web Application Firewall policies. @@ -27,222 +23,122 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the policy for later reference.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- logaction -
str
 - -
Where to log information for connections that match this policy.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name for the policy.
-
Must begin with a letter, number, or the underscore character \(_\), and must contain only letters, and the hyphen \(-\), period \(.\) pound \(\#\), space \( \), at (@), equals \(=\), colon \(:\), and characters. Can be changed after the policy is created.
-
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks \(for "my policy" or 'my policy'\).
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- profilename -
str
 - -
Name of the application firewall profile to use if the policy matches.
-
- rule -
str
 - -
Name of the NetScaler named rule, or a NetScaler default syntax expression, that the policy uses to whether to filter the connection through the application firewall with the designated profile.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the policy for later reference. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - logaction + + *(str)* + - + - Where to log information for connections that match this policy. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Name for the policy. + + Must begin with a letter, number, or the underscore character \(_\), and must contain only letters, and the hyphen \(-\), period \(.\) pound \(\#\), space \( \), at (@), equals \(=\), colon \(:\), and characters. Can be changed after the policy is created. + + + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks \(for "my policy" or 'my policy'\). + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - profilename + + *(str)* + - + - Name of the application firewall profile to use if the policy matches. + * - rule + + *(str)* + - + - Name of the NetScaler named rule, or a NetScaler default syntax expression, that the policy uses to whether to filter the connection through the application firewall with the designated profile. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup appfw policy delegate_to: localhost @@ -255,7 +151,7 @@ Examples rule: 'HTTP.REQ.HOSTNAME.DOMAIN.EQ("blog.example.com")' profilename: APPFW_BLOCK comment: 'policy test comment' - + - name: Remove appfw policy delegate_to: localhost citrix_adc_appfw_policy: @@ -266,76 +162,30 @@ Examples name: policy_integration_test - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_policylabel_module.rst b/docs/modules/citrix_adc_appfw_policylabel_module.rst index 497e8067f..125d94ae9 100644 --- a/docs/modules/citrix_adc_appfw_policylabel_module.rst +++ b/docs/modules/citrix_adc_appfw_policylabel_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_policylabel.py - :orphan: .. _citrix_adc_appfw_policylabel_module: - -citrix_adc_appfw_policylabel - Manage Citrix ADC Web Application Firewall policy labels -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_policylabel - Manage Citrix ADC Web Application Firewall policy labels. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_policylabel - Manage Citrix ADC Web Application Firewall policy :local: :depth: 2 - Synopsis -------- - Manage Citrix ADC Web Application Firewall policy labels. @@ -27,191 +23,101 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- labelname -
str
 - -
Name of the policy label to invoke if the current policy evaluates to TRUE, the invoke parameter is and Label Type is set to Policy Label.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- policylabeltype -
str
 -
    Choices: -
  • http_req
    • -
- 		-
Type of transformations allowed by the policies bound to the label. Always http_req for application policy labels.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - labelname + + *(str)* + - + - Name of the policy label to invoke if the current policy evaluates to TRUE, the invoke parameter is and Label Type is set to Policy Label. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - policylabeltype + + *(str)* + - Choices: + + - http_req + - Type of transformations allowed by the policies bound to the label. Always http_req for application policy labels. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup policy label delegate_to: localhost @@ -222,7 +128,7 @@ Examples state: present labelname: test_label_name policylabeltype: http_req - + - name: Remove policy label delegate_to: localhost citrix_adc_appfw_policylabel: @@ -232,79 +138,33 @@ Examples state: absent labelname: test_label_name policylabeltype: http_req - - - + Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_profile_module.rst b/docs/modules/citrix_adc_appfw_profile_module.rst index 19b9e97db..4bde16d71 100644 --- a/docs/modules/citrix_adc_appfw_profile_module.rst +++ b/docs/modules/citrix_adc_appfw_profile_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_profile.py - :orphan: .. _citrix_adc_appfw_profile_module: - -citrix_adc_appfw_profile - Manage Citrix ADC Web Application Firewall profiles -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_profile - Manage Citrix ADC Web Application Firewall profiles. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_profile - Manage Citrix ADC Web Application Firewall profiles :local: :depth: 2 - Synopsis -------- - Manage Citrix ADC Web Application Firewall profiles. @@ -28,2595 +24,1169 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- addcookieflags -
str
 -
    Choices: -
  • none
    • -
  • httpOnly
    • -
  • secure
    • -
  • all
    • -
- 		-
Add the specified flags to cookies. Available settings function as follows:
-
* None - Do not add flags to cookies.
-
* HTTP Only - Add the HTTP Only flag to cookies, which prevents scripts from accessing cookies.
-
* Secure - Add Secure flag to cookies.
-
* All - Add both HTTPOnly and Secure flags to cookies.
-
- archivename -
str
 - -
Source for tar archive.
-
- bufferoverflowaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Buffer Overflow actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -bufferOverflowAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -bufferOverflowAction none".
-
- bufferoverflowmaxcookielength -
str
 - -
Maximum length, in characters, for cookies sent to your protected web sites. Requests with longer are blocked.
-
- bufferoverflowmaxheaderlength -
str
 - -
Maximum length, in characters, for HTTP headers in requests sent to your protected web sites. with longer headers are blocked.
-
- bufferoverflowmaxurllength -
str
 - -
Maximum length, in characters, for URLs on your protected web sites. Requests with longer URLs are
-
- canonicalizehtmlresponse -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Perform HTML entity encoding for any special characters in responses sent by your protected web
-
- checkrequestheaders -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Check request headers as well as web forms for injected SQL and cross-site scripts.
-
- comment -
str
 - -
Any comments about the purpose of profile, or other useful information about the profile.
-
- contenttype_bindings - - -
contenttype bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
contenttype
-
state
-
comment
-
- contenttypeaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Content-type actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -contentTypeaction" followed by the to be enabled. To turn off all actions, type "set appfw profile -contentTypeaction none".
-
- cookieconsistency_bindings - - -
cookieconsistency bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
cookieconsistency
-
isregex
-
state
-
comment
-
- cookieconsistencyaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Cookie Consistency actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -cookieConsistencyAction" followed the actions to be enabled. To turn off all actions, type "set appfw profile -cookieConsistencyAction
-
- cookieencryption -
str
 -
    Choices: -
  • none
    • -
  • decryptOnly
    • -
  • encryptSessionOnly
    • -
  • encryptAll
    • -
- 		-
Type of cookie encryption. Available settings function as follows:
-
* None - Do not encrypt cookies.
-
* Decrypt Only - Decrypt encrypted cookies, but do not encrypt cookies.
-
* Encrypt Session Only - Encrypt session cookies, but not permanent cookies.
-
* Encrypt All - Encrypt all cookies.
-
- cookieproxying -
str
 -
    Choices: -
  • none
    • -
  • sessionOnly
    • -
- 		-
Cookie proxy setting. Available settings function as follows:
-
* None - Do not proxy cookies.
-
* Session Only - Proxy session cookies by using the NetScaler session ID, but do not proxy permanent
-
- cookietransforms -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Perform the specified type of cookie transformation.
-
Available settings function as follows:
-
* Encryption - Encrypt cookies.
-
* Proxying - Mask contents of server cookies by sending proxy cookie to users.
-
* Cookie flags - Flag cookies as HTTP only to prevent scripts on user's browser from accessing and modifying them.
-
CAUTION: Make sure that this parameter is set to ON if you are configuring any cookie If it is set to OFF, no cookie transformations are performed regardless of any other settings.
-
- creditcard -
list
 -
    Choices: -
  • none
    • -
  • visa
    • -
  • mastercard
    • -
  • discover
    • -
  • amex
    • -
  • jcb
    • -
  • dinersclub
    • -
- 		-
Credit card types that the application firewall should protect.
-
- creditcardaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Credit Card actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -creditCardAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -creditCardAction none".
-
- creditcardmaxallowed -
str
 - -
This parameter value is used by the block action. It represents the maximum number of credit card that can appear on a web page served by your protected web sites. Pages that contain more credit card are blocked.
-
- creditcardnumber_bindings - - -
creditcardnumber bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
creditcardnumber
-
creditcardnumberurl
-
state
-
comment
-
- creditcardxout -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Mask any credit card number detected in a response by replacing each digit, except the digits in the group, with the letter "X."
-
- crosssitescripting_bindings - - -
crosssitescripting bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
crosssitescripting
-
isregex_xss
-
formactionurl_xss
-
as_scan_location_xss
-
as_value_type_xss
-
as_value_expr_xss
-
isvalueregex_xss
-
state
-
comment
-
- crosssitescriptingaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Cross-Site Scripting (XSS) actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -crossSiteScriptingAction" followed the actions to be enabled. To turn off all actions, type "set appfw profile -crossSiteScriptingAction
-
- crosssitescriptingcheckcompleteurls -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Check complete URLs for cross-site scripts, instead of just the query portions of URLs.
-
- crosssitescriptingtransformunsafehtml -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Transform cross-site scripts. This setting configures the application firewall to disable dangerous instead of blocking the request.
-
CAUTION: Make sure that this parameter is set to ON if you are configuring any cross-site scripting If it is set to OFF, no cross-site scripting transformations are performed regardless of any other
-
- csrftag_bindings - - -
csrftag bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
csrftag
-
csrfformactionurl
-
state
-
comment
-
- csrftagaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Cross-Site Request Forgery (CSRF) Tagging actions. Available settings function as
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -CSRFTagAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -CSRFTagAction none".
-
- customsettings -
str
 - -
Object name for custom settings.
-
This check is applicable to Profile Type: HTML, XML.
-
- defaultcharset -
str
 - -
Default character set for protected web pages. Web pages sent by your protected web sites in response user requests are assigned this character set if the page does not already specify a character set. character sets supported by the application firewall are:
-
* iso-8859-1 (English US)
-
* big5 (Chinese Traditional)
-
* gb2312 (Chinese Simplified)
-
* sjis (Japanese Shift-JIS)
-
* euc-jp (Japanese EUC-JP)
-
* iso-8859-9 (Turkish)
-
* utf-8 (Unicode)
-
* euc-kr (Korean)
-
- defaultfieldformatmaxlength -
str
 - -
Maximum length, in characters, for data entered into a field that is assigned the default field type.
-
- defaultfieldformatminlength -
str
 - -
Minimum length, in characters, for data entered into a field that is assigned the default field type.
-
To disable the minimum and maximum length settings and allow data of any length to be entered into field, set this parameter to zero (0).
-
- defaultfieldformattype -
str
 - -
Designate a default field type to be applied to web form fields that do not have a field type assigned to them.
-
- defaults -
str
 -
    Choices: -
  • basic
    • -
  • advanced
    • -
- 		-
Default configuration to apply to the profile. Basic defaults are intended for standard content that little further configuration, such as static web site content. Advanced defaults are intended for content that requires significant specialized configuration, such as heavily scripted or dynamic
-
-
CLI users: When adding an application firewall profile, you can set either the defaults or the type, not both. To set both options, create the profile by using the add appfw profile command, and then the set appfw profile command to configure the other option.
-
- denyurl_bindings - - -
denyurl bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
denyurl
-
state
-
comment
-
- denyurlaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Deny URL actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
NOTE: The Deny URL check takes precedence over the Start URL check. If you enable blocking for the URL check, the application firewall blocks any URL that is explicitly blocked by a Deny URL, even if same URL would otherwise be allowed by the Start URL check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -denyURLaction" followed by the to be enabled. To turn off all actions, type "set appfw profile -denyURLaction none".
-
- dosecurecreditcardlogging -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Setting this option logs credit card numbers in the response when the match is found.
-
- enableformtagging -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable tagging of web form fields for use by the Form Field Consistency and CSRF Form Tagging checks.
-
- errorurl -
str
 - -
URL that application firewall uses as the Error URL.
-
- excludefileuploadfromchecks -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Exclude uploaded files from Form checks.
-
- excluderescontenttype_bindings - - -
excluderescontenttype bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
excluderescontenttype
-
state
-
comment
-
- exemptclosureurlsfromsecuritychecks -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Exempt URLs that pass the Start URL closure check from SQL injection, cross-site script, field format field consistency security checks at locations other than headers.
-
- fieldconsistency_bindings - - -
fieldconsistency bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
fieldconsistency
-
isregex_ffc
-
formactionurl_ffc
-
state
-
comment
-
- fieldconsistencyaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Form Field Consistency actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -fieldConsistencyaction" followed the actions to be enabled. To turn off all actions, type "set appfw profile -fieldConsistencyAction
-
- fieldformat_bindings - - -
fieldformat bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
fieldformat
-
isregex_ff
-
formactionurl_ff
-
fieldtype
-
fieldformatminlength
-
fieldformatmaxlength
-
state
-
comment
-
- fieldformataction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Field Format actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of suggested web form fields and field format
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -fieldFormatAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -fieldFormatAction none".
-
- fileuploadmaxnum -
str
 - -
Maximum allowed number of file uploads per form-submission request. The maximum setting (65535) an unlimited number of uploads.
-
- htmlerrorobject -
str
 - -
Name to assign to the HTML Error Object.
-
Must begin with a letter, number, or the underscore character \(_\), and must contain only letters, and the hyphen \(-\), period \(.\) pound \(\#\), space \( \), at (@), equals \(=\), colon \(:\), and characters. Cannot be changed after the HTML error object is added.
-
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks \(for "my HTML error object" or 'my HTML error object'\).
-
- inspectcontenttypes -
list
 -
    Choices: -
  • none
    • -
  • application/x-www-form-urlencoded
    • -
  • multipart/form-data
    • -
  • text/x-gwt-rpc
    • -
- 		-
One or more InspectContentType lists.
-
* application/x-www-form-urlencoded
-
* multipart/form-data
-
* text/x-gwt-rpc
-
-
CLI users: To enable, type "set appfw profile -InspectContentTypes" followed by the content types to inspected.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- invalidpercenthandling -
str
 -
    Choices: -
  • apache_mode
    • -
  • asp_mode
    • -
  • secure_mode
    • -
- 		-
Configure the method that the application firewall uses to handle percent-encoded names and values. settings function as follows:
-
* apache_mode - Apache format.
-
* asp_mode - Microsoft ASP format.
-
* secure_mode - Secure format.
-
- logeverypolicyhit -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Log every profile match, regardless of security checks results.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- multipleheaderaction -
list
 -
    Choices: -
  • block
    • -
  • keepLast
    • -
  • log
    • -
  • none
    • -
- 		-
One or more multiple header actions. Available settings function as follows:
-
* Block - Block connections that have multiple headers.
-
* Log - Log connections that have multiple headers.
-
* KeepLast - Keep only last header when multiple headers are present.
-
-
CLI users: To enable one or more actions, type "set appfw profile -multipleHeaderAction" followed by actions to be enabled.
-
- name -
str
 - -
Name for the profile. Must begin with a letter, number, or the underscore character (_), and must only letters, numbers, and the hyphen (-), period (.), pound (#), space ( ), at (@), equals (=), (:), and underscore (_) characters. Cannot be changed after the profile is added.
-
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks (for "my profile" or 'my profile').
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- optimizepartialreqs -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Optimize handle of HTTP partial requests i.e. those with range headers.
-
Available settings are as follows:
-
* ON - Partial requests by the client result in partial requests to the backend server in most cases.
-
* OFF - Partial requests by the client are changed to full requests to the backend server
-
- percentdecoderecursively -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Configure whether the application firewall should use percentage recursive decoding
-
- postbodylimit -
str
 - -
Maximum allowed HTTP post body size, in bytes.
-
- refererheadercheck -
str
 -
    Choices: -
  • OFF
    • -
  • if_present
    • -
  • AlwaysExceptStartURLs
    • -
  • AlwaysExceptFirstRequest
    • -
- 		-
Enable validation of Referer headers.
-
Referer validation ensures that a web form that a user sends to your web site originally came from web site, not an outside attacker.
-
Although this parameter is part of the Start URL check, referer validation protects against request forgery (CSRF) attacks, not Start URL attacks.
-
- requestcontenttype -
str
 - -
Default Content-Type header for requests.
-
A Content-Type header can contain 0-255 letters, numbers, and the hyphen (-) and underscore (_)
-
- responsecontenttype -
str
 - -
Default Content-Type header for responses.
-
A Content-Type header can contain 0-255 letters, numbers, and the hyphen (-) and underscore (_)
-
- safeobject_bindings - - -
safeobject bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
safeobject
-
as_expression
-
maxmatchlength
-
action
-
state
-
comment
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- semicolonfieldseparator -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Allow ';' as a form field separator in URL queries and POST form bodies.
-
- sessionlessfieldconsistency -
str
 -
    Choices: -
  • OFF
    • -
  • ON
    • -
  • postOnly
    • -
- 		-
Perform sessionless Field Consistency Checks.
-
- sessionlessurlclosure -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable session less URL Closure Checks.
-
This check is applicable to Profile Type: HTML.
-
- signatures -
str
 - -
Object name for signatures.
-
This check is applicable to Profile Type: HTML, XML.
-
- sqlinjection_bindings - - -
sqlinjection bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
sqlinjection
-
isregex_sql
-
formactionurl_sql
-
as_scan_location_sql
-
as_value_type_sql
-
as_value_expr_sql
-
isvalueregex_sql
-
state
-
comment
-
- sqlinjectionaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more HTML SQL Injection actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -SQLInjectionAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -SQLInjectionAction none".
-
- sqlinjectionchecksqlwildchars -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Check for form fields that contain SQL wild chars .
-
- sqlinjectiononlycheckfieldswithsqlchars -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Check only form fields that contain SQL special strings (characters) for injected SQL code.
-
Most SQL servers require a special string to activate an SQL request, so SQL code without a special is harmless to most SQL servers.
-
- sqlinjectionparsecomments -
str
 -
    Choices: -
  • checkall
    • -
  • ansi
    • -
  • nested
    • -
  • ansinested
    • -
- 		-
Parse HTML comments and exempt them from the HTML SQL Injection check. You must specify the type of that the application firewall is to detect and exempt from this security check. Available settings as follows:
-
* Check all - Check all content.
-
* ANSI - Exempt content that is part of an ANSI (Mozilla-style) comment.
-
* Nested - Exempt content that is part of a nested (Microsoft-style) comment.
-
* ANSI Nested - Exempt content that is part of any type of comment.
-
- sqlinjectiontransformspecialchars -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Transform injected SQL code. This setting configures the application firewall to disable SQL special instead of blocking the request. Since most SQL servers require a special string to activate an SQL in most cases a request that contains injected SQL code is safe if special strings are disabled.
-
CAUTION: Make sure that this parameter is set to ON if you are configuring any SQL injection If it is set to OFF, no SQL injection transformations are performed regardless of any other settings.
-
- sqlinjectiontype -
str
 -
    Choices: -
  • SQLSplChar
    • -
  • SQLKeyword
    • -
  • SQLSplCharORKeyword
    • -
  • SQLSplCharANDKeyword
    • -
- 		-
Available SQL injection types.
-
-SQLSplChar : Checks for SQL Special Chars
-
-SQLKeyword : Checks for SQL Keywords
-
-SQLSplCharANDKeyword : Checks for both and blocks if both are found
-
-SQLSplCharORKeyword : Checks for both and blocks if anyone is found
-
- starturl_bindings - - -
starturl bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
starturl
-
state
-
comment
-
- starturlaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Start URL actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -startURLaction" followed by the to be enabled. To turn off all actions, type "set appfw profile -startURLaction none".
-
- starturlclosure -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Toggle the state of Start URL Closure.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- streaming -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Setting this option converts content-length form submission requests (requests with content-type or "multipart/form-data") to chunked requests when atleast one of the following protections : SQL protection, XSS protection, form field consistency protection, starturl closure, CSRF tagging is Please make sure that the backend server accepts chunked requests before enabling this option.
-
- stripcomments -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Strip HTML comments.
-
This check is applicable to Profile Type: HTML.
-
- striphtmlcomments -
str
 -
    Choices: -
  • none
    • -
  • all
    • -
  • exclude_script_tag
    • -
- 		-
Strip HTML comments before forwarding a web page sent by a protected web site in response to a user
-
- stripxmlcomments -
str
 -
    Choices: -
  • none
    • -
  • all
    • -
- 		-
Strip XML comments before forwarding a web page sent by a protected web site in response to a user
-
- trace -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Toggle the state of trace
-
- trustedlearningclients_bindings - - -
trustedlearningclients bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
trustedlearningclients
-
state
-
comment
-
- type -
list
 -
    Choices: -
  • HTML
    • -
  • XML
    • -
- 		-
Application firewall profile type, which controls which security checks and settings are applied to that is filtered with the profile. Available settings function as follows:
-
* HTML - HTML-based web sites.
-
* XML - XML-based web sites and services.
-
* HTML XML (Web 2.0) - Sites that contain both HTML and XML content, such as ATOM feeds, blogs, and feeds.
-
- urldecoderequestcookies -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
URL Decode request cookies before subjecting them to SQL and cross-site scripting checks.
-
- usehtmlerrorobject -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Send an imported HTML Error object to a user when a request is blocked, instead of redirecting the to the designated Error URL.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- xmlattachmentaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more XML Attachment actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLAttachmentAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLAttachmentAction none".
-
- xmlattachmenturl_bindings - - -
xmlattachmenturl bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
xmlattachmenturl
-
xmlmaxattachmentsizecheck
-
xmlmaxattachmentsize
-
xmlattachmentcontenttypecheck
-
xmlattachmentcontenttype
-
state
-
comment
-
- xmldosaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more XML Denial-of-Service (XDoS) actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLDoSAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLDoSAction none".
-
- xmldosurl_bindings - - -
xmldosurl bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
xmldosurl
-
xmlmaxelementdepthcheck
-
xmlmaxelementdepth
-
xmlmaxelementnamelengthcheck
-
xmlmaxelementnamelength
-
xmlmaxelementscheck
-
xmlmaxelements
-
xmlmaxelementchildrencheck
-
xmlmaxelementchildren
-
xmlmaxnodescheck
-
xmlmaxnodes
-
xmlmaxentityexpansionscheck
-
xmlmaxentityexpansions
-
xmlmaxentityexpansiondepthcheck
-
xmlmaxentityexpansiondepth
-
xmlmaxattributescheck
-
xmlmaxattributes
-
xmlmaxattributenamelengthcheck
-
xmlmaxattributenamelength
-
xmlmaxattributevaluelengthcheck
-
xmlmaxattributevaluelength
-
xmlmaxnamespacescheck
-
xmlmaxnamespaces
-
xmlmaxnamespaceurilengthcheck
-
xmlmaxnamespaceurilength
-
xmlmaxchardatalengthcheck
-
xmlmaxchardatalength
-
xmlmaxfilesizecheck
-
xmlmaxfilesize
-
xmlminfilesizecheck
-
xmlminfilesize
-
xmlblockpi
-
xmlblockdtd
-
xmlblockexternalentities
-
xmlsoaparraycheck
-
xmlmaxsoaparraysize
-
xmlmaxsoaparrayrank
-
state
-
comment
-
- xmlerrorobject -
str
 - -
Name to assign to the XML Error Object, which the application firewall displays when a user request blocked.
-
Must begin with a letter, number, or the underscore character \(_\), and must contain only letters, and the hyphen \(-\), period \(.\) pound \(\#\), space \( \), at (@), equals \(=\), colon \(:\), and characters. Cannot be changed after the XML error object is added.
-
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks \(for "my XML error object" or 'my XML error object'\).
-
- xmlformataction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more XML Format actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLFormatAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLFormatAction none".
-
- xmlsoapfaultaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • log
    • -
  • remove
    • -
  • stats
    • -
- 		-
One or more XML SOAP Fault Filtering actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
* Remove - Remove all violations for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLSOAPFaultAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLSOAPFaultAction none".
-
- xmlsqlinjection_bindings - - -
xmlsqlinjection bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
xmlsqlinjection
-
isregex_xmlsql
-
as_scan_location_xmlsql
-
state
-
comment
-
- xmlsqlinjectionaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more XML SQL Injection actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLSQLInjectionAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLSQLInjectionAction none".
-
- xmlsqlinjectionchecksqlwildchars -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Check for form fields that contain SQL wild chars .
-
- xmlsqlinjectiononlycheckfieldswithsqlchars -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Check only form fields that contain SQL special characters, which most SQL servers require before an SQL command, for injected SQL.
-
- xmlsqlinjectionparsecomments -
str
 -
    Choices: -
  • checkall
    • -
  • ansi
    • -
  • nested
    • -
  • ansinested
    • -
- 		-
Parse comments in XML Data and exempt those sections of the request that are from the XML SQL check. You must configure the type of comments that the application firewall is to detect and exempt this security check. Available settings function as follows:
-
* Check all - Check all content.
-
* ANSI - Exempt content that is part of an ANSI (Mozilla-style) comment.
-
* Nested - Exempt content that is part of a nested (Microsoft-style) comment.
-
* ANSI Nested - Exempt content that is part of any type of comment.
-
- xmlsqlinjectiontype -
str
 -
    Choices: -
  • SQLSplChar
    • -
  • SQLKeyword
    • -
  • SQLSplCharORKeyword
    • -
  • SQLSplCharANDKeyword
    • -
- 		-
Available SQL injection types.
-
-SQLSplChar : Checks for SQL Special Chars
-
-SQLKeyword : Checks for SQL Keywords
-
-SQLSplCharANDKeyword : Checks for both and blocks if both are found
-
-SQLSplCharORKeyword : Checks for both and blocks if anyone is found
-
- xmlvalidationaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more XML Validation actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLValidationAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLValidationAction none".
-
- xmlvalidationurl_bindings - - -
xmlvalidationurl bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
xmlvalidationurl
-
xmlvalidateresponse
-
xmlwsdl
-
xmladditionalsoapheaders
-
xmlendpointcheck
-
xmlrequestschema
-
xmlresponseschema
-
xmlvalidatesoapenvelope
-
state
-
comment
-
- xmlwsiaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more Web Services Interoperability (WSI) actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Learn - Use the learning engine to generate a list of exceptions to this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLWSIAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLWSIAction none".
-
- xmlwsiurl_bindings - - -
xmlwsiurl bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
xmlwsiurl
-
xmlwsichecks
-
state
-
comment
-
- xmlxss_bindings - - -
xmlxss bindings
-
- mode - -
    Choices: -
  • exact
    • -
  • bind
    • -
  • unbind
    • -
- 		-
{'If mode is exact': None}
-
Any bindings existing in the target Citrix ADC that are not defined in the attributes list will be removed.
-
Any bindings not existing in the target Citrix ADC that are defined in the attributes list will be created.
-
Any existing bindings that are defined in the attributes list but have differing attribute values will first be deleted and then recreated with the defined attribute values.
-
{'If mode is bind': None}
-
Any bindings in the attributes list that do not exist will be created on the target Citrix ADC.
-
Any bindings defined in the attributes list that exist on the target Citrix ADC but have different attribute values will first be deleted and then recreated with the defined attribute values.
-
Existing bindings that are not on the attributes list remain unaffected.
-
{'If mode is unbind': None}
-
Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed.
-
Existing bindings that are not on the attributes list remain unaffected.
-
- attributes - - -
List of the attributes dictionaries for the bindings.
-
{'Valid attribute keys': None}
-
xmlxss
-
isregex_xmlxss
-
as_scan_location_xmlxss
-
state
-
comment
-
- xmlxssaction -
list
 -
    Choices: -
  • none
    • -
  • block
    • -
  • learn
    • -
  • log
    • -
  • stats
    • -
- 		-
One or more XML Cross-Site Scripting actions. Available settings function as follows:
-
* Block - Block connections that violate this security check.
-
* Log - Log violations of this security check.
-
* Stats - Generate statistics for this security check.
-
* None - Disable all actions for this security check.
-
-
CLI users: To enable one or more actions, type "set appfw profile -XMLXSSAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLXSSAction none".
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - addcookieflags + + *(str)* + - Choices: + + - none + - httpOnly + - secure + - all + - Add the specified flags to cookies. Available settings function as follows: + + * None - Do not add flags to cookies. + + * HTTP Only - Add the HTTP Only flag to cookies, which prevents scripts from accessing cookies. + + * Secure - Add Secure flag to cookies. + + * All - Add both HTTPOnly and Secure flags to cookies. + * - archivename + + *(str)* + - + - Source for tar archive. + * - bufferoverflowaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Buffer Overflow actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -bufferOverflowAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -bufferOverflowAction none". + * - bufferoverflowmaxcookielength + + *(str)* + - + - Maximum length, in characters, for cookies sent to your protected web sites. Requests with longer are blocked. + * - bufferoverflowmaxheaderlength + + *(str)* + - + - Maximum length, in characters, for HTTP headers in requests sent to your protected web sites. with longer headers are blocked. + * - bufferoverflowmaxurllength + + *(str)* + - + - Maximum length, in characters, for URLs on your protected web sites. Requests with longer URLs are + * - canonicalizehtmlresponse + + *(bool)* + - + - Perform HTML entity encoding for any special characters in responses sent by your protected web + * - checkrequestheaders + + *(bool)* + - + - Check request headers as well as web forms for injected SQL and cross-site scripts. + * - comment + + *(str)* + - + - Any comments about the purpose of profile, or other useful information about the profile. + * - contenttype_bindings + - + - contenttype bindings + * - contenttypeaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Content-type actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -contentTypeaction" followed by the to be enabled. To turn off all actions, type "set appfw profile -contentTypeaction none". + * - cookieconsistency_bindings + - + - cookieconsistency bindings + * - cookieconsistencyaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Cookie Consistency actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -cookieConsistencyAction" followed the actions to be enabled. To turn off all actions, type "set appfw profile -cookieConsistencyAction + * - cookieencryption + + *(str)* + - Choices: + + - none + - decryptOnly + - encryptSessionOnly + - encryptAll + - Type of cookie encryption. Available settings function as follows: + + * None - Do not encrypt cookies. + + * Decrypt Only - Decrypt encrypted cookies, but do not encrypt cookies. + + * Encrypt Session Only - Encrypt session cookies, but not permanent cookies. + + * Encrypt All - Encrypt all cookies. + * - cookieproxying + + *(str)* + - Choices: + + - none + - sessionOnly + - Cookie proxy setting. Available settings function as follows: + + * None - Do not proxy cookies. + + * Session Only - Proxy session cookies by using the NetScaler session ID, but do not proxy permanent + * - cookietransforms + + *(bool)* + - + - Perform the specified type of cookie transformation. + + Available settings function as follows: + + * Encryption - Encrypt cookies. + + * Proxying - Mask contents of server cookies by sending proxy cookie to users. + + * Cookie flags - Flag cookies as HTTP only to prevent scripts on user's browser from accessing and modifying them. + + CAUTION: Make sure that this parameter is set to ON if you are configuring any cookie If it is set to OFF, no cookie transformations are performed regardless of any other settings. + * - creditcard + + *(list)* + - Choices: + + - none + - visa + - mastercard + - discover + - amex + - jcb + - dinersclub + - Credit card types that the application firewall should protect. + * - creditcardaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Credit Card actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -creditCardAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -creditCardAction none". + * - creditcardmaxallowed + + *(str)* + - + - This parameter value is used by the block action. It represents the maximum number of credit card that can appear on a web page served by your protected web sites. Pages that contain more credit card are blocked. + * - creditcardnumber_bindings + - + - creditcardnumber bindings + * - creditcardxout + + *(bool)* + - + - Mask any credit card number detected in a response by replacing each digit, except the digits in the group, with the letter "X." + * - crosssitescripting_bindings + - + - crosssitescripting bindings + * - crosssitescriptingaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Cross-Site Scripting (XSS) actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -crossSiteScriptingAction" followed the actions to be enabled. To turn off all actions, type "set appfw profile -crossSiteScriptingAction + * - crosssitescriptingcheckcompleteurls + + *(bool)* + - + - Check complete URLs for cross-site scripts, instead of just the query portions of URLs. + * - crosssitescriptingtransformunsafehtml + + *(bool)* + - + - Transform cross-site scripts. This setting configures the application firewall to disable dangerous instead of blocking the request. + + CAUTION: Make sure that this parameter is set to ON if you are configuring any cross-site scripting If it is set to OFF, no cross-site scripting transformations are performed regardless of any other + * - csrftag_bindings + - + - csrftag bindings + * - csrftagaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Cross-Site Request Forgery (CSRF) Tagging actions. Available settings function as + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -CSRFTagAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -CSRFTagAction none". + * - customsettings + + *(str)* + - + - Object name for custom settings. + + This check is applicable to Profile Type: HTML, XML. + * - defaultcharset + + *(str)* + - + - Default character set for protected web pages. Web pages sent by your protected web sites in response user requests are assigned this character set if the page does not already specify a character set. character sets supported by the application firewall are: + + * iso-8859-1 (English US) + + * big5 (Chinese Traditional) + + * gb2312 (Chinese Simplified) + + * sjis (Japanese Shift-JIS) + + * euc-jp (Japanese EUC-JP) + + * iso-8859-9 (Turkish) + + * utf-8 (Unicode) + + * euc-kr (Korean) + * - defaultfieldformatmaxlength + + *(str)* + - + - Maximum length, in characters, for data entered into a field that is assigned the default field type. + * - defaultfieldformatminlength + + *(str)* + - + - Minimum length, in characters, for data entered into a field that is assigned the default field type. + + To disable the minimum and maximum length settings and allow data of any length to be entered into field, set this parameter to zero (0). + * - defaultfieldformattype + + *(str)* + - + - Designate a default field type to be applied to web form fields that do not have a field type assigned to them. + * - defaults + + *(str)* + - Choices: + + - basic + - advanced + - Default configuration to apply to the profile. Basic defaults are intended for standard content that little further configuration, such as static web site content. Advanced defaults are intended for content that requires significant specialized configuration, such as heavily scripted or dynamic + + + + CLI users: When adding an application firewall profile, you can set either the defaults or the type, not both. To set both options, create the profile by using the add appfw profile command, and then the set appfw profile command to configure the other option. + * - denyurl_bindings + - + - denyurl bindings + * - denyurlaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Deny URL actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + NOTE: The Deny URL check takes precedence over the Start URL check. If you enable blocking for the URL check, the application firewall blocks any URL that is explicitly blocked by a Deny URL, even if same URL would otherwise be allowed by the Start URL check. + + + + CLI users: To enable one or more actions, type "set appfw profile -denyURLaction" followed by the to be enabled. To turn off all actions, type "set appfw profile -denyURLaction none". + * - dosecurecreditcardlogging + + *(bool)* + - + - Setting this option logs credit card numbers in the response when the match is found. + * - enableformtagging + + *(bool)* + - + - Enable tagging of web form fields for use by the Form Field Consistency and CSRF Form Tagging checks. + * - errorurl + + *(str)* + - + - URL that application firewall uses as the Error URL. + * - excludefileuploadfromchecks + + *(bool)* + - + - Exclude uploaded files from Form checks. + * - excluderescontenttype_bindings + - + - excluderescontenttype bindings + * - exemptclosureurlsfromsecuritychecks + + *(bool)* + - + - Exempt URLs that pass the Start URL closure check from SQL injection, cross-site script, field format field consistency security checks at locations other than headers. + * - fieldconsistency_bindings + - + - fieldconsistency bindings + * - fieldconsistencyaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Form Field Consistency actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -fieldConsistencyaction" followed the actions to be enabled. To turn off all actions, type "set appfw profile -fieldConsistencyAction + * - fieldformat_bindings + - + - fieldformat bindings + * - fieldformataction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Field Format actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of suggested web form fields and field format + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -fieldFormatAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -fieldFormatAction none". + * - fileuploadmaxnum + + *(str)* + - + - Maximum allowed number of file uploads per form-submission request. The maximum setting (65535) an unlimited number of uploads. + * - htmlerrorobject + + *(str)* + - + - Name to assign to the HTML Error Object. + + Must begin with a letter, number, or the underscore character \(_\), and must contain only letters, and the hyphen \(-\), period \(.\) pound \(\#\), space \( \), at (@), equals \(=\), colon \(:\), and characters. Cannot be changed after the HTML error object is added. + + + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks \(for "my HTML error object" or 'my HTML error object'\). + * - inspectcontenttypes + + *(list)* + - Choices: + + - none + - application/x-www-form-urlencoded + - multipart/form-data + - text/x-gwt-rpc + - One or more InspectContentType lists. + + * application/x-www-form-urlencoded + + * multipart/form-data + + * text/x-gwt-rpc + + + + CLI users: To enable, type "set appfw profile -InspectContentTypes" followed by the content types to inspected. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - invalidpercenthandling + + *(str)* + - Choices: + + - apache_mode + - asp_mode + - secure_mode + - Configure the method that the application firewall uses to handle percent-encoded names and values. settings function as follows: + + * apache_mode - Apache format. + + * asp_mode - Microsoft ASP format. + + * secure_mode - Secure format. + * - logeverypolicyhit + + *(bool)* + - + - Log every profile match, regardless of security checks results. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - multipleheaderaction + + *(list)* + - Choices: + + - block + - keepLast + - log + - none + - One or more multiple header actions. Available settings function as follows: + + * Block - Block connections that have multiple headers. + + * Log - Log connections that have multiple headers. + + * KeepLast - Keep only last header when multiple headers are present. + + + + CLI users: To enable one or more actions, type "set appfw profile -multipleHeaderAction" followed by actions to be enabled. + * - name + + *(str)* + - + - Name for the profile. Must begin with a letter, number, or the underscore character (_), and must only letters, numbers, and the hyphen (-), period (.), pound (#), space ( ), at (@), equals (=), (:), and underscore (_) characters. Cannot be changed after the profile is added. + + + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks (for "my profile" or 'my profile'). + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - optimizepartialreqs + + *(bool)* + - + - Optimize handle of HTTP partial requests i.e. those with range headers. + + Available settings are as follows: + + * ON - Partial requests by the client result in partial requests to the backend server in most cases. + + * OFF - Partial requests by the client are changed to full requests to the backend server + * - percentdecoderecursively + + *(bool)* + - + - Configure whether the application firewall should use percentage recursive decoding + * - postbodylimit + + *(str)* + - + - Maximum allowed HTTP post body size, in bytes. + * - refererheadercheck + + *(str)* + - Choices: + + - OFF + - if_present + - AlwaysExceptStartURLs + - AlwaysExceptFirstRequest + - Enable validation of Referer headers. + + Referer validation ensures that a web form that a user sends to your web site originally came from web site, not an outside attacker. + + Although this parameter is part of the Start URL check, referer validation protects against request forgery (CSRF) attacks, not Start URL attacks. + * - requestcontenttype + + *(str)* + - + - Default Content-Type header for requests. + + A Content-Type header can contain 0-255 letters, numbers, and the hyphen (-) and underscore (_) + * - responsecontenttype + + *(str)* + - + - Default Content-Type header for responses. + + A Content-Type header can contain 0-255 letters, numbers, and the hyphen (-) and underscore (_) + * - safeobject_bindings + - + - safeobject bindings + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - semicolonfieldseparator + + *(bool)* + - + - Allow ';' as a form field separator in URL queries and POST form bodies. + * - sessionlessfieldconsistency + + *(str)* + - Choices: + + - OFF + - ON + - postOnly + - Perform sessionless Field Consistency Checks. + * - sessionlessurlclosure + + *(bool)* + - + - Enable session less URL Closure Checks. + + This check is applicable to Profile Type: HTML. + * - signatures + + *(str)* + - + - Object name for signatures. + + This check is applicable to Profile Type: HTML, XML. + * - sqlinjection_bindings + - + - sqlinjection bindings + * - sqlinjectionaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more HTML SQL Injection actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -SQLInjectionAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -SQLInjectionAction none". + * - sqlinjectionchecksqlwildchars + + *(bool)* + - + - Check for form fields that contain SQL wild chars . + * - sqlinjectiononlycheckfieldswithsqlchars + + *(bool)* + - + - Check only form fields that contain SQL special strings (characters) for injected SQL code. + + Most SQL servers require a special string to activate an SQL request, so SQL code without a special is harmless to most SQL servers. + * - sqlinjectionparsecomments + + *(str)* + - Choices: + + - checkall + - ansi + - nested + - ansinested + - Parse HTML comments and exempt them from the HTML SQL Injection check. You must specify the type of that the application firewall is to detect and exempt from this security check. Available settings as follows: + + * Check all - Check all content. + + * ANSI - Exempt content that is part of an ANSI (Mozilla-style) comment. + + * Nested - Exempt content that is part of a nested (Microsoft-style) comment. + + * ANSI Nested - Exempt content that is part of any type of comment. + * - sqlinjectiontransformspecialchars + + *(bool)* + - + - Transform injected SQL code. This setting configures the application firewall to disable SQL special instead of blocking the request. Since most SQL servers require a special string to activate an SQL in most cases a request that contains injected SQL code is safe if special strings are disabled. + + CAUTION: Make sure that this parameter is set to ON if you are configuring any SQL injection If it is set to OFF, no SQL injection transformations are performed regardless of any other settings. + * - sqlinjectiontype + + *(str)* + - Choices: + + - SQLSplChar + - SQLKeyword + - SQLSplCharORKeyword + - SQLSplCharANDKeyword + - Available SQL injection types. + + -SQLSplChar : Checks for SQL Special Chars + + -SQLKeyword : Checks for SQL Keywords + + -SQLSplCharANDKeyword : Checks for both and blocks if both are found + + -SQLSplCharORKeyword : Checks for both and blocks if anyone is found + * - starturl_bindings + - + - starturl bindings + * - starturlaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Start URL actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -startURLaction" followed by the to be enabled. To turn off all actions, type "set appfw profile -startURLaction none". + * - starturlclosure + + *(bool)* + - + - Toggle the state of Start URL Closure. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - streaming + + *(bool)* + - + - Setting this option converts content-length form submission requests (requests with content-type or "multipart/form-data") to chunked requests when atleast one of the following protections : SQL protection, XSS protection, form field consistency protection, starturl closure, CSRF tagging is Please make sure that the backend server accepts chunked requests before enabling this option. + * - stripcomments + + *(bool)* + - + - Strip HTML comments. + + This check is applicable to Profile Type: HTML. + * - striphtmlcomments + + *(str)* + - Choices: + + - none + - all + - exclude_script_tag + - Strip HTML comments before forwarding a web page sent by a protected web site in response to a user + * - stripxmlcomments + + *(str)* + - Choices: + + - none + - all + - Strip XML comments before forwarding a web page sent by a protected web site in response to a user + * - trace + + *(bool)* + - + - Toggle the state of trace + * - trustedlearningclients_bindings + - + - trustedlearningclients bindings + * - type + + *(list)* + - Choices: + + - HTML + - XML + - Application firewall profile type, which controls which security checks and settings are applied to that is filtered with the profile. Available settings function as follows: + + * HTML - HTML-based web sites. + + * XML - XML-based web sites and services. + + * HTML XML (Web 2.0) - Sites that contain both HTML and XML content, such as ATOM feeds, blogs, and feeds. + * - urldecoderequestcookies + + *(bool)* + - + - URL Decode request cookies before subjecting them to SQL and cross-site scripting checks. + * - usehtmlerrorobject + + *(bool)* + - + - Send an imported HTML Error object to a user when a request is blocked, instead of redirecting the to the designated Error URL. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - xmlattachmentaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more XML Attachment actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLAttachmentAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLAttachmentAction none". + * - xmlattachmenturl_bindings + - + - xmlattachmenturl bindings + * - xmldosaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more XML Denial-of-Service (XDoS) actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLDoSAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLDoSAction none". + * - xmldosurl_bindings + - + - xmldosurl bindings + * - xmlerrorobject + + *(str)* + - + - Name to assign to the XML Error Object, which the application firewall displays when a user request blocked. + + Must begin with a letter, number, or the underscore character \(_\), and must contain only letters, and the hyphen \(-\), period \(.\) pound \(\#\), space \( \), at (@), equals \(=\), colon \(:\), and characters. Cannot be changed after the XML error object is added. + + + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks \(for "my XML error object" or 'my XML error object'\). + * - xmlformataction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more XML Format actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLFormatAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLFormatAction none". + * - xmlsoapfaultaction + + *(list)* + - Choices: + + - none + - block + - log + - remove + - stats + - One or more XML SOAP Fault Filtering actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + * Remove - Remove all violations for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLSOAPFaultAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLSOAPFaultAction none". + * - xmlsqlinjection_bindings + - + - xmlsqlinjection bindings + * - xmlsqlinjectionaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more XML SQL Injection actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLSQLInjectionAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLSQLInjectionAction none". + * - xmlsqlinjectionchecksqlwildchars + + *(bool)* + - + - Check for form fields that contain SQL wild chars . + * - xmlsqlinjectiononlycheckfieldswithsqlchars + + *(bool)* + - + - Check only form fields that contain SQL special characters, which most SQL servers require before an SQL command, for injected SQL. + * - xmlsqlinjectionparsecomments + + *(str)* + - Choices: + + - checkall + - ansi + - nested + - ansinested + - Parse comments in XML Data and exempt those sections of the request that are from the XML SQL check. You must configure the type of comments that the application firewall is to detect and exempt this security check. Available settings function as follows: + + * Check all - Check all content. + + * ANSI - Exempt content that is part of an ANSI (Mozilla-style) comment. + + * Nested - Exempt content that is part of a nested (Microsoft-style) comment. + + * ANSI Nested - Exempt content that is part of any type of comment. + * - xmlsqlinjectiontype + + *(str)* + - Choices: + + - SQLSplChar + - SQLKeyword + - SQLSplCharORKeyword + - SQLSplCharANDKeyword + - Available SQL injection types. + + -SQLSplChar : Checks for SQL Special Chars + + -SQLKeyword : Checks for SQL Keywords + + -SQLSplCharANDKeyword : Checks for both and blocks if both are found + + -SQLSplCharORKeyword : Checks for both and blocks if anyone is found + * - xmlvalidationaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more XML Validation actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLValidationAction" followed by actions to be enabled. To turn off all actions, type "set appfw profile -XMLValidationAction none". + * - xmlvalidationurl_bindings + - + - xmlvalidationurl bindings + * - xmlwsiaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more Web Services Interoperability (WSI) actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Learn - Use the learning engine to generate a list of exceptions to this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLWSIAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLWSIAction none". + * - xmlwsiurl_bindings + - + - xmlwsiurl bindings + * - xmlxss_bindings + - + - xmlxss bindings + * - xmlxssaction + + *(list)* + - Choices: + + - none + - block + - learn + - log + - stats + - One or more XML Cross-Site Scripting actions. Available settings function as follows: + + * Block - Block connections that violate this security check. + + * Log - Log violations of this security check. + + * Stats - Generate statistics for this security check. + + * None - Disable all actions for this security check. + + + + CLI users: To enable one or more actions, type "set appfw profile -XMLXSSAction" followed by the to be enabled. To turn off all actions, type "set appfw profile -XMLXSSAction none". + Examples -------- .. code-block:: yaml+jinja - - name: setup profile with basic presets delegate_to: localhost @@ -2627,7 +1197,7 @@ Examples state: present name: profile_basic_1 defaults: basic - + - name: setup profile with denyurl bindings delegate_to: localhost citrix_adc_appfw_profile: @@ -2642,7 +1212,7 @@ Examples - state: enabled denyurl: denyme.* comment: 'denyurl comment' - + - name: remove profile delegate_to: localhost citrix_adc_appfw_profile: @@ -2654,76 +1224,30 @@ Examples defaults: basic - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_settings_module.rst b/docs/modules/citrix_adc_appfw_settings_module.rst index 52625dc29..e6f8ce967 100644 --- a/docs/modules/citrix_adc_appfw_settings_module.rst +++ b/docs/modules/citrix_adc_appfw_settings_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_settings.py - :orphan: .. _citrix_adc_appfw_settings_module: - -citrix_adc_appfw_settings - Manage Citrix ADC Web Application Firewall settings -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_settings - Manage Citrix ADC Web Application Firewall settings. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_settings - Manage Citrix ADC Web Application Firewall settings :local: :depth: 2 - Synopsis -------- - Manage Citrix ADC Web Application Firewall settings. @@ -28,367 +24,184 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- ceflogging -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable CEF format logs.
-
- clientiploggingheader -
str
 - -
Name of an HTTP header that contains the IP address that the client used to connect to the protected site or service.
-
- cookiepostencryptprefix -
str
 - -
String that is prepended to all encrypted cookie values.
-
- defaultprofile -
str
 - -
Profile to use when a connection does not match any policy. Default setting is APPFW_BYPASS, which unmatched connections back to the NetScaler appliance without attempting to filter them further.
-
- entitydecoding -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Transform multibyte (double- or half-width) characters to single width characters.
-
- geolocationlogging -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable Geo-Location Logging in CEF format logs.
-
- importsizelimit -
str
 - -
Cumulative total maximum number of bytes in web forms imported to a protected web site. If a user to upload files with a total byte count higher than the specified limit, the application firewall the request.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- learnratelimit -
str
 - -
Maximum number of connections per second that the application firewall learning engine examines to new relaxations for learning-enabled security checks. The application firewall drops any connections this limit from the list of connections used by the learning engine.
-
- logmalformedreq -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Log requests that are so malformed that application firewall parsing doesn't occur.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- sessioncookiename -
str
 - -
Name of the session cookie that the application firewall uses to track user sessions.
-
Must begin with a letter or number, and can consist of from 1 to 31 letters, numbers, and the hyphen and underscore (_) symbols.
-
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks (for "my cookie name" or 'my cookie name').
-
- sessionlifetime -
str
 - -
Maximum amount of time (in seconds) that the application firewall allows a user session to remain regardless of user activity. After this time, the user session is terminated. Before continuing to the protected web site, the user must establish a new session by opening a designated start URL.
-
- sessionlimit -
str
 - -
Maximum number of sessions that the application firewall allows to be active, regardless of user After the max_limit reaches, No more user session will be created .
-
- sessiontimeout -
str
 - -
Timeout, in seconds, after which a user session is terminated. Before continuing to use the protected site, the user must establish a new session by opening a designated start URL.
-
- signatureautoupdate -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Flag used to enable/disable auto update signatures
-
- signatureurl -
str
 - -
URL to download the mapping file from server
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- undefaction -
str
 - -
Profile to use when an application firewall policy evaluates to undefined (UNDEF).
-
An UNDEF event indicates an internal error condition. The APPFW_BLOCK built-in profile is the default You can specify a different built-in or user-created profile as the UNDEF profile.
-
- useconfigurablesecretkey -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use configurable secret key in AppFw operations.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - ceflogging + + *(bool)* + - + - Enable CEF format logs. + * - clientiploggingheader + + *(str)* + - + - Name of an HTTP header that contains the IP address that the client used to connect to the protected site or service. + * - cookiepostencryptprefix + + *(str)* + - + - String that is prepended to all encrypted cookie values. + * - defaultprofile + + *(str)* + - + - Profile to use when a connection does not match any policy. Default setting is APPFW_BYPASS, which unmatched connections back to the NetScaler appliance without attempting to filter them further. + * - entitydecoding + + *(bool)* + - + - Transform multibyte (double- or half-width) characters to single width characters. + * - geolocationlogging + + *(bool)* + - + - Enable Geo-Location Logging in CEF format logs. + * - importsizelimit + + *(str)* + - + - Cumulative total maximum number of bytes in web forms imported to a protected web site. If a user to upload files with a total byte count higher than the specified limit, the application firewall the request. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - learnratelimit + + *(str)* + - + - Maximum number of connections per second that the application firewall learning engine examines to new relaxations for learning-enabled security checks. The application firewall drops any connections this limit from the list of connections used by the learning engine. + * - logmalformedreq + + *(bool)* + - + - Log requests that are so malformed that application firewall parsing doesn't occur. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - sessioncookiename + + *(str)* + - + - Name of the session cookie that the application firewall uses to track user sessions. + + Must begin with a letter or number, and can consist of from 1 to 31 letters, numbers, and the hyphen and underscore (_) symbols. + + + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks (for "my cookie name" or 'my cookie name'). + * - sessionlifetime + + *(str)* + - + - Maximum amount of time (in seconds) that the application firewall allows a user session to remain regardless of user activity. After this time, the user session is terminated. Before continuing to the protected web site, the user must establish a new session by opening a designated start URL. + * - sessionlimit + + *(str)* + - + - Maximum number of sessions that the application firewall allows to be active, regardless of user After the max_limit reaches, No more user session will be created . + * - sessiontimeout + + *(str)* + - + - Timeout, in seconds, after which a user session is terminated. Before continuing to use the protected site, the user must establish a new session by opening a designated start URL. + * - signatureautoupdate + + *(bool)* + - + - Flag used to enable/disable auto update signatures + * - signatureurl + + *(str)* + - + - URL to download the mapping file from server + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - undefaction + + *(str)* + - + - Profile to use when an application firewall policy evaluates to undefined (UNDEF). + + An UNDEF event indicates an internal error condition. The APPFW_BLOCK built-in profile is the default You can specify a different built-in or user-created profile as the UNDEF profile. + * - useconfigurablesecretkey + + *(bool)* + - + - Use configurable secret key in AppFw operations. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: setup basic settings delegate_to: localhost @@ -416,76 +229,30 @@ Examples sessionlimit: "10000" - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_signatures_module.rst b/docs/modules/citrix_adc_appfw_signatures_module.rst index f31c98772..5427a5eae 100644 --- a/docs/modules/citrix_adc_appfw_signatures_module.rst +++ b/docs/modules/citrix_adc_appfw_signatures_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_signatures.py - :orphan: .. _citrix_adc_appfw_signatures_module: - -citrix_adc_appfw_signatures - Configuration for configured confidential form fields resource -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_signatures - Configuration for configured confidential form fields resource. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_signatures - Configuration for configured confidential form fie :local: :depth: 2 - Synopsis -------- - Configuration for configured confidential form fields resource. @@ -25,287 +21,159 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the signatures object.
-
Maximum length = 128
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- merge -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Merges the existing Signature with new signature rules.
-
- mergedefault -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Merges signature file with default signature file.
-
- name -
str
 - -
Name of the signature object.
-
Minimum length = 1
-
Maximum length = 31
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- overwrite -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Overwrite any existing signatures object of the same name.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- sha1 -
str
 - -
File path for sha1 file to validate signature file.
-
Minimum length = 1
-
Maximum length = 2047
-
- src -
str
 - -
URL (protocol, host, path, and file name) for the location at which to store the imported signatures
-
NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access.
-
Minimum length = 1
-
Maximum length = 2047
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- xslt -
str
 - -
XSLT file source.
-
Maximum length = 2047
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the signatures object. + + Maximum length = 128 + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - merge + + *(bool)* + - + - Merges the existing Signature with new signature rules. + * - mergedefault + + *(bool)* + - + - Merges signature file with default signature file. + * - name + + *(str)* + - + - Name of the signature object. + + Minimum length = 1 + + Maximum length = 31 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - overwrite + + *(bool)* + - + - Overwrite any existing signatures object of the same name. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - sha1 + + *(str)* + - + - File path for sha1 file to validate signature file. + + Minimum length = 1 + + Maximum length = 2047 + * - src + + *(str)* + - + - URL (protocol, host, path, and file name) for the location at which to store the imported signatures + + NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access. + + Minimum length = 1 + + Maximum length = 2047 + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - xslt + + *(str)* + - + - XSLT file source. + + Maximum length = 2047 + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup confidential field id @@ -321,76 +189,30 @@ Examples comment: 'conf id field comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_wsdl_module.rst b/docs/modules/citrix_adc_appfw_wsdl_module.rst index 1032ab8c9..ae86dc8c5 100644 --- a/docs/modules/citrix_adc_appfw_wsdl_module.rst +++ b/docs/modules/citrix_adc_appfw_wsdl_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_wsdl.py - :orphan: .. _citrix_adc_appfw_wsdl_module: - -citrix_adc_appfw_wsdl - Configuration for configured confidential form fields resource -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_wsdl - Configuration for configured confidential form fields resource. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_wsdl - Configuration for configured confidential form fields re :local: :depth: 2 - Synopsis -------- - Configuration for configured confidential form fields resource. @@ -25,236 +21,133 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the WSDL.
-
Maximum length = 128
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name of the WSDL file to remove.
-
Minimum length = 1
-
Maximum length = 31
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- overwrite -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Overwrite any existing WSDL of the same name.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- src -
str
 - -
URL (protocol, host, path, and name) of the WSDL file to be imported is stored.
-
NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access.
-
Minimum length = 1
-
Maximum length = 2047
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the WSDL. + + Maximum length = 128 + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Name of the WSDL file to remove. + + Minimum length = 1 + + Maximum length = 31 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - overwrite + + *(bool)* + - + - Overwrite any existing WSDL of the same name. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - src + + *(str)* + - + - URL (protocol, host, path, and name) of the WSDL file to be imported is stored. + + NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access. + + Minimum length = 1 + + Maximum length = 2047 + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup confidential field id @@ -270,76 +163,30 @@ Examples comment: 'conf id field comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_xmlcontenttype_module.rst b/docs/modules/citrix_adc_appfw_xmlcontenttype_module.rst index f1ccd7d81..d56c627bf 100644 --- a/docs/modules/citrix_adc_appfw_xmlcontenttype_module.rst +++ b/docs/modules/citrix_adc_appfw_xmlcontenttype_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_xmlcontenttype.py - :orphan: .. _citrix_adc_appfw_xmlcontenttype_module: - -citrix_adc_appfw_xmlcontenttype - Configuration for XML Content type resource -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_xmlcontenttype - Configuration for XML Content type resource. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_xmlcontenttype - Configuration for XML Content type resource :local: :depth: 2 - Synopsis -------- - Configuration for XML Content type resource. @@ -25,195 +21,105 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- isregex -
str
 -
    Choices: -
  • REGEX
    • -
  • NOTREGEX
    • -
- 		-
Is field name a regular expression?
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- xmlcontenttypevalue -
str
 - -
Content type to be classified as XML
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - isregex + + *(str)* + - Choices: + + - REGEX + - NOTREGEX + - Is field name a regular expression? + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - xmlcontenttypevalue + + *(str)* + - + - Content type to be classified as XML + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup xml content type @@ -227,76 +133,30 @@ Examples isregex: REGEX - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_xmlerrorpage_module.rst b/docs/modules/citrix_adc_appfw_xmlerrorpage_module.rst index 0b60b1845..1fbe7d864 100644 --- a/docs/modules/citrix_adc_appfw_xmlerrorpage_module.rst +++ b/docs/modules/citrix_adc_appfw_xmlerrorpage_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_xmlerrorpage.py - :orphan: .. _citrix_adc_appfw_xmlerrorpage_module: - -citrix_adc_appfw_xmlerrorpage - Configuration for configured confidential form fields resource -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_xmlerrorpage - Configuration for configured confidential form fields resource. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_xmlerrorpage - Configuration for configured confidential form f :local: :depth: 2 - Synopsis -------- - Configuration for configured confidential form fields resource. @@ -25,236 +21,133 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the XML error object.
-
Maximum length = 128
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Indicates name of the imported xml error page to be removed.
-
Minimum length = 1
-
Maximum length = 31
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- overwrite -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Overwrite any existing XML error object of the same name.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- src -
str
 - -
URL (protocol, host, path, and name) for the location at which to store the imported XML error
-
NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access.
-
Minimum length = 1
-
Maximum length = 2047
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the XML error object. + + Maximum length = 128 + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Indicates name of the imported xml error page to be removed. + + Minimum length = 1 + + Maximum length = 31 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - overwrite + + *(bool)* + - + - Overwrite any existing XML error object of the same name. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - src + + *(str)* + - + - URL (protocol, host, path, and name) for the location at which to store the imported XML error + + NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access. + + Minimum length = 1 + + Maximum length = 2047 + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup confidential field id @@ -270,76 +163,30 @@ Examples comment: 'conf id field comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_appfw_xmlschema_module.rst b/docs/modules/citrix_adc_appfw_xmlschema_module.rst index e11ca8644..31f797034 100644 --- a/docs/modules/citrix_adc_appfw_xmlschema_module.rst +++ b/docs/modules/citrix_adc_appfw_xmlschema_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_appfw_xmlschema.py - :orphan: .. _citrix_adc_appfw_xmlschema_module: - -citrix_adc_appfw_xmlschema - Configuration for configured confidential form fields resource -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_appfw_xmlschema - Configuration for configured confidential form fields resource. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adc_appfw_xmlschema - Configuration for configured confidential form fiel :local: :depth: 2 - Synopsis -------- - Configuration for configured confidential form fields resource. @@ -25,236 +21,133 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment -
str
 - -
Any comments to preserve information about the XML Schema object.
-
Maximum length = 128
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name of the XML Schema object to remove.
-
Minimum length = 1
-
Maximum length = 31
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- overwrite -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Overwrite any existing XML Schema object of the same name.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- src -
str
 - -
URL (protocol, host, path, and file name) for the location at which to store the imported XML Schema.
-
NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access.
-
Minimum length = 1
-
Maximum length = 2047
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + + *(str)* + - + - Any comments to preserve information about the XML Schema object. + + Maximum length = 128 + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Name of the XML Schema object to remove. + + Minimum length = 1 + + Maximum length = 31 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - overwrite + + *(bool)* + - + - Overwrite any existing XML Schema object of the same name. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - src + + *(str)* + - + - URL (protocol, host, path, and file name) for the location at which to store the imported XML Schema. + + NOTE: The import fails if the object to be imported is on an HTTPS server that requires client authentication for access. + + Minimum length = 1 + + Maximum length = 2047 + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adc - + gather_facts: False tasks: - name: Setup confidential field id @@ -270,76 +163,30 @@ Examples comment: 'conf id field comment' - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) -- Sumanth Lingappa (@sumanth-lingappa) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_cs_action_module.rst b/docs/modules/citrix_adc_cs_action_module.rst index 279742f7b..8bd759f38 100644 --- a/docs/modules/citrix_adc_cs_action_module.rst +++ b/docs/modules/citrix_adc_cs_action_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_cs_action.py - :orphan: .. _citrix_adc_cs_action_module: - citrix_adc_cs_action - Manage content switching actions +++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_cs_action - Manage content switching actions :local: :depth: 2 - Synopsis -------- - Manage content switching actions @@ -32,221 +28,107 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment - - -
Comments associated with this cs action.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name - - -
Name for the content switching action. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at sign @, equal sign =, and hyphen - characters. Can be changed after the content switching action is created.
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- targetlbvserver - - -
Name of the load balancing virtual server to which the content is switched.
-
- targetvserver - - -
Name of the VPN virtual server to which the content is switched.
-
- targetvserverexpr - - -
Information about this content switching action.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - comment + - + - Comments associated with this cs action. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + - + - Name for the content switching action. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space `` ``, colon ``:``, at sign ``@``, equal sign ``=``, and hyphen ``-`` characters. Can be changed after the content switching action is created. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - targetlbvserver + - + - Name of the load balancing virtual server to which the content is switched. + * - targetvserver + - + - Name of the VPN virtual server to which the content is switched. + * - targetvserverexpr + - + - Information about this content switching action. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - # lb_vserver_1 must have been already created with the citrix_adc_lb_vserver module - + - name: Configure netscaler content switching action delegate_to: localhost citrix_adc_cs_action: @@ -254,95 +136,46 @@ Examples nitro_user: nsroot nitro_pass: nsroot validate_certs: no - + state: present - + name: action-1 targetlbvserver: lb_vserver_1 - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dictionary
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{ 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' }
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
string
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dictionary)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + { 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' } + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(string)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_cs_policy_module.rst b/docs/modules/citrix_adc_cs_policy_module.rst index cc5798bf6..3a6ea7e1d 100644 --- a/docs/modules/citrix_adc_cs_policy_module.rst +++ b/docs/modules/citrix_adc_cs_policy_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_cs_policy.py - :orphan: .. _citrix_adc_cs_policy_module: - citrix_adc_cs_policy - Manage content switching policy ++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_cs_policy - Manage content switching policy :local: :depth: 2 - Synopsis -------- - Manage content switching policy. @@ -32,226 +28,120 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- action - - -
Content switching action that names the target load balancing virtual server to which the traffic is switched.
-
- domain - - -
The domain name. The string value can range to 63 characters.
-
Minimum length = 1
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- policyname - - -
Name for the content switching policy. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore, hash #, period ., space , colon :, at sign @, equal sign =, and hyphen - characters. Cannot be changed after a policy is created.
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, my policy or my policy).
-
Minimum length = 1
-
- rule - - -
Expression, or name of a named expression, against which traffic is evaluated. Written in the classic or default syntax.
-
Note:
-
Maximum length of a string literal in the expression is 255 characters. A longer string can be split into smaller strings of up to 255 characters each, and the smaller strings concatenated with the + operator. For example, you can create a 500-character string as follows: '"<string of 255 characters>" + "<string of 245 characters>"'
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- url - - -
URL string that is matched with the URL of a request. Can contain a wildcard character. Specify the string value in the following format: [[prefix] [*]] [.suffix].
-
Minimum length = 1
-
Maximum length = 208
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - action + - + - Content switching action that names the target load balancing virtual server to which the traffic is switched. + * - domain + - + - The domain name. The string value can range to 63 characters. + + Minimum length = 1 + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - policyname + - + - Name for the content switching policy. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore, hash ``#``, period ``.``, space `` ``, colon ``:``, at sign ``@``, equal sign ``=``, and hyphen ``-`` characters. Cannot be changed after a policy is created. + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, my policy or my policy). + + Minimum length = 1 + * - rule + - + - Expression, or name of a named expression, against which traffic is evaluated. Written in the classic or default syntax. + + Note: + + Maximum length of a string literal in the expression is 255 characters. A longer string can be split into smaller strings of up to 255 characters each, and the smaller strings concatenated with the + operator. For example, you can create a 500-character string as follows: '"" + ""' + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - url + - + - URL string that is matched with the URL of a request. Can contain a wildcard character. Specify the string value in the following format: ``[[prefix] [*]] [.suffix]``. + + Minimum length = 1 + + Maximum length = 208 + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Create url cs policy delegate_to: localhost @@ -260,95 +150,46 @@ Examples nitro_user: nsroot nitro_pass: nsroot validate_certs: no - + state: present - + policyname: policy_1 url: /example/ - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{'url': 'difference. ours: (str) example1 other: (str) /example1'}
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Could not load nitro python sdk
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dict)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + {'url': 'difference. ours: (str) example1 other: (str) /example1'} + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Could not load nitro python sdk diff --git a/docs/modules/citrix_adc_cs_vserver_module.rst b/docs/modules/citrix_adc_cs_vserver_module.rst index 2161e9e6e..c22872506 100644 --- a/docs/modules/citrix_adc_cs_vserver_module.rst +++ b/docs/modules/citrix_adc_cs_vserver_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_cs_vserver.py - :orphan: .. _citrix_adc_cs_vserver_module: - citrix_adc_cs_vserver - Manage content switching vserver ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_cs_vserver - Manage content switching vserver :local: :depth: 2 - Synopsis -------- - Manage content switching vserver @@ -32,1081 +28,557 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- appflowlog - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable logging appflow flow information.
-
- authentication -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Authenticate users who request a connection to the content switching virtual server.
-
- authenticationhost - - -
FQDN of the authentication virtual server. The service type of the virtual server should be either HTTP or SSL.
-
Minimum length = 3
-
Maximum length = 252
-
- authn401 -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable HTTP 401-response based authentication.
-
- authnprofile - - -
Name of the authentication profile to be used when authentication is turned on.
-
- authnvsname - - -
Name of authentication virtual server that authenticates the incoming user requests to this content switching virtual server. .
-
Minimum length = 1
-
Maximum length = 252
-
- backupip - - -
.
-
Minimum length = 1
-
- backupvserver - - -
Name of the backup virtual server that you are configuring. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at sign @, equal sign =, and hyphen - characters. Can be changed after the backup virtual server is created. You can assign a different backup virtual server or rename the existing virtual server.
-
Minimum length = 1
-
- cacheable -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use this option to specify whether a virtual server, used for load balancing or content switching, routes requests to the cache redirection virtual server before sending it to the configured servers.
-
- casesensitive -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Consider case in URLs (for policies that use URLs instead of RULES). For example, with the on setting, the URLs /a/1.html and /A/1.HTML are treated differently and can have different targets (set by content switching policies). With the off setting, /a/1.html and /A/1.HTML are switched to the same target.
-
- clttimeout - - -
Idle time, in seconds, after which the client connection is terminated. The default values are:
-
Minimum value = 0
-
Maximum value = 31536000
-
- comment - - -
Information about this virtual server.
-
- cookiedomain - - -
.
-
Minimum length = 1
-
- cookietimeout - - -
.
-
Minimum value = 0
-
Maximum value = 1440
-
- dbprofilename - - -
Name of the DB profile.
-
Minimum length = 1
-
Maximum length = 127
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to yes the cs vserver will be disabled.
-
When set to no the cs vserver will be enabled.
-
Note that due to limitations of the underlying NITRO API a disabled state change alone does not cause the module result to report a changed status.
-
- disableprimaryondown - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Continue forwarding the traffic to backup virtual server even after the primary server comes UP from the DOWN state.
-
- dnsprofilename - - -
Name of the DNS profile to be associated with the VServer. DNS profile properties will applied to the transactions processed by a VServer. This parameter is valid only for DNS and DNS-TCP VServers.
-
Minimum length = 1
-
Maximum length = 127
-
- domainname - - -
Domain name for which to change the time to live (TTL) and/or backup service IP address.
-
Minimum length = 1
-
- downstateflush - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Flush all active transactions associated with a virtual server whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
-
- httpprofilename - - -
Name of the HTTP profile containing HTTP configuration settings for the virtual server. The service type of the virtual server should be either HTTP or SSL.
-
Minimum length = 1
-
Maximum length = 127
-
- icmpvsrresponse - -
    Choices: -
  • PASSIVE
    • -
  • ACTIVE
    • -
- 		-
Can be active or passive.
-
- insertvserveripport - -
    Choices: -
  • OFF
    • -
  • VIPADDR
    • -
  • V6TOV4MAPPING
    • -
- 		-
Insert the virtual server's VIP address and port number in the request header. Available values function as follows:
-
VIPADDR - Header contains the vserver's IP address and port number without any translation.
-
OFF - The virtual IP and port header insertion option is disabled.
-
V6TOV4MAPPING - Header contains the mapped IPv4 address corresponding to the IPv6 address of the vserver and the port number. An IPv6 address can be mapped to a user-specified IPv4 address using the set ns ip6 command.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- ipmask - - -
IP mask, in dotted decimal notation, for the IP Pattern parameter. Can have leading or trailing non-zero octets (for example, 255.255.240.0 or 0.0.255.255). Accordingly, the mask specifies whether the first n bits or the last n bits of the destination IP address in a client request are to be matched with the corresponding bits in the IP pattern. The former is called a forward mask. The latter is called a reverse mask.
-
- ippattern - - -
IP address pattern, in dotted decimal notation, for identifying packets to be accepted by the virtual server. The IP Mask parameter specifies which part of the destination IP address is matched against the pattern. Mutually exclusive with the IP Address parameter.
-
For example, if the IP pattern assigned to the virtual server is 198.51.100.0 and the IP mask is 255.255.240.0 (a forward mask), the first 20 bits in the destination IP addresses are matched with the first 20 bits in the pattern. The virtual server accepts requests with IP addresses that range from 198.51.96.1 to 198.51.111.254. You can also use a pattern such as 0.0.2.2 and a mask such as 0.0.255.255 (a reverse mask).
-
If a destination IP address matches more than one IP pattern, the pattern with the longest match is selected, and the associated virtual server processes the request. For example, if the virtual servers, vs1 and vs2, have the same IP pattern, 0.0.100.128, but different IP masks of 0.0.255.255 and 0.0.224.255, a destination IP address of 198.51.100.128 has the longest match with the IP pattern of vs1. If a destination IP address matches two or more virtual servers to the same extent, the request is processed by the virtual server whose port number matches the port number in the request.
-
- ipv46 - - -
IP address of the content switching virtual server.
-
Minimum length = 1
-
- l2conn - - -
Use L2 Parameters to identify a connection.
-
- lbvserver -
(added in 2.5)
 - -
The default Load Balancing virtual server.
-
- listenpolicy - - -
String specifying the listen policy for the content switching virtual server. Can be either the name of an existing expression or an in-line expression.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- mssqlserverversion - -
    Choices: -
  • 70
    • -
  • 2000
    • -
  • 2000SP1
    • -
  • 2005
    • -
  • 2008
    • -
  • 2008R2
    • -
  • 2012
    • -
  • 2014
    • -
- 		-
The version of the MSSQL server.
-
- mysqlcharacterset - - -
The character set returned by the mysql vserver.
-
- mysqlprotocolversion - - -
The protocol version returned by the mysql vserver.
-
- mysqlservercapabilities - - -
The server capabilities returned by the mysql vserver.
-
- mysqlserverversion - - -
The server version string returned by the mysql vserver.
-
Minimum length = 1
-
Maximum length = 31
-
- name - - -
Name for the content switching virtual server. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space, colon :, at sign @, equal sign =, and hyphen - characters.
-
Cannot be changed after the CS virtual server is created.
-
Minimum length = 1
-
- netprofile - - -
The name of the network profile.
-
Minimum length = 1
-
Maximum length = 127
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- oracleserverversion - -
    Choices: -
  • 10G
    • -
  • 11G
    • -
- 		-
Oracle server version.
-
- port - - -
Port number for content switching virtual server.
-
Minimum value = 1
-
Range 1 - 65535
-
* in CLI is represented as 65535 in NITRO API
-
- precedence - -
    Choices: -
  • RULE
    • -
  • URL
    • -
- 		-
Type of precedence to use for both RULE-based and URL-based policies on the content switching virtual server. With the default RULE setting, incoming requests are evaluated against the rule-based content switching policies. If none of the rules match, the URL in the request is evaluated against the URL-based content switching policies.
-
- push - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Process traffic with the push virtual server that is bound to this content switching virtual server (specified by the Push VServer parameter). The service type of the push virtual server should be either HTTP or SSL.
-
- pushlabel - - -
Expression for extracting the label from the response received from server. This string can be either an existing rule name or an inline expression. The service type of the virtual server should be either HTTP or SSL.
-
- pushmulticlients -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Allow multiple Web 2.0 connections from the same client to connect to the virtual server and expect updates.
-
- pushvserver - - -
Name of the load balancing virtual server, of type PUSH or SSL_PUSH, to which the server pushes updates received on the client-facing load balancing virtual server.
-
Minimum length = 1
-
- range - - -
Number of consecutive IP addresses, starting with the address specified by the IP Address parameter, to include in a range of addresses assigned to this virtual server.
-
Minimum value = 1
-
Maximum value = 254
-
- redirectportrewrite - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
State of port rewrite while performing HTTP redirect.
-
- redirecturl - - -
URL to which traffic is redirected if the virtual server becomes unavailable. The service type of the virtual server should be either HTTP or SSL.
-
Caution: Make sure that the domain in the URL does not match the domain specified for a content switching policy. If it does, requests are continuously redirected to the unavailable virtual server.
-
Minimum length = 1
-
- rhistate - -
    Choices: -
  • PASSIVE
    • -
  • ACTIVE
    • -
- 		-
A host route is injected according to the setting on the virtual servers
-
* If set to PASSIVE on all the virtual servers that share the IP address, the appliance always injects the hostroute.
-
* If set to ACTIVE on all the virtual servers that share the IP address, the appliance injects even if one virtual server is UP.
-
* If set to ACTIVE on some virtual servers and PASSIVE on the others, the appliance, injects even if one virtual server set to ACTIVE is UP.
-
- rtspnat -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable network address translation (NAT) for real-time streaming protocol (RTSP) connections.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- servicetype - -
    Choices: -
  • HTTP
    • -
  • SSL
    • -
  • TCP
    • -
  • FTP
    • -
  • RTSP
    • -
  • SSL_TCP
    • -
  • UDP
    • -
  • DNS
    • -
  • SIP_UDP
    • -
  • SIP_TCP
    • -
  • SIP_SSL
    • -
  • ANY
    • -
  • RADIUS
    • -
  • RDP
    • -
  • MYSQL
    • -
  • MSSQL
    • -
  • DIAMETER
    • -
  • SSL_DIAMETER
    • -
  • DNS_TCP
    • -
  • ORACLE
    • -
  • SMPP
    • -
- 		-
Protocol used by the virtual server.
-
- sitedomainttl - - -
.
-
Minimum value = 1
-
- sobackupaction - -
    Choices: -
  • DROP
    • -
  • ACCEPT
    • -
  • REDIRECT
    • -
- 		-
Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists.
-
- somethod - -
    Choices: -
  • CONNECTION
    • -
  • DYNAMICCONNECTION
    • -
  • BANDWIDTH
    • -
  • HEALTH
    • -
  • NONE
    • -
- 		-
Type of spillover used to divert traffic to the backup virtual server when the primary virtual server reaches the spillover threshold. Connection spillover is based on the number of connections. Bandwidth spillover is based on the total Kbps of incoming and outgoing traffic.
-
- sopersistence - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Maintain source-IP based persistence on primary and backup virtual servers.
-
- sopersistencetimeout - - -
Time-out value, in minutes, for spillover persistence.
-
Minimum value = 2
-
Maximum value = 1440
-
- sothreshold - - -
Depending on the spillover method, the maximum number of connections or the maximum total bandwidth (Kbps) that a virtual server can handle before spillover occurs.
-
Minimum value = 1
-
Maximum value = 4294967287
-
- ssl_certkey -
(added in 2.5)
 - -
The name of the ssl certificate that is bound to this service.
-
The ssl certificate must already exist.
-
Creating the certificate can be done with the citrix_adc_ssl_certkey module.
-
This option is only applicable only when servicetype is SSL.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- stateupdate - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable state updates for a specific content switching virtual server. By default, the Content Switching virtual server is always UP, regardless of the state of the Load Balancing virtual servers bound to it. This parameter interacts with the global setting as follows:
-
Global Level | Vserver Level | Result
-
enabled enabled enabled
-
enabled disabled enabled
-
disabled enabled enabled
-
disabled disabled disabled
-
If you want to enable state updates for only some content switching virtual servers, be sure to disable the state update parameter.
-
- targettype - -
    Choices: -
  • GSLB
    • -
- 		-
Virtual server target type.
-
- tcpprofilename - - -
Name of the TCP profile containing TCP configuration settings for the virtual server.
-
Minimum length = 1
-
Maximum length = 127
-
- td - - -
Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
-
Minimum value = 0
-
Maximum value = 4094
-
- ttl - - -
.
-
Minimum value = 1
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- vipheader - - -
Name of virtual server IP and port header, for use with the VServer IP Port Insertion parameter.
-
Minimum length = 1
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - appflowlog + - Choices: + + - enabled + - disabled + - Enable logging appflow flow information. + * - authentication + + *(bool)* + - + - Authenticate users who request a connection to the content switching virtual server. + * - authenticationhost + - + - FQDN of the authentication virtual server. The service type of the virtual server should be either ``HTTP`` or ``SSL``. + + Minimum length = 3 + + Maximum length = 252 + * - authn401 + + *(bool)* + - + - Enable HTTP 401-response based authentication. + * - authnprofile + - + - Name of the authentication profile to be used when authentication is turned on. + * - authnvsname + - + - Name of authentication virtual server that authenticates the incoming user requests to this content switching virtual server. . + + Minimum length = 1 + + Maximum length = 252 + * - backupip + - + - . + + Minimum length = 1 + * - backupvserver + - + - Name of the backup virtual server that you are configuring. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space `` ``, colon ``:``, at sign ``@``, equal sign ``=``, and hyphen ``-`` characters. Can be changed after the backup virtual server is created. You can assign a different backup virtual server or rename the existing virtual server. + + Minimum length = 1 + * - cacheable + + *(bool)* + - + - Use this option to specify whether a virtual server, used for load balancing or content switching, routes requests to the cache redirection virtual server before sending it to the configured servers. + * - casesensitive + + *(bool)* + - + - Consider case in URLs (for policies that use URLs instead of RULES). For example, with the ``on`` setting, the URLs /a/1.html and /A/1.HTML are treated differently and can have different targets (set by content switching policies). With the ``off`` setting, /a/1.html and /A/1.HTML are switched to the same target. + * - clttimeout + - + - Idle time, in seconds, after which the client connection is terminated. The default values are: + + Minimum value = ``0`` + + Maximum value = ``31536000`` + * - comment + - + - Information about this virtual server. + * - cookiedomain + - + - . + + Minimum length = 1 + * - cookietimeout + - + - . + + Minimum value = ``0`` + + Maximum value = ``1440`` + * - dbprofilename + - + - Name of the DB profile. + + Minimum length = 1 + + Maximum length = 127 + * - disabled + + *(bool)* + - Default: + + *no* + - When set to ``yes`` the cs vserver will be disabled. + + When set to ``no`` the cs vserver will be enabled. + + Note that due to limitations of the underlying NITRO API a ``disabled`` state change alone does not cause the module result to report a changed status. + * - disableprimaryondown + - Choices: + + - enabled + - disabled + - Continue forwarding the traffic to backup virtual server even after the primary server comes UP from the DOWN state. + * - dnsprofilename + - + - Name of the DNS profile to be associated with the VServer. DNS profile properties will applied to the transactions processed by a VServer. This parameter is valid only for DNS and DNS-TCP VServers. + + Minimum length = 1 + + Maximum length = 127 + * - domainname + - + - Domain name for which to change the time to live (TTL) and/or backup service IP address. + + Minimum length = 1 + * - downstateflush + - Choices: + + - enabled + - disabled + - Flush all active transactions associated with a virtual server whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions. + * - httpprofilename + - + - Name of the HTTP profile containing HTTP configuration settings for the virtual server. The service type of the virtual server should be either ``HTTP`` or ``SSL``. + + Minimum length = 1 + + Maximum length = 127 + * - icmpvsrresponse + - Choices: + + - PASSIVE + - ACTIVE + - Can be active or passive. + * - insertvserveripport + - Choices: + + - OFF + - VIPADDR + - V6TOV4MAPPING + - Insert the virtual server's VIP address and port number in the request header. Available values function as follows: + + C(VIPADDR) - Header contains the vserver's IP address and port number without any translation. + + C(OFF) - The virtual IP and port header insertion option is disabled. + + C(V6TOV4MAPPING) - Header contains the mapped IPv4 address corresponding to the IPv6 address of the vserver and the port number. An IPv6 address can be mapped to a user-specified IPv4 address using the set ns ip6 command. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - ipmask + - + - IP mask, in dotted decimal notation, for the IP Pattern parameter. Can have leading or trailing non-zero octets (for example, ``255.255.240.0`` or ``0.0.255.255``). Accordingly, the mask specifies whether the first n bits or the last n bits of the destination IP address in a client request are to be matched with the corresponding bits in the IP pattern. The former is called a forward mask. The latter is called a reverse mask. + * - ippattern + - + - IP address pattern, in dotted decimal notation, for identifying packets to be accepted by the virtual server. The IP Mask parameter specifies which part of the destination IP address is matched against the pattern. Mutually exclusive with the IP Address parameter. + + For example, if the IP pattern assigned to the virtual server is ``198.51.100.0`` and the IP mask is ``255.255.240.0`` (a forward mask), the first 20 bits in the destination IP addresses are matched with the first 20 bits in the pattern. The virtual server accepts requests with IP addresses that range from 198.51.96.1 to 198.51.111.254. You can also use a pattern such as ``0.0.2.2`` and a mask such as ``0.0.255.255`` (a reverse mask). + + If a destination IP address matches more than one IP pattern, the pattern with the longest match is selected, and the associated virtual server processes the request. For example, if the virtual servers, ``vs1`` and ``vs2``, have the same IP pattern, ``0.0.100.128``, but different IP masks of ``0.0.255.255`` and ``0.0.224.255``, a destination IP address of 198.51.100.128 has the longest match with the IP pattern of ``vs1``. If a destination IP address matches two or more virtual servers to the same extent, the request is processed by the virtual server whose port number matches the port number in the request. + * - ipv46 + - + - IP address of the content switching virtual server. + + Minimum length = 1 + * - l2conn + - + - Use L2 Parameters to identify a connection. + * - lbvserver + + *(added in 2.5)* + - + - The default Load Balancing virtual server. + * - listenpolicy + - + - String specifying the listen policy for the content switching virtual server. Can be either the name of an existing expression or an in-line expression. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - mssqlserverversion + - Choices: + + - 70 + - 2000 + - 2000SP1 + - 2005 + - 2008 + - 2008R2 + - 2012 + - 2014 + - The version of the MSSQL server. + * - mysqlcharacterset + - + - The character set returned by the mysql vserver. + * - mysqlprotocolversion + - + - The protocol version returned by the mysql vserver. + * - mysqlservercapabilities + - + - The server capabilities returned by the mysql vserver. + * - mysqlserverversion + - + - The server version string returned by the mysql vserver. + + Minimum length = 1 + + Maximum length = 31 + * - name + - + - Name for the content switching virtual server. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space, colon ``:``, at sign ``@``, equal sign ``=``, and hyphen ``-`` characters. + + Cannot be changed after the CS virtual server is created. + + Minimum length = 1 + * - netprofile + - + - The name of the network profile. + + Minimum length = 1 + + Maximum length = 127 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - oracleserverversion + - Choices: + + - 10G + - 11G + - Oracle server version. + * - port + - + - Port number for content switching virtual server. + + Minimum value = 1 + + Range ``1`` - ``65535`` + + * in CLI is represented as 65535 in NITRO API + * - precedence + - Choices: + + - RULE + - URL + - Type of precedence to use for both RULE-based and URL-based policies on the content switching virtual server. With the default ``RULE`` setting, incoming requests are evaluated against the rule-based content switching policies. If none of the rules match, the URL in the request is evaluated against the URL-based content switching policies. + * - push + - Choices: + + - enabled + - disabled + - Process traffic with the push virtual server that is bound to this content switching virtual server (specified by the Push VServer parameter). The service type of the push virtual server should be either ``HTTP`` or ``SSL``. + * - pushlabel + - + - Expression for extracting the label from the response received from server. This string can be either an existing rule name or an inline expression. The service type of the virtual server should be either ``HTTP`` or ``SSL``. + * - pushmulticlients + + *(bool)* + - + - Allow multiple Web 2.0 connections from the same client to connect to the virtual server and expect updates. + * - pushvserver + - + - Name of the load balancing virtual server, of type ``PUSH`` or ``SSL_PUSH``, to which the server pushes updates received on the client-facing load balancing virtual server. + + Minimum length = 1 + * - range + - + - Number of consecutive IP addresses, starting with the address specified by the IP Address parameter, to include in a range of addresses assigned to this virtual server. + + Minimum value = ``1`` + + Maximum value = ``254`` + * - redirectportrewrite + - Choices: + + - enabled + - disabled + - State of port rewrite while performing HTTP redirect. + * - redirecturl + - + - URL to which traffic is redirected if the virtual server becomes unavailable. The service type of the virtual server should be either ``HTTP`` or ``SSL``. + + Caution: Make sure that the domain in the URL does not match the domain specified for a content switching policy. If it does, requests are continuously redirected to the unavailable virtual server. + + Minimum length = 1 + * - rhistate + - Choices: + + - PASSIVE + - ACTIVE + - A host route is injected according to the setting on the virtual servers + + * If set to ``PASSIVE`` on all the virtual servers that share the IP address, the appliance always injects the hostroute. + + * If set to ``ACTIVE`` on all the virtual servers that share the IP address, the appliance injects even if one virtual server is UP. + + * If set to ``ACTIVE`` on some virtual servers and ``PASSIVE`` on the others, the appliance, injects even if one virtual server set to ``ACTIVE`` is UP. + * - rtspnat + + *(bool)* + - + - Enable network address translation (NAT) for real-time streaming protocol (RTSP) connections. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - servicetype + - Choices: + + - HTTP + - SSL + - TCP + - FTP + - RTSP + - SSL_TCP + - UDP + - DNS + - SIP_UDP + - SIP_TCP + - SIP_SSL + - ANY + - RADIUS + - RDP + - MYSQL + - MSSQL + - DIAMETER + - SSL_DIAMETER + - DNS_TCP + - ORACLE + - SMPP + - Protocol used by the virtual server. + * - sitedomainttl + - + - . + + Minimum value = ``1`` + * - sobackupaction + - Choices: + + - DROP + - ACCEPT + - REDIRECT + - Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists. + * - somethod + - Choices: + + - CONNECTION + - DYNAMICCONNECTION + - BANDWIDTH + - HEALTH + - NONE + - Type of spillover used to divert traffic to the backup virtual server when the primary virtual server reaches the spillover threshold. Connection spillover is based on the number of connections. Bandwidth spillover is based on the total Kbps of incoming and outgoing traffic. + * - sopersistence + - Choices: + + - enabled + - disabled + - Maintain source-IP based persistence on primary and backup virtual servers. + * - sopersistencetimeout + - + - Time-out value, in minutes, for spillover persistence. + + Minimum value = ``2`` + + Maximum value = ``1440`` + * - sothreshold + - + - Depending on the spillover method, the maximum number of connections or the maximum total bandwidth (Kbps) that a virtual server can handle before spillover occurs. + + Minimum value = ``1`` + + Maximum value = ``4294967287`` + * - ssl_certkey + + *(added in 2.5)* + - + - The name of the ssl certificate that is bound to this service. + + The ssl certificate must already exist. + + Creating the certificate can be done with the citrix_adc_ssl_certkey module. + + This option is only applicable only when ``servicetype`` is ``SSL``. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - stateupdate + - Choices: + + - enabled + - disabled + - Enable state updates for a specific content switching virtual server. By default, the Content Switching virtual server is always UP, regardless of the state of the Load Balancing virtual servers bound to it. This parameter interacts with the global setting as follows: + + Global Level | Vserver Level | Result + + enabled enabled enabled + + enabled disabled enabled + + disabled enabled enabled + + disabled disabled disabled + + If you want to enable state updates for only some content switching virtual servers, be sure to disable the state update parameter. + * - targettype + - Choices: + + - GSLB + - Virtual server target type. + * - tcpprofilename + - + - Name of the TCP profile containing TCP configuration settings for the virtual server. + + Minimum length = 1 + + Maximum length = 127 + * - td + - + - Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0. + + Minimum value = 0 + + Maximum value = 4094 + * - ttl + - + - . + + Minimum value = ``1`` + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - vipheader + - + - Name of virtual server IP and port header, for use with the VServer IP Port Insertion parameter. + + Minimum length = 1 + Examples -------- .. code-block:: yaml+jinja - # policy_1 must have been already created with the citrix_adc_cs_policy module # lbvserver_1 must have been already created with the citrix_adc_lb_vserver module - + - name: Setup content switching vserver delegate_to: localhost citrix_adc_cs_vserver: nsip: 172.18.0.2 nitro_user: nsroot nitro_pass: nsroot - + state: present - + name: cs_vserver_1 ipv46: 192.168.1.1 port: 80 servicetype: HTTP - + policybindings: - policyname: policy_1 targetlbvserver: lbvserver_1 - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{'clttimeout': 'difference. ours: (float) 100.0 other: (float) 60.0'}
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dict)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + {'clttimeout': 'difference. ours: (float) 100.0 other: (float) 60.0'} + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_gslb_service_module.rst b/docs/modules/citrix_adc_gslb_service_module.rst index 7dd2f1a30..997516dee 100644 --- a/docs/modules/citrix_adc_gslb_service_module.rst +++ b/docs/modules/citrix_adc_gslb_service_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_gslb_service.py - :orphan: .. _citrix_adc_gslb_service_module: - -citrix_adc_gslb_service - Manage gslb service entities in Netscaler -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_gslb_service - Manage gslb service entities in Netscaler. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.4 @@ -14,7 +11,6 @@ citrix_adc_gslb_service - Manage gslb service entities in Netscaler :local: :depth: 2 - Synopsis -------- - Manage gslb service entities in Netscaler. @@ -31,591 +27,303 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- appflowlog - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable logging appflow flow information.
-
- cip - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
In the request that is forwarded to the GSLB service, insert a header that stores the client's IP address. Client IP header insertion is used in connection-proxy based site persistence.
-
- cipheader - - -
Name for the HTTP header that stores the client's IP address. Used with the Client IP option. If client IP header insertion is enabled on the service and a name is not specified for the header, the NetScaler appliance uses the name specified by the cipHeader parameter in the set ns param command or, in the GUI, the Client IP Header parameter in the Configure HTTP Parameters dialog box.
-
Minimum length = 1
-
- clttimeout - - -
Idle time, in seconds, after which a client connection is terminated. Applicable if connection proxy based site persistence is used.
-
Minimum value = 0
-
Maximum value = 31536000
-
- cnameentry - - -
Canonical name of the GSLB service. Used in CNAME-based GSLB.
-
Minimum length = 1
-
- comment - - -
Any comments that you might want to associate with the GSLB service.
-
- downstateflush - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Flush all active transactions associated with the GSLB service when its state transitions from UP to DOWN. Do not enable this option for services that must complete their transactions. Applicable if connection proxy based site persistence is used.
-
- hashid - - -
Unique hash identifier for the GSLB service, used by hash based load balancing methods.
-
Minimum value = 1
-
- healthmonitor -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Monitor the health of the GSLB service.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- ipaddress - - -
IP address for the GSLB service. Should represent a load balancing, content switching, or VPN virtual server on the NetScaler appliance, or the IP address of another load balancing device.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- maxaaausers - - -
Maximum number of SSL VPN users that can be logged on concurrently to the VPN virtual server that is represented by this GSLB service. A GSLB service whose user count reaches the maximum is not considered when a GSLB decision is made, until the count drops below the maximum.
-
Minimum value = 0
-
Maximum value = 65535
-
- maxbandwidth - - -
Integer specifying the maximum bandwidth allowed for the service. A GSLB service whose bandwidth reaches the maximum is not considered when a GSLB decision is made, until its bandwidth consumption drops below the maximum.
-
- maxclient - - -
The maximum number of open connections that the service can support at any given time. A GSLB service whose connection count reaches the maximum is not considered when a GSLB decision is made, until the connection count drops below the maximum.
-
Minimum value = 0
-
Maximum value = 4294967294
-
- monitor_bindings - - -
Bind monitors to this gslb service
-
- monitor_name - - -
Monitor name.
-
- weight - - -
Weight to assign to the monitor-service binding.
-
A larger number specifies a greater weight.
-
Contributes to the monitoring threshold, which determines the state of the service.
-
Minimum value = 1
-
Maximum value = 100
-
- monthreshold - - -
Monitoring threshold value for the GSLB service. If the sum of the weights of the monitors that are bound to this GSLB service and are in the UP state is not equal to or greater than this threshold value, the service is marked as DOWN.
-
Minimum value = 0
-
Maximum value = 65535
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- port - - -
Port on which the load balancing entity represented by this GSLB service listens.
-
Minimum value = 1
-
Range 1 - 65535
-
* in CLI is represented as 65535 in NITRO API
-
- publicip - - -
The public IP address that a NAT device translates to the GSLB service's private IP address. Optional.
-
- publicport - - -
The public port associated with the GSLB service's public IP address. The port is mapped to the service's private port number. Applicable to the local GSLB service. Optional.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- servername - - -
Name of the server hosting the GSLB service.
-
Minimum length = 1
-
- servicename - - -
Name for the GSLB service. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space, colon :, at @, equals =, and hyphen - characters. Can be changed after the GSLB service is created.
-
-
Minimum length = 1
-
- servicetype - -
    Choices: -
  • HTTP
    • -
  • FTP
    • -
  • TCP
    • -
  • UDP
    • -
  • SSL
    • -
  • SSL_BRIDGE
    • -
  • SSL_TCP
    • -
  • NNTP
    • -
  • ANY
    • -
  • SIP_UDP
    • -
  • SIP_TCP
    • -
  • SIP_SSL
    • -
  • RADIUS
    • -
  • RDP
    • -
  • RTSP
    • -
  • MYSQL
    • -
  • MSSQL
    • -
  • ORACLE
    • -
- 		-
Type of service to create.
-
- sitename - - -
Name of the GSLB site to which the service belongs.
-
Minimum length = 1
-
- sitepersistence - -
    Choices: -
  • ConnectionProxy
    • -
  • HTTPRedirect
    • -
  • NONE
    • -
- 		-
Use cookie-based site persistence. Applicable only to HTTP and SSL GSLB services.
-
- siteprefix - - -
The site's prefix string. When the service is bound to a GSLB virtual server, a GSLB site domain is generated internally for each bound service-domain pair by concatenating the site prefix of the service and the name of the domain. If the special string NONE is specified, the site-prefix string is unset. When implementing HTTP redirect site persistence, the NetScaler appliance redirects GSLB requests to GSLB services by using their site domains.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - appflowlog + - Choices: + + - enabled + - disabled + - Enable logging appflow flow information. + * - cip + - Choices: + + - enabled + - disabled + - In the request that is forwarded to the GSLB service, insert a header that stores the client's IP address. Client IP header insertion is used in connection-proxy based site persistence. + * - cipheader + - + - Name for the HTTP header that stores the client's IP address. Used with the Client IP option. If client IP header insertion is enabled on the service and a name is not specified for the header, the NetScaler appliance uses the name specified by the cipHeader parameter in the set ns param command or, in the GUI, the Client IP Header parameter in the Configure HTTP Parameters dialog box. + + Minimum length = 1 + * - clttimeout + - + - Idle time, in seconds, after which a client connection is terminated. Applicable if connection proxy based site persistence is used. + + Minimum value = 0 + + Maximum value = 31536000 + * - cnameentry + - + - Canonical name of the GSLB service. Used in CNAME-based GSLB. + + Minimum length = 1 + * - comment + - + - Any comments that you might want to associate with the GSLB service. + * - downstateflush + - Choices: + + - enabled + - disabled + - Flush all active transactions associated with the GSLB service when its state transitions from UP to DOWN. Do not enable this option for services that must complete their transactions. Applicable if connection proxy based site persistence is used. + * - hashid + - + - Unique hash identifier for the GSLB service, used by hash based load balancing methods. + + Minimum value = ``1`` + * - healthmonitor + + *(bool)* + - + - Monitor the health of the GSLB service. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - ipaddress + - + - IP address for the GSLB service. Should represent a load balancing, content switching, or VPN virtual server on the NetScaler appliance, or the IP address of another load balancing device. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - maxaaausers + - + - Maximum number of SSL VPN users that can be logged on concurrently to the VPN virtual server that is represented by this GSLB service. A GSLB service whose user count reaches the maximum is not considered when a GSLB decision is made, until the count drops below the maximum. + + Minimum value = ``0`` + + Maximum value = ``65535`` + * - maxbandwidth + - + - Integer specifying the maximum bandwidth allowed for the service. A GSLB service whose bandwidth reaches the maximum is not considered when a GSLB decision is made, until its bandwidth consumption drops below the maximum. + * - maxclient + - + - The maximum number of open connections that the service can support at any given time. A GSLB service whose connection count reaches the maximum is not considered when a GSLB decision is made, until the connection count drops below the maximum. + + Minimum value = ``0`` + + Maximum value = ``4294967294`` + * - monitor_bindings + - + - Bind monitors to this gslb service + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - monitor_name + - + - Monitor name. + * - weight + - + - Weight to assign to the monitor-service binding. + + A larger number specifies a greater weight. + + Contributes to the monitoring threshold, which determines the state of the service. + + Minimum value = ``1`` + + Maximum value = ``100`` + + * - monthreshold + - + - Monitoring threshold value for the GSLB service. If the sum of the weights of the monitors that are bound to this GSLB service and are in the UP state is not equal to or greater than this threshold value, the service is marked as DOWN. + + Minimum value = ``0`` + + Maximum value = ``65535`` + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - port + - + - Port on which the load balancing entity represented by this GSLB service listens. + + Minimum value = 1 + + Range 1 - 65535 + + * in CLI is represented as 65535 in NITRO API + * - publicip + - + - The public IP address that a NAT device translates to the GSLB service's private IP address. Optional. + * - publicport + - + - The public port associated with the GSLB service's public IP address. The port is mapped to the service's private port number. Applicable to the local GSLB service. Optional. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - servername + - + - Name of the server hosting the GSLB service. + + Minimum length = 1 + * - servicename + - + - Name for the GSLB service. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. Can be changed after the GSLB service is created. + + + + Minimum length = 1 + * - servicetype + - Choices: + + - HTTP + - FTP + - TCP + - UDP + - SSL + - SSL_BRIDGE + - SSL_TCP + - NNTP + - ANY + - SIP_UDP + - SIP_TCP + - SIP_SSL + - RADIUS + - RDP + - RTSP + - MYSQL + - MSSQL + - ORACLE + - Type of service to create. + * - sitename + - + - Name of the GSLB site to which the service belongs. + + Minimum length = 1 + * - sitepersistence + - Choices: + + - ConnectionProxy + - HTTPRedirect + - NONE + - Use cookie-based site persistence. Applicable only to ``HTTP`` and ``SSL`` GSLB services. + * - siteprefix + - + - The site's prefix string. When the service is bound to a GSLB virtual server, a GSLB site domain is generated internally for each bound service-domain pair by concatenating the site prefix of the service and the name of the domain. If the special string NONE is specified, the site-prefix string is unset. When implementing HTTP redirect site persistence, the NetScaler appliance redirects GSLB requests to GSLB services by using their site domains. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup gslb service 2 - + delegate_to: localhost register: result check_mode: "{{ check_mode }}" - + citrix_adc_gslb_service: operation: present - + servicename: gslb-service-2 cnameentry: example.com sitename: gslb-site-1 - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dictionary
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{ 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' }
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
string
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dictionary)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + { 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' } + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(string)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_gslb_site_module.rst b/docs/modules/citrix_adc_gslb_site_module.rst index b43af7d67..58502231b 100644 --- a/docs/modules/citrix_adc_gslb_site_module.rst +++ b/docs/modules/citrix_adc_gslb_site_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_gslb_site.py - :orphan: .. _citrix_adc_gslb_site_module: - -citrix_adc_gslb_site - Manage gslb site entities in Netscaler -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_gslb_site - Manage gslb site entities in Netscaler. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.4.0 @@ -14,7 +11,6 @@ citrix_adc_gslb_site - Manage gslb site entities in Netscaler :local: :depth: 2 - Synopsis -------- - Manage gslb site entities in Netscaler. @@ -31,319 +27,161 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- clip - - -
Cluster IP address. Specify this parameter to connect to the remote cluster site for GSLB auto-sync. Note: The cluster IP address is defined when creating the cluster.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- metricexchange - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Exchange metrics with other sites. Metrics are exchanged by using Metric Exchange Protocol (MEP). The appliances in the GSLB setup exchange health information once every second.
-
If you disable metrics exchange, you can use only static load balancing methods (such as round robin, static proximity, or the hash-based methods), and if you disable metrics exchange when a dynamic load balancing method (such as least connection) is in operation, the appliance falls back to round robin. Also, if you disable metrics exchange, you must use a monitor to determine the state of GSLB services. Otherwise, the service is marked as DOWN.
-
- naptrreplacementsuffix - - -
The naptr replacement suffix configured here will be used to construct the naptr replacement field in NAPTR record.
-
Minimum length = 1
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- nwmetricexchange - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Exchange, with other GSLB sites, network metrics such as round-trip time (RTT), learned from communications with various local DNS (LDNS) servers used by clients. RTT information is used in the dynamic RTT load balancing method, and is exchanged every 5 seconds.
-
- parentsite - - -
Parent site of the GSLB site, in a parent-child topology.
-
- publicclip - - -
IP address to be used to globally access the remote cluster when it is deployed behind a NAT. It can be same as the normal cluster IP address.
-
- publicip - - -
Public IP address for the local site. Required only if the appliance is deployed in a private address space and the site has a public IP address hosted on an external firewall or a NAT device.
-
Minimum length = 1
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- sessionexchange - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Exchange persistent session entries with other GSLB sites every five seconds.
-
- siteipaddress - - -
IP address for the GSLB site. The GSLB site uses this IP address to communicate with other GSLB sites. For a local site, use any IP address that is owned by the appliance (for example, a SNIP or MIP address, or the IP address of the ADNS service).
-
Minimum length = 1
-
- sitename - - -
Name for the GSLB site. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at @, equals =, and hyphen - characters. Cannot be changed after the virtual server is created.
-
Minimum length = 1
-
- sitetype - -
    Choices: -
  • REMOTE
    • -
  • LOCAL
    • -
- 		-
Type of site to create. If the type is not specified, the appliance automatically detects and sets the type on the basis of the IP address being assigned to the site. If the specified site IP address is owned by the appliance (for example, a MIP address or SNIP address), the site is a local site. Otherwise, it is a remote site.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- triggermonitor - -
    Choices: -
  • ALWAYS
    • -
  • MEPDOWN
    • -
  • MEPDOWN_SVCDOWN
    • -
- 		-
Specify the conditions under which the GSLB service must be monitored by a monitor, if one is bound. Available settings function as follows:
-
* ALWAYS - Monitor the GSLB service at all times.
-
* MEPDOWN - Monitor the GSLB service only when the exchange of metrics through the Metrics Exchange Protocol (MEP) is disabled.
-
MEPDOWN_SVCDOWN - Monitor the service in either of the following situations:
-
* The exchange of metrics through MEP is disabled.
-
* The exchange of metrics through MEP is enabled but the status of the service, learned through metrics exchange, is DOWN.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - clip + - + - Cluster IP address. Specify this parameter to connect to the remote cluster site for GSLB auto-sync. Note: The cluster IP address is defined when creating the cluster. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - metricexchange + - Choices: + + - enabled + - disabled + - Exchange metrics with other sites. Metrics are exchanged by using Metric Exchange Protocol (MEP). The appliances in the GSLB setup exchange health information once every second. + + If you disable metrics exchange, you can use only static load balancing methods (such as round robin, static proximity, or the hash-based methods), and if you disable metrics exchange when a dynamic load balancing method (such as least connection) is in operation, the appliance falls back to round robin. Also, if you disable metrics exchange, you must use a monitor to determine the state of GSLB services. Otherwise, the service is marked as DOWN. + * - naptrreplacementsuffix + - + - The naptr replacement suffix configured here will be used to construct the naptr replacement field in NAPTR record. + + Minimum length = 1 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - nwmetricexchange + - Choices: + + - enabled + - disabled + - Exchange, with other GSLB sites, network metrics such as round-trip time (RTT), learned from communications with various local DNS (LDNS) servers used by clients. RTT information is used in the dynamic RTT load balancing method, and is exchanged every 5 seconds. + * - parentsite + - + - Parent site of the GSLB site, in a parent-child topology. + * - publicclip + - + - IP address to be used to globally access the remote cluster when it is deployed behind a NAT. It can be same as the normal cluster IP address. + * - publicip + - + - Public IP address for the local site. Required only if the appliance is deployed in a private address space and the site has a public IP address hosted on an external firewall or a NAT device. + + Minimum length = 1 + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - sessionexchange + - Choices: + + - enabled + - disabled + - Exchange persistent session entries with other GSLB sites every five seconds. + * - siteipaddress + - + - IP address for the GSLB site. The GSLB site uses this IP address to communicate with other GSLB sites. For a local site, use any IP address that is owned by the appliance (for example, a SNIP or MIP address, or the IP address of the ADNS service). + + Minimum length = 1 + * - sitename + - + - Name for the GSLB site. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space `` ``, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. Cannot be changed after the virtual server is created. + + Minimum length = 1 + * - sitetype + - Choices: + + - REMOTE + - LOCAL + - Type of site to create. If the type is not specified, the appliance automatically detects and sets the type on the basis of the IP address being assigned to the site. If the specified site IP address is owned by the appliance (for example, a MIP address or SNIP address), the site is a local site. Otherwise, it is a remote site. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - triggermonitor + - Choices: + + - ALWAYS + - MEPDOWN + - MEPDOWN_SVCDOWN + - Specify the conditions under which the GSLB service must be monitored by a monitor, if one is bound. Available settings function as follows: + + * ``ALWAYS`` - Monitor the GSLB service at all times. + + * ``MEPDOWN`` - Monitor the GSLB service only when the exchange of metrics through the Metrics Exchange Protocol (MEP) is disabled. + + C(MEPDOWN_SVCDOWN) - Monitor the service in either of the following situations: + + * The exchange of metrics through MEP is disabled. + + * The exchange of metrics through MEP is enabled but the status of the service, learned through metrics exchange, is DOWN. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup gslb site delegate_to: localhost @@ -351,7 +189,7 @@ Examples nsip: 172.18.0.2 nitro_user: nsroot nitro_pass: nsroot - + sitename: gslb-site-1 siteipaddress: 192.168.1.1 sitetype: LOCAL @@ -360,91 +198,42 @@ Examples nwmetricexchange: enabled sessionexchange: enabled triggermonitor: ALWAYS - - - + Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dictionary
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{ 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' }
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
string
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dictionary)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + { 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' } + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(string)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_gslb_vserver_module.rst b/docs/modules/citrix_adc_gslb_vserver_module.rst index f6aac15bb..498d4c3e4 100644 --- a/docs/modules/citrix_adc_gslb_vserver_module.rst +++ b/docs/modules/citrix_adc_gslb_vserver_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_gslb_vserver.py - :orphan: .. _citrix_adc_gslb_vserver_module: - -citrix_adc_gslb_vserver - Configure gslb vserver entities in Netscaler -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_gslb_vserver - Configure gslb vserver entities in Netscaler. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.4.0 @@ -14,7 +11,6 @@ citrix_adc_gslb_vserver - Configure gslb vserver entities in Netscaler :local: :depth: 2 - Synopsis -------- - Configure gslb vserver entities in Netscaler. @@ -31,666 +27,362 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- appflowlog - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable logging appflow flow information.
-
- backuplbmethod - -
    Choices: -
  • ROUNDROBIN
    • -
  • LEASTCONNECTION
    • -
  • LEASTRESPONSETIME
    • -
  • SOURCEIPHASH
    • -
  • LEASTBANDWIDTH
    • -
  • LEASTPACKETS
    • -
  • STATICPROXIMITY
    • -
  • RTT
    • -
  • CUSTOMLOAD
    • -
- 		-
Backup load balancing method. Becomes operational if the primary load balancing method fails or cannot be used. Valid only if the primary method is based on either round-trip time (RTT) or static proximity.
-
- comment - - -
Any comments that you might want to associate with the GSLB virtual server.
-
- considereffectivestate - -
    Choices: -
  • NONE
    • -
  • STATE_ONLY
    • -
- 		-
If the primary state of all bound GSLB services is DOWN, consider the effective states of all the GSLB services, obtained through the Metrics Exchange Protocol (MEP), when determining the state of the GSLB virtual server. To consider the effective state, set the parameter to STATE_ONLY. To disregard the effective state, set the parameter to NONE.
-
The effective state of a GSLB service is the ability of the corresponding virtual server to serve traffic. The effective state of the load balancing virtual server, which is transferred to the GSLB service, is UP even if only one virtual server in the backup chain of virtual servers is in the UP state.
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to yes the GSLB Vserver state will be set to disabled.
-
When set to no the GSLB Vserver state will be set to enabled.
-
Note that due to limitations of the underlying NITRO API a disabled state change alone does not cause the module result to report a changed status.
-
- disableprimaryondown - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Continue to direct traffic to the backup chain even after the primary GSLB virtual server returns to the UP state. Used when spillover is configured for the virtual server.
-
- dnsrecordtype - -
    Choices: -
  • A
    • -
  • AAAA
    • -
  • CNAME
    • -
  • NAPTR
    • -
- 		-
DNS record type to associate with the GSLB virtual server's domain name.
-
Default value: A
-
Possible values = A, AAAA, CNAME, NAPTR
-
- domain_bindings - - -
List of bindings for domains for this glsb vserver.
-
- cookietimeout - - -
Timeout, in minutes, for the GSLB site cookie.
-
- domainname - - -
Domain name for which to change the time to live (TTL) and/or backup service IP address.
-
- ttl - - -
Time to live (TTL) for the domain.
-
- sitedomainttl - - -
TTL, in seconds, for all internally created site domains (created when a site prefix is configured on a GSLB service) that are associated with this virtual server.
-
Minimum value = 1
-
- dynamicweight - -
    Choices: -
  • SERVICECOUNT
    • -
  • SERVICEWEIGHT
    • -
  • DISABLED
    • -
- 		-
Specify if the appliance should consider the service count, service weights, or ignore both when using weight-based load balancing methods. The state of the number of services bound to the virtual server help the appliance to select the service.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- lbmethod - -
    Choices: -
  • ROUNDROBIN
    • -
  • LEASTCONNECTION
    • -
  • LEASTRESPONSETIME
    • -
  • SOURCEIPHASH
    • -
  • LEASTBANDWIDTH
    • -
  • LEASTPACKETS
    • -
  • STATICPROXIMITY
    • -
  • RTT
    • -
  • CUSTOMLOAD
    • -
- 		-
Load balancing method for the GSLB virtual server.
-
Default value: LEASTCONNECTION
-
Possible values = ROUNDROBIN, LEASTCONNECTION, LEASTRESPONSETIME, SOURCEIPHASH, LEASTBANDWIDTH, LEASTPACKETS, STATICPROXIMITY, RTT, CUSTOMLOAD
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- mir - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Include multiple IP addresses in the DNS responses sent to clients.
-
- name - - -
Name for the GSLB virtual server. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space, colon :, at @, equals =, and hyphen - characters. Can be changed after the virtual server is created.
-
Minimum length = 1
-
- netmask - - -
IPv4 network mask for use in the SOURCEIPHASH load balancing method.
-
Minimum length = 1
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- persistenceid - - -
The persistence ID for the GSLB virtual server. The ID is a positive integer that enables GSLB sites to identify the GSLB virtual server, and is required if source IP address based or spill over based persistence is enabled on the virtual server.
-
Minimum value = 0
-
Maximum value = 65535
-
- persistencetype - -
    Choices: -
  • SOURCEIP
    • -
  • NONE
    • -
- 		-
Use source IP address based persistence for the virtual server.
-
After the load balancing method selects a service for the first packet, the IP address received in response to the DNS query is used for subsequent requests from the same client.
-
- persistmask - - -
The optional IPv4 network mask applied to IPv4 addresses to establish source IP address based persistence.
-
Minimum length = 1
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- service_bindings - - -
List of bindings for gslb services bound to this gslb virtual server.
-
- servicename - - -
Name of the GSLB service for which to change the weight.
-
- weight - - -
Weight to assign to the GSLB service.
-
- servicetype - -
    Choices: -
  • HTTP
    • -
  • FTP
    • -
  • TCP
    • -
  • UDP
    • -
  • SSL
    • -
  • SSL_BRIDGE
    • -
  • SSL_TCP
    • -
  • NNTP
    • -
  • ANY
    • -
  • SIP_UDP
    • -
  • SIP_TCP
    • -
  • SIP_SSL
    • -
  • RADIUS
    • -
  • RDP
    • -
  • RTSP
    • -
  • MYSQL
    • -
  • MSSQL
    • -
  • ORACLE
    • -
- 		-
Protocol used by services bound to the virtual server.
-
-
- sobackupaction - -
    Choices: -
  • DROP
    • -
  • ACCEPT
    • -
  • REDIRECT
    • -
- 		-
Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists.
-
- somethod - -
    Choices: -
  • CONNECTION
    • -
  • DYNAMICCONNECTION
    • -
  • BANDWIDTH
    • -
  • HEALTH
    • -
  • NONE
    • -
- 		-
Type of threshold that, when exceeded, triggers spillover. Available settings function as follows:
-
* CONNECTION - Spillover occurs when the number of client connections exceeds the threshold.
-
* DYNAMICCONNECTION - Spillover occurs when the number of client connections at the GSLB virtual server exceeds the sum of the maximum client (Max Clients) settings for bound GSLB services. Do not specify a spillover threshold for this setting, because the threshold is implied by the Max Clients settings of the bound GSLB services.
-
* BANDWIDTH - Spillover occurs when the bandwidth consumed by the GSLB virtual server's incoming and outgoing traffic exceeds the threshold.
-
* HEALTH - Spillover occurs when the percentage of weights of the GSLB services that are UP drops below the threshold. For example, if services gslbSvc1, gslbSvc2, and gslbSvc3 are bound to a virtual server, with weights 1, 2, and 3, and the spillover threshold is 50%, spillover occurs if gslbSvc1 and gslbSvc3 or gslbSvc2 and gslbSvc3 transition to DOWN.
-
* NONE - Spillover does not occur.
-
- sopersistence - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
If spillover occurs, maintain source IP address based persistence for both primary and backup GSLB virtual servers.
-
- sopersistencetimeout - - -
Timeout for spillover persistence, in minutes.
-
Default value: 2
-
Minimum value = 2
-
Maximum value = 1440
-
- sothreshold - - -
Threshold at which spillover occurs. Specify an integer for the CONNECTION spillover method, a bandwidth value in kilobits per second for the BANDWIDTH method (do not enter the units), or a percentage for the HEALTH method (do not enter the percentage symbol).
-
Minimum value = 1
-
Maximum value = 4294967287
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- timeout - - -
Idle time, in minutes, after which a persistence entry is cleared.
-
Default value: 2
-
Minimum value = 2
-
Maximum value = 1440
-
- tolerance - - -
Site selection tolerance, in milliseconds, for implementing the RTT load balancing method. If a site's RTT deviates from the lowest RTT by more than the specified tolerance, the site is not considered when the NetScaler appliance makes a GSLB decision. The appliance implements the round robin method of global server load balancing between sites whose RTT values are within the specified tolerance. If the tolerance is 0 (zero), the appliance always sends clients the IP address of the site with the lowest RTT.
-
Minimum value = 0
-
Maximum value = 100
-
- v6netmasklen - - -
Number of bits to consider, in an IPv6 source IP address, for creating the hash that is required by the SOURCEIPHASH load balancing method.
-
Default value: 128
-
Minimum value = 1
-
Maximum value = 128
-
- v6persistmasklen - - -
Number of bits to consider in an IPv6 source IP address when creating source IP address based persistence sessions.
-
Default value: 128
-
Minimum value = 1
-
Maximum value = 128
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - appflowlog + - Choices: + + - enabled + - disabled + - Enable logging appflow flow information. + * - backuplbmethod + - Choices: + + - ROUNDROBIN + - LEASTCONNECTION + - LEASTRESPONSETIME + - SOURCEIPHASH + - LEASTBANDWIDTH + - LEASTPACKETS + - STATICPROXIMITY + - RTT + - CUSTOMLOAD + - Backup load balancing method. Becomes operational if the primary load balancing method fails or cannot be used. Valid only if the primary method is based on either round-trip time (RTT) or static proximity. + * - comment + - + - Any comments that you might want to associate with the GSLB virtual server. + * - considereffectivestate + - Choices: + + - NONE + - STATE_ONLY + - If the primary state of all bound GSLB services is DOWN, consider the effective states of all the GSLB services, obtained through the Metrics Exchange Protocol (MEP), when determining the state of the GSLB virtual server. To consider the effective state, set the parameter to STATE_ONLY. To disregard the effective state, set the parameter to NONE. + + The effective state of a GSLB service is the ability of the corresponding virtual server to serve traffic. The effective state of the load balancing virtual server, which is transferred to the GSLB service, is UP even if only one virtual server in the backup chain of virtual servers is in the UP state. + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``yes`` the GSLB Vserver state will be set to ``disabled``. + + When set to ``no`` the GSLB Vserver state will be set to ``enabled``. + + Note that due to limitations of the underlying NITRO API a ``disabled`` state change alone does not cause the module result to report a changed status. + * - disableprimaryondown + - Choices: + + - enabled + - disabled + - Continue to direct traffic to the backup chain even after the primary GSLB virtual server returns to the UP state. Used when spillover is configured for the virtual server. + * - dnsrecordtype + - Choices: + + - A + - AAAA + - CNAME + - NAPTR + - DNS record type to associate with the GSLB virtual server's domain name. + + Default value: A + + Possible values = A, AAAA, CNAME, NAPTR + * - domain_bindings + - + - List of bindings for domains for this glsb vserver. + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - cookietimeout + - + - Timeout, in minutes, for the GSLB site cookie. + * - domainname + - + - Domain name for which to change the time to live (TTL) and/or backup service IP address. + * - sitedomainttl + - + - TTL, in seconds, for all internally created site domains (created when a site prefix is configured on a GSLB service) that are associated with this virtual server. + + Minimum value = ``1`` + * - ttl + - + - Time to live (TTL) for the domain. + + * - dynamicweight + - Choices: + + - SERVICECOUNT + - SERVICEWEIGHT + - DISABLED + - Specify if the appliance should consider the service count, service weights, or ignore both when using weight-based load balancing methods. The state of the number of services bound to the virtual server help the appliance to select the service. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - lbmethod + - Choices: + + - ROUNDROBIN + - LEASTCONNECTION + - LEASTRESPONSETIME + - SOURCEIPHASH + - LEASTBANDWIDTH + - LEASTPACKETS + - STATICPROXIMITY + - RTT + - CUSTOMLOAD + - Load balancing method for the GSLB virtual server. + + Default value: LEASTCONNECTION + + Possible values = ROUNDROBIN, LEASTCONNECTION, LEASTRESPONSETIME, SOURCEIPHASH, LEASTBANDWIDTH, LEASTPACKETS, STATICPROXIMITY, RTT, CUSTOMLOAD + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - mir + - Choices: + + - enabled + - disabled + - Include multiple IP addresses in the DNS responses sent to clients. + * - name + - + - Name for the GSLB virtual server. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. Can be changed after the virtual server is created. + + Minimum length = 1 + * - netmask + - + - IPv4 network mask for use in the SOURCEIPHASH load balancing method. + + Minimum length = 1 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - persistenceid + - + - The persistence ID for the GSLB virtual server. The ID is a positive integer that enables GSLB sites to identify the GSLB virtual server, and is required if source IP address based or spill over based persistence is enabled on the virtual server. + + Minimum value = ``0`` + + Maximum value = ``65535`` + * - persistencetype + - Choices: + + - SOURCEIP + - NONE + - Use source IP address based persistence for the virtual server. + + After the load balancing method selects a service for the first packet, the IP address received in response to the DNS query is used for subsequent requests from the same client. + * - persistmask + - + - The optional IPv4 network mask applied to IPv4 addresses to establish source IP address based persistence. + + Minimum length = 1 + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - service_bindings + - + - List of bindings for gslb services bound to this gslb virtual server. + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - servicename + - + - Name of the GSLB service for which to change the weight. + * - weight + - + - Weight to assign to the GSLB service. + + * - servicetype + - Choices: + + - HTTP + - FTP + - TCP + - UDP + - SSL + - SSL_BRIDGE + - SSL_TCP + - NNTP + - ANY + - SIP_UDP + - SIP_TCP + - SIP_SSL + - RADIUS + - RDP + - RTSP + - MYSQL + - MSSQL + - ORACLE + - Protocol used by services bound to the virtual server. + + + * - sobackupaction + - Choices: + - DROP + - ACCEPT + - REDIRECT + - Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists. + * - somethod + - Choices: -Examples --------- + - CONNECTION + - DYNAMICCONNECTION + - BANDWIDTH + - HEALTH + - NONE + - Type of threshold that, when exceeded, triggers spillover. Available settings function as follows: -.. code-block:: yaml+jinja + * ``CONNECTION`` - Spillover occurs when the number of client connections exceeds the threshold. - + * ``DYNAMICCONNECTION`` - Spillover occurs when the number of client connections at the GSLB virtual server exceeds the sum of the maximum client (Max Clients) settings for bound GSLB services. Do not specify a spillover threshold for this setting, because the threshold is implied by the Max Clients settings of the bound GSLB services. + + * ``BANDWIDTH`` - Spillover occurs when the bandwidth consumed by the GSLB virtual server's incoming and outgoing traffic exceeds the threshold. + + * ``HEALTH`` - Spillover occurs when the percentage of weights of the GSLB services that are UP drops below the threshold. For example, if services gslbSvc1, gslbSvc2, and gslbSvc3 are bound to a virtual server, with weights 1, 2, and 3, and the spillover threshold is 50%, spillover occurs if gslbSvc1 and gslbSvc3 or gslbSvc2 and gslbSvc3 transition to DOWN. + + * ``NONE`` - Spillover does not occur. + * - sopersistence + - Choices: + - enabled + - disabled + - If spillover occurs, maintain source IP address based persistence for both primary and backup GSLB virtual servers. + * - sopersistencetimeout + - + - Timeout for spillover persistence, in minutes. + Default value: ``2`` + Minimum value = ``2`` + Maximum value = ``1440`` + * - sothreshold + - + - Threshold at which spillover occurs. Specify an integer for the CONNECTION spillover method, a bandwidth value in kilobits per second for the BANDWIDTH method (do not enter the units), or a percentage for the HEALTH method (do not enter the percentage symbol). -Status ------- + Minimum value = ``1`` + Maximum value = ``4294967287`` + * - state + - Choices: + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + When present the resource will be created if needed and configured according to the module's parameters. + When absent the resource will be deleted from the netscaler node. + * - timeout + - + - Idle time, in minutes, after which a persistence entry is cleared. + Default value: ``2`` -Maintenance ------------ + Minimum value = ``2`` -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + Maximum value = ``1440`` + * - tolerance + - + - Site selection tolerance, in milliseconds, for implementing the RTT load balancing method. If a site's RTT deviates from the lowest RTT by more than the specified tolerance, the site is not considered when the NetScaler appliance makes a GSLB decision. The appliance implements the round robin method of global server load balancing between sites whose RTT values are within the specified tolerance. If the tolerance is 0 (zero), the appliance always sends clients the IP address of the site with the lowest RTT. -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + Minimum value = ``0`` + Maximum value = ``100`` + * - v6netmasklen + - + - Number of bits to consider, in an IPv6 source IP address, for creating the hash that is required by the ``SOURCEIPHASH`` load balancing method. + Default value: ``128`` + Minimum value = ``1`` + Maximum value = ``128`` + * - v6persistmasklen + - + - Number of bits to consider in an IPv6 source IP address when creating source IP address based persistence sessions. -Author -~~~~~~ + Default value: ``128`` -- George Nikolopoulos (@giorgos-nikolopoulos) + Minimum value = ``1`` + + Maximum value = ``128`` + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + + + +Examples +-------- + +.. code-block:: yaml+jinja + -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. +Return Values +------------- diff --git a/docs/modules/citrix_adc_lb_monitor_module.rst b/docs/modules/citrix_adc_lb_monitor_module.rst index e9caf60ba..68f45302a 100644 --- a/docs/modules/citrix_adc_lb_monitor_module.rst +++ b/docs/modules/citrix_adc_lb_monitor_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_lb_monitor.py - :orphan: .. _citrix_adc_lb_monitor_module: - citrix_adc_lb_monitor - Manage load balancing monitors ++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_lb_monitor - Manage load balancing monitors :local: :depth: 2 - Synopsis -------- - Manage load balancing monitors. @@ -32,1358 +28,651 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- acctapplicationid - - -
List of Acct-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message.
-
Minimum value = 0
-
Maximum value = 4294967295
-
- action - -
    Choices: -
  • NONE
    • -
  • LOG
    • -
  • DOWN
    • -
- 		-
Action to perform when the response to an inline monitor (a monitor of type HTTP-INLINE) indicates that the service is down. A service monitored by an inline monitor is considered DOWN if the response code is not one of the codes that have been specified for the Response Code parameter.
-
Available settings function as follows:
-
* NONE - Do not take any action. However, the show service command and the show lb monitor command indicate the total number of responses that were checked and the number of consecutive error responses received after the last successful probe.
-
* LOG - Log the event in NSLOG or SYSLOG.
-
* DOWN - Mark the service as being down, and then do not direct any traffic to the service until the configured down time has expired. Persistent connections to the service are terminated as soon as the service is marked as DOWN. Also, log the event in NSLOG or SYSLOG.
-
- alertretries - - -
Number of consecutive probe failures after which the appliance generates an SNMP trap called monProbeFailed.
-
Minimum value = 0
-
Maximum value = 32
-
- application - - -
Name of the application used to determine the state of the service. Applicable to monitors of type CITRIX-XML-SERVICE.
-
Minimum length = 1
-
- attribute - - -
Attribute to evaluate when the LDAP server responds to the query. Success or failure of the monitoring probe depends on whether the attribute exists in the response. Optional.
-
Minimum length = 1
-
- authapplicationid - - -
List of Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring CER message.
-
Minimum value = 0
-
Maximum value = 4294967295
-
- basedn - - -
The base distinguished name of the LDAP service, from where the LDAP server can begin the search for the attributes in the monitoring query. Required for LDAP service monitoring.
-
Minimum length = 1
-
- binddn - - -
The distinguished name with which an LDAP monitor can perform the Bind operation on the LDAP server. Optional. Applicable to LDAP monitors.
-
Minimum length = 1
-
- customheaders - - -
Custom header string to include in the monitoring probes.
-
- database - - -
Name of the database to connect to during authentication.
-
Minimum length = 1
-
- destip - - -
IP address of the service to which to send probes. If the parameter is set to 0, the IP address of the server to which the monitor is bound is considered the destination IP address.
-
- destport - - -
TCP or UDP port to which to send the probe. If the parameter is set to 0, the port number of the service to which the monitor is bound is considered the destination port. For a monitor of type USER, however, the destination port is the port number that is included in the HTTP request sent to the dispatcher. Does not apply to monitors of type PING.
-
- deviation - - -
Time value added to the learned average response time in dynamic response time monitoring (DRTM). When a deviation is specified, the appliance learns the average response time of bound services and adds the deviation to the average. The final value is then continually adjusted to accommodate response time variations over time. Specified in milliseconds, seconds, or minutes.
-
Minimum value = 0
-
Maximum value = 20939
-
- dispatcherip - - -
IP address of the dispatcher to which to send the probe.
-
- dispatcherport - - -
Port number on which the dispatcher listens for the monitoring probe.
-
- domain - - -
Domain in which the XenDesktop Desktop Delivery Controller (DDC) servers or Web Interface servers are present. Required by CITRIX-XD-DDC and CITRIX-WI-EXTENDED monitors for logging on to the DDC servers and Web Interface servers, respectively.
-
- downtime - - -
Time duration for which to wait before probing a service that has been marked as DOWN. Expressed in milliseconds, seconds, or minutes.
-
Minimum value = 1
-
Maximum value = 20939
-
- evalrule - - -
Default syntax expression that evaluates the database server's response to a MYSQL-ECV or MSSQL-ECV monitoring query. Must produce a Boolean result. The result determines the state of the server. If the expression returns TRUE, the probe succeeds.
-
For example, if you want the appliance to evaluate the error message to determine the state of the server, use the rule MYSQL.RES.ROW(10 .TEXT_ELE2.EQ("MySQL")).
-
- failureretries - - -
Number of retries that must fail, out of the number specified for the Retries parameter, for a service to be marked as DOWN. For example, if the Retries parameter is set to 10 and the Failure Retries parameter is set to 6, out of the ten probes sent, at least six probes must fail if the service is to be marked as DOWN. The default value of 0 means that all the retries must fail if the service is to be marked as DOWN.
-
Minimum value = 0
-
Maximum value = 32
-
- filename - - -
Name of a file on the FTP server. The appliance monitors the FTP service by periodically checking the existence of the file on the server. Applicable to FTP-EXTENDED monitors.
-
Minimum length = 1
-
- filter - - -
Filter criteria for the LDAP query. Optional.
-
Minimum length = 1
-
- firmwarerevision - - -
Firmware-Revision value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
-
- group - - -
Name of a newsgroup available on the NNTP service that is to be monitored. The appliance periodically generates an NNTP query for the name of the newsgroup and evaluates the response. If the newsgroup is found on the server, the service is marked as UP. If the newsgroup does not exist or if the search fails, the service is marked as DOWN. Applicable to NNTP monitors.
-
Minimum length = 1
-
- hostipaddress - - -
Host-IP-Address value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. If Host-IP-Address is not specified, the appliance inserts the mapped IP (MIP) address or subnet IP (SNIP) address from which the CER request (the monitoring probe) is sent.
-
Minimum length = 1
-
- hostname - - -
Hostname in the FQDN format (Example: porche.cars.org). Applicable to STOREFRONT monitors.
-
Minimum length = 1
-
- httprequest - - -
HTTP request to send to the server (for example, "HEAD /file.html").
-
- inbandsecurityid - -
    Choices: -
  • NO_INBAND_SECURITY
    • -
  • TLS
    • -
- 		-
Inband-Security-Id for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- interval - - -
Time interval between two successive probes. Must be greater than the value of Response Time-out.
-
Minimum value = 1
-
Maximum value = 20940
-
- ipaddress - - -
Set of IP addresses expected in the monitoring response from the DNS server, if the record type is A or AAAA. Applicable to DNS monitors.
-
Minimum length = 1
-
- iptunnel -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Send the monitoring probe to the service through an IP tunnel. A destination IP address must be specified.
-
- kcdaccount - - -
KCD Account used by MSSQL monitor.
-
Minimum length = 1
-
Maximum length = 32
-
- lasversion - - -
Version number of the Citrix Advanced Access Control Logon Agent. Required by the CITRIX-AAC-LAS monitor.
-
- logonpointname - - -
Name of the logon point that is configured for the Citrix Access Gateway Advanced Access Control software. Required if you want to monitor the associated login page or Logon Agent. Applicable to CITRIX-AAC-LAS and CITRIX-AAC-LOGINPAGE monitors.
-
- lrtm - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Calculate the least response times for bound services. If this parameter is not enabled, the appliance does not learn the response times of the bound services. Also used for LRTM load balancing.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- maxforwards - - -
Maximum number of hops that the SIP request used for monitoring can traverse to reach the server. Applicable only to monitors of type SIP-UDP.
-
Minimum value = 0
-
Maximum value = 255
-
- metrictable - - -
Metric table to which to bind metrics.
-
Minimum length = 1
-
Maximum length = 99
-
- monitorname - - -
Name for the monitor. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore, hash #, period ., space , colon :, at @, equals =, and hyphen - characters.
-
Minimum length = 1
-
- mssqlprotocolversion - -
    Choices: -
  • 70
    • -
  • 2000
    • -
  • 2000SP1
    • -
  • 2005
    • -
  • 2008
    • -
  • 2008R2
    • -
  • 2012
    • -
  • 2014
    • -
- 		-
Version of MSSQL server that is to be monitored.
-
- netprofile - - -
Name of the network profile.
-
Minimum length = 1
-
Maximum length = 127
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- oraclesid - - -
Name of the service identifier that is used to connect to the Oracle database during authentication.
-
Minimum length = 1
-
- originhost - - -
Origin-Host value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
-
Minimum length = 1
-
- originrealm - - -
Origin-Realm value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
-
Minimum length = 1
-
- password - - -
Password that is required for logging on to the RADIUS, NNTP, FTP, FTP-EXTENDED, MYSQL, MSSQL, POP3, CITRIX-AG, CITRIX-XD-DDC, CITRIX-WI-EXTENDED, CITRIX-XNC-ECV or CITRIX-XDM server. Used in conjunction with the user name specified for the username parameter.
-
Minimum length = 1
-
- productname - - -
Product-Name value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
-
Minimum length = 1
-
- query - - -
Domain name to resolve as part of monitoring the DNS service (for example, example.com).
-
- querytype - -
    Choices: -
  • Address
    • -
  • Zone
    • -
  • AAAA
    • -
- 		-
Type of DNS record for which to send monitoring queries. Set to Address for querying A records, AAAA for querying AAAA records, and Zone for querying the SOA record.
-
- radaccountsession - - -
Account Session ID to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING.
-
Minimum length = 1
-
- radaccounttype - - -
Account Type to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING.
-
Minimum value = 0
-
Maximum value = 15
-
- radapn - - -
Called Station Id to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING.
-
Minimum length = 1
-
- radframedip - - -
Source ip with which the packet will go out . Applicable to monitors of type RADIUS_ACCOUNTING.
-
- radkey - - -
Authentication key (shared secret text string) for RADIUS clients and servers to exchange. Applicable to monitors of type RADIUS and RADIUS_ACCOUNTING.
-
Minimum length = 1
-
- radmsisdn - - -
Calling Stations Id to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING.
-
Minimum length = 1
-
- radnasid - - -
NAS-Identifier to send in the Access-Request packet. Applicable to monitors of type RADIUS.
-
Minimum length = 1
-
- radnasip - - -
Network Access Server (NAS) IP address to use as the source IP address when monitoring a RADIUS server. Applicable to monitors of type RADIUS and RADIUS_ACCOUNTING.
-
- recv - - -
String expected from the server for the service to be marked as UP. Applicable to TCP-ECV, HTTP-ECV, and UDP-ECV monitors.
-
- respcode - - -
Response codes for which to mark the service as UP. For any other response code, the action performed depends on the monitor type. HTTP monitors and RADIUS monitors mark the service as DOWN, while HTTP-INLINE monitors perform the action indicated by the Action parameter.
-
- resptimeout - - -
Amount of time for which the appliance must wait before it marks a probe as FAILED. Must be less than the value specified for the Interval parameter.
-
Note: For UDP-ECV monitors for which a receive string is not configured, response timeout does not apply. For UDP-ECV monitors with no receive string, probe failure is indicated by an ICMP port unreachable error received from the service.
-
Minimum value = 1
-
Maximum value = 20939
-
- resptimeoutthresh - - -
Response time threshold, specified as a percentage of the Response Time-out parameter. If the response to a monitor probe has not arrived when the threshold is reached, the appliance generates an SNMP trap called monRespTimeoutAboveThresh. After the response time returns to a value below the threshold, the appliance generates a monRespTimeoutBelowThresh SNMP trap. For the traps to be generated, the "MONITOR-RTO-THRESHOLD" alarm must also be enabled.
-
Minimum value = 0
-
Maximum value = 100
-
- retries - - -
Maximum number of probes to send to establish the state of a service for which a monitoring probe failed.
-
Minimum value = 1
-
Maximum value = 127
-
- reverse -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Mark a service as DOWN, instead of UP, when probe criteria are satisfied, and as UP instead of DOWN when probe criteria are not satisfied.
-
- rtsprequest - - -
RTSP request to send to the server (for example, "OPTIONS *").
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- scriptargs - - -
String of arguments for the script. The string is copied verbatim into the request.
-
- scriptname - - -
Path and name of the script to execute. The script must be available on the NetScaler appliance, in the /nsconfig/monitors/ directory.
-
Minimum length = 1
-
- secondarypassword - - -
Secondary password that users might have to provide to log on to the Access Gateway server. Applicable to CITRIX-AG monitors.
-
- secure -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use a secure SSL connection when monitoring a service. Applicable only to TCP based monitors. The secure option cannot be used with a CITRIX-AG monitor, because a CITRIX-AG monitor uses a secure connection by default.
-
- send - - -
String to send to the service. Applicable to TCP-ECV, HTTP-ECV, and UDP-ECV monitors.
-
- sipmethod - -
    Choices: -
  • OPTIONS
    • -
  • INVITE
    • -
  • REGISTER
    • -
- 		-
SIP method to use for the query. Applicable only to monitors of type SIP-UDP.
-
- sipreguri - - -
SIP user to be registered. Applicable only if the monitor is of type SIP-UDP and the SIP Method parameter is set to REGISTER.
-
Minimum length = 1
-
- sipuri - - -
SIP URI string to send to the service (for example, sip:sip.test). Applicable only to monitors of type SIP-UDP.
-
Minimum length = 1
-
- sitepath - - -
URL of the logon page. For monitors of type CITRIX-WEB-INTERFACE, to monitor a dynamic page under the site path, terminate the site path with a slash /. Applicable to CITRIX-WEB-INTERFACE, CITRIX-WI-EXTENDED and CITRIX-XDM monitors.
-
Minimum length = 1
-
- snmpcommunity - - -
Community name for SNMP monitors.
-
Minimum length = 1
-
- Snmpoid - - -
SNMP OID for SNMP monitors.
-
Minimum length = 1
-
- snmpthreshold - - -
Threshold for SNMP monitors.
-
Minimum length = 1
-
- snmpversion - -
    Choices: -
  • V1
    • -
  • V2
    • -
- 		-
SNMP version to be used for SNMP monitors.
-
- sqlquery - - -
SQL query for a MYSQL-ECV or MSSQL-ECV monitor. Sent to the database server after the server authenticates the connection.
-
Minimum length = 1
-
- state - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- Default:
present
- 		-
State of the monitor. The disabled setting disables not only the monitor being configured, but all monitors of the same type, until the parameter is set to enabled. If the monitor is bound to a service, the state of the monitor is not taken into account when the state of the service is determined.
-
- storedb - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Store the database list populated with the responses to monitor probes. Used in database specific load balancing if MSSQL-ECV/MYSQL-ECV monitor is configured.
-
- storefrontacctservice -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable/Disable probing for Account Service. Applicable only to Store Front monitors. For multi-tenancy configuration users my skip account service.
-
- storefrontcheckbackendservices -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
This option will enable monitoring of services running on storefront server. Storefront services are monitored by probing to a Windows service that runs on the Storefront server and exposes details of which storefront services are running.
-
- storename - - -
Store Name. For monitors of type STOREFRONT, storename is an optional argument defining storefront service store name. Applicable to STOREFRONT monitors.
-
Minimum length = 1
-
- successretries - - -
Number of consecutive successful probes required to transition a service's state from DOWN to UP.
-
Minimum value = 1
-
Maximum value = 32
-
- supportedvendorids - - -
List of Supported-Vendor-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum eight of these AVPs are supported in a monitoring message.
-
Minimum value = 1
-
Maximum value = 4294967295
-
- tos -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Probe the service by encoding the destination IP address in the IP TOS (6) bits.
-
- tosid - - -
The TOS ID of the specified destination IP. Applicable only when the TOS parameter is set.
-
Minimum value = 1
-
Maximum value = 63
-
- transparent -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
The monitor is bound to a transparent device such as a firewall or router. The state of a transparent device depends on the responsiveness of the services behind it. If a transparent device is being monitored, a destination IP address must be specified. The probe is sent to the specified IP address by using the MAC address of the transparent device.
-
- trofscode - - -
Code expected when the server is under maintenance.
-
- trofsstring - - -
String expected from the server for the service to be marked as trofs. Applicable to HTTP-ECV/TCP-ECV monitors.
-
- type - -
    Choices: -
  • PING
    • -
  • TCP
    • -
  • HTTP
    • -
  • TCP-ECV
    • -
  • HTTP-ECV
    • -
  • UDP-ECV
    • -
  • DNS
    • -
  • FTP
    • -
  • LDNS-PING
    • -
  • LDNS-TCP
    • -
  • LDNS-DNS
    • -
  • RADIUS
    • -
  • USER
    • -
  • HTTP-INLINE
    • -
  • SIP-UDP
    • -
  • SIP-TCP
    • -
  • LOAD
    • -
  • FTP-EXTENDED
    • -
  • SMTP
    • -
  • SNMP
    • -
  • NNTP
    • -
  • MYSQL
    • -
  • MYSQL-ECV
    • -
  • MSSQL-ECV
    • -
  • ORACLE-ECV
    • -
  • LDAP
    • -
  • POP3
    • -
  • CITRIX-XML-SERVICE
    • -
  • CITRIX-WEB-INTERFACE
    • -
  • DNS-TCP
    • -
  • RTSP
    • -
  • ARP
    • -
  • CITRIX-AG
    • -
  • CITRIX-AAC-LOGINPAGE
    • -
  • CITRIX-AAC-LAS
    • -
  • CITRIX-XD-DDC
    • -
  • ND6
    • -
  • CITRIX-WI-EXTENDED
    • -
  • DIAMETER
    • -
  • RADIUS_ACCOUNTING
    • -
  • STOREFRONT
    • -
  • APPC
    • -
  • SMPP
    • -
  • CITRIX-XNC-ECV
    • -
  • CITRIX-XDM
    • -
  • CITRIX-STA-SERVICE
    • -
  • CITRIX-STA-SERVICE-NHOP
    • -
- 		-
Type of monitor that you want to create.
-
- units1 - -
    Choices: -
  • SEC
    • -
  • MSEC
    • -
  • MIN
    • -
- 		-
Unit of measurement for the Deviation parameter. Cannot be changed after the monitor is created.
-
- units2 - -
    Choices: -
  • SEC
    • -
  • MSEC
    • -
  • MIN
    • -
- 		-
Unit of measurement for the Down Time parameter. Cannot be changed after the monitor is created.
-
- units3 - -
    Choices: -
  • SEC
    • -
  • MSEC
    • -
  • MIN
    • -
- 		-
monitor interval units.
-
- units4 - -
    Choices: -
  • SEC
    • -
  • MSEC
    • -
  • MIN
    • -
- 		-
monitor response timeout units.
-
- username - - -
User name with which to probe the RADIUS, NNTP, FTP, FTP-EXTENDED, MYSQL, MSSQL, POP3, CITRIX-AG, CITRIX-XD-DDC, CITRIX-WI-EXTENDED, CITRIX-XNC or CITRIX-XDM server.
-
Minimum length = 1
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- validatecred -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Validate the credentials of the Xen Desktop DDC server user. Applicable to monitors of type CITRIX-XD-DDC.
-
- vendorid - - -
Vendor-Id value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers.
-
- vendorspecificacctapplicationids - - -
List of Vendor-Specific-Acct-Application-Id attribute value pairs (AVPs) to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message.
-
Minimum value = 0
-
Maximum value = 4294967295
-
- vendorspecificauthapplicationids - - -
List of Vendor-Specific-Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message.
-
Minimum value = 0
-
Maximum value = 4294967295
-
- vendorspecificvendorid - - -
Vendor-Id to use in the Vendor-Specific-Application-Id grouped attribute-value pair (AVP) in the monitoring CER message. To specify Auth-Application-Id or Acct-Application-Id in Vendor-Specific-Application-Id, use vendorSpecificAuthApplicationIds or vendorSpecificAcctApplicationIds, respectively. Only one Vendor-Id is supported for all the Vendor-Specific-Application-Id AVPs in a CER monitoring message.
-
Minimum value = 1
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - Snmpoid + - + - SNMP OID for ``SNMP`` monitors. + + Minimum length = 1 + * - acctapplicationid + - + - List of Acct-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. + + Minimum value = ``0`` + + Maximum value = ``4294967295`` + * - action + - Choices: + + - NONE + - LOG + - DOWN + - Action to perform when the response to an inline monitor (a monitor of type ``HTTP-INLINE``) indicates that the service is down. A service monitored by an inline monitor is considered ``DOWN`` if the response code is not one of the codes that have been specified for the Response Code parameter. + + Available settings function as follows: + + * ``NONE`` - Do not take any action. However, the show service command and the show lb monitor command indicate the total number of responses that were checked and the number of consecutive error responses received after the last successful probe. + + * ``LOG`` - Log the event in NSLOG or SYSLOG. + + * ``DOWN`` - Mark the service as being down, and then do not direct any traffic to the service until the configured down time has expired. Persistent connections to the service are terminated as soon as the service is marked as ``DOWN``. Also, log the event in NSLOG or SYSLOG. + * - alertretries + - + - Number of consecutive probe failures after which the appliance generates an SNMP trap called monProbeFailed. + + Minimum value = ``0`` + + Maximum value = ``32`` + * - application + - + - Name of the application used to determine the state of the service. Applicable to monitors of type ``CITRIX-XML-SERVICE``. + + Minimum length = 1 + * - attribute + - + - Attribute to evaluate when the LDAP server responds to the query. Success or failure of the monitoring probe depends on whether the attribute exists in the response. Optional. + + Minimum length = 1 + * - authapplicationid + - + - List of Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring CER message. + + Minimum value = ``0`` + + Maximum value = ``4294967295`` + * - basedn + - + - The base distinguished name of the LDAP service, from where the LDAP server can begin the search for the attributes in the monitoring query. Required for ``LDAP`` service monitoring. + + Minimum length = 1 + * - binddn + - + - The distinguished name with which an LDAP monitor can perform the Bind operation on the LDAP server. Optional. Applicable to ``LDAP`` monitors. + + Minimum length = 1 + * - customheaders + - + - Custom header string to include in the monitoring probes. + * - database + - + - Name of the database to connect to during authentication. + + Minimum length = 1 + * - destip + - + - IP address of the service to which to send probes. If the parameter is set to 0, the IP address of the server to which the monitor is bound is considered the destination IP address. + * - destport + - + - TCP or UDP port to which to send the probe. If the parameter is set to 0, the port number of the service to which the monitor is bound is considered the destination port. For a monitor of type ``USER``, however, the destination port is the port number that is included in the HTTP request sent to the dispatcher. Does not apply to monitors of type ``PING``. + * - deviation + - + - Time value added to the learned average response time in dynamic response time monitoring (DRTM). When a deviation is specified, the appliance learns the average response time of bound services and adds the deviation to the average. The final value is then continually adjusted to accommodate response time variations over time. Specified in milliseconds, seconds, or minutes. + + Minimum value = ``0`` + + Maximum value = ``20939`` + * - dispatcherip + - + - IP address of the dispatcher to which to send the probe. + * - dispatcherport + - + - Port number on which the dispatcher listens for the monitoring probe. + * - domain + - + - Domain in which the XenDesktop Desktop Delivery Controller (DDC) servers or Web Interface servers are present. Required by ``CITRIX-XD-DDC`` and ``CITRIX-WI-EXTENDED`` monitors for logging on to the DDC servers and Web Interface servers, respectively. + * - downtime + - + - Time duration for which to wait before probing a service that has been marked as DOWN. Expressed in milliseconds, seconds, or minutes. + + Minimum value = ``1`` + + Maximum value = ``20939`` + * - evalrule + - + - Default syntax expression that evaluates the database server's response to a MYSQL-ECV or MSSQL-ECV monitoring query. Must produce a Boolean result. The result determines the state of the server. If the expression returns TRUE, the probe succeeds. + + For example, if you want the appliance to evaluate the error message to determine the state of the server, use the rule ``MYSQL.RES.ROW(10`` .TEXT_ELEM(2).EQ("MySQL")). + * - failureretries + - + - Number of retries that must fail, out of the number specified for the Retries parameter, for a service to be marked as DOWN. For example, if the Retries parameter is set to 10 and the Failure Retries parameter is set to 6, out of the ten probes sent, at least six probes must fail if the service is to be marked as DOWN. The default value of 0 means that all the retries must fail if the service is to be marked as DOWN. + + Minimum value = ``0`` + + Maximum value = ``32`` + * - filename + - + - Name of a file on the FTP server. The appliance monitors the FTP service by periodically checking the existence of the file on the server. Applicable to ``FTP-EXTENDED`` monitors. + + Minimum length = 1 + * - filter + - + - Filter criteria for the LDAP query. Optional. + + Minimum length = 1 + * - firmwarerevision + - + - Firmware-Revision value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. + * - group + - + - Name of a newsgroup available on the NNTP service that is to be monitored. The appliance periodically generates an NNTP query for the name of the newsgroup and evaluates the response. If the newsgroup is found on the server, the service is marked as UP. If the newsgroup does not exist or if the search fails, the service is marked as DOWN. Applicable to NNTP monitors. + + Minimum length = 1 + * - hostipaddress + - + - Host-IP-Address value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. If Host-IP-Address is not specified, the appliance inserts the mapped IP (MIP) address or subnet IP (SNIP) address from which the CER request (the monitoring probe) is sent. + + Minimum length = 1 + * - hostname + - + - Hostname in the FQDN format (Example: ``porche.cars.org``). Applicable to ``STOREFRONT`` monitors. + + Minimum length = 1 + * - httprequest + - + - HTTP request to send to the server (for example, ``"HEAD /file.html"``). + * - inbandsecurityid + - Choices: + + - NO_INBAND_SECURITY + - TLS + - Inband-Security-Id for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - interval + - + - Time interval between two successive probes. Must be greater than the value of Response Time-out. + + Minimum value = ``1`` + + Maximum value = ``20940`` + * - ipaddress + - + - Set of IP addresses expected in the monitoring response from the DNS server, if the record type is A or AAAA. Applicable to ``DNS`` monitors. + + Minimum length = 1 + * - iptunnel + + *(bool)* + - + - Send the monitoring probe to the service through an IP tunnel. A destination IP address must be specified. + * - kcdaccount + - + - KCD Account used by ``MSSQL`` monitor. + + Minimum length = 1 + + Maximum length = 32 + * - lasversion + - + - Version number of the Citrix Advanced Access Control Logon Agent. Required by the ``CITRIX-AAC-LAS`` monitor. + * - logonpointname + - + - Name of the logon point that is configured for the Citrix Access Gateway Advanced Access Control software. Required if you want to monitor the associated login page or Logon Agent. Applicable to ``CITRIX-AAC-LAS`` and ``CITRIX-AAC-LOGINPAGE`` monitors. + * - lrtm + - Choices: + + - enabled + - disabled + - Calculate the least response times for bound services. If this parameter is not enabled, the appliance does not learn the response times of the bound services. Also used for LRTM load balancing. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - maxforwards + - + - Maximum number of hops that the SIP request used for monitoring can traverse to reach the server. Applicable only to monitors of type ``SIP-UDP``. + + Minimum value = ``0`` + + Maximum value = ``255`` + * - metrictable + - + - Metric table to which to bind metrics. + + Minimum length = 1 + + Maximum length = 99 + * - monitorname + - + - Name for the monitor. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore, hash ``#``, period ``.``, space `` ``, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. + + Minimum length = 1 + * - mssqlprotocolversion + - Choices: + + - 70 + - 2000 + - 2000SP1 + - 2005 + - 2008 + - 2008R2 + - 2012 + - 2014 + - Version of MSSQL server that is to be monitored. + * - netprofile + - + - Name of the network profile. + + Minimum length = 1 + + Maximum length = 127 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - oraclesid + - + - Name of the service identifier that is used to connect to the Oracle database during authentication. + + Minimum length = 1 + * - originhost + - + - Origin-Host value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. + + Minimum length = 1 + * - originrealm + - + - Origin-Realm value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. + + Minimum length = 1 + * - password + - + - Password that is required for logging on to the ``RADIUS``, ``NNTP``, ``FTP``, ``FTP-EXTENDED``, ``MYSQL``, ``MSSQL``, ``POP3``, ``CITRIX-AG``, ``CITRIX-XD-DDC``, ``CITRIX-WI-EXTENDED``, ``CITRIX-XNC-ECV`` or ``CITRIX-XDM`` server. Used in conjunction with the user name specified for the ``username`` parameter. + + Minimum length = 1 + * - productname + - + - Product-Name value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. + + Minimum length = 1 + * - query + - + - Domain name to resolve as part of monitoring the DNS service (for example, ``example.com``). + * - querytype + - Choices: + + - Address + - Zone + - AAAA + - Type of DNS record for which to send monitoring queries. Set to ``Address`` for querying A records, ``AAAA`` for querying AAAA records, and ``Zone`` for querying the SOA record. + * - radaccountsession + - + - Account Session ID to be used in Account Request Packet. Applicable to monitors of type ``RADIUS_ACCOUNTING``. + + Minimum length = 1 + * - radaccounttype + - + - Account Type to be used in Account Request Packet. Applicable to monitors of type ``RADIUS_ACCOUNTING``. + + Minimum value = 0 + + Maximum value = 15 + * - radapn + - + - Called Station Id to be used in Account Request Packet. Applicable to monitors of type ``RADIUS_ACCOUNTING``. + + Minimum length = 1 + * - radframedip + - + - Source ip with which the packet will go out . Applicable to monitors of type ``RADIUS_ACCOUNTING``. + * - radkey + - + - Authentication key (shared secret text string) for RADIUS clients and servers to exchange. Applicable to monitors of type ``RADIUS`` and ``RADIUS_ACCOUNTING``. + + Minimum length = 1 + * - radmsisdn + - + - Calling Stations Id to be used in Account Request Packet. Applicable to monitors of type ``RADIUS_ACCOUNTING``. + + Minimum length = 1 + * - radnasid + - + - NAS-Identifier to send in the Access-Request packet. Applicable to monitors of type ``RADIUS``. + + Minimum length = 1 + * - radnasip + - + - Network Access Server (NAS) IP address to use as the source IP address when monitoring a RADIUS server. Applicable to monitors of type ``RADIUS`` and ``RADIUS_ACCOUNTING``. + * - recv + - + - String expected from the server for the service to be marked as UP. Applicable to ``TCP-ECV``, ``HTTP-ECV``, and ``UDP-ECV`` monitors. + * - respcode + - + - Response codes for which to mark the service as UP. For any other response code, the action performed depends on the monitor type. ``HTTP`` monitors and ``RADIUS`` monitors mark the service as ``DOWN``, while ``HTTP-INLINE`` monitors perform the action indicated by the Action parameter. + * - resptimeout + - + - Amount of time for which the appliance must wait before it marks a probe as FAILED. Must be less than the value specified for the Interval parameter. + + Note: For ``UDP-ECV`` monitors for which a receive string is not configured, response timeout does not apply. For ``UDP-ECV`` monitors with no receive string, probe failure is indicated by an ICMP port unreachable error received from the service. + + Minimum value = ``1`` + + Maximum value = ``20939`` + * - resptimeoutthresh + - + - Response time threshold, specified as a percentage of the Response Time-out parameter. If the response to a monitor probe has not arrived when the threshold is reached, the appliance generates an SNMP trap called monRespTimeoutAboveThresh. After the response time returns to a value below the threshold, the appliance generates a monRespTimeoutBelowThresh SNMP trap. For the traps to be generated, the "MONITOR-RTO-THRESHOLD" alarm must also be enabled. + + Minimum value = ``0`` + + Maximum value = ``100`` + * - retries + - + - Maximum number of probes to send to establish the state of a service for which a monitoring probe failed. + + Minimum value = ``1`` + + Maximum value = ``127`` + * - reverse + + *(bool)* + - + - Mark a service as DOWN, instead of UP, when probe criteria are satisfied, and as UP instead of DOWN when probe criteria are not satisfied. + * - rtsprequest + - + - RTSP request to send to the server (for example, ``"OPTIONS *"``). + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - scriptargs + - + - String of arguments for the script. The string is copied verbatim into the request. + * - scriptname + - + - Path and name of the script to execute. The script must be available on the NetScaler appliance, in the /nsconfig/monitors/ directory. + + Minimum length = 1 + * - secondarypassword + - + - Secondary password that users might have to provide to log on to the Access Gateway server. Applicable to ``CITRIX-AG`` monitors. + * - secure + + *(bool)* + - + - Use a secure SSL connection when monitoring a service. Applicable only to TCP based monitors. The secure option cannot be used with a ``CITRIX-AG`` monitor, because a CITRIX-AG monitor uses a secure connection by default. + * - send + - + - String to send to the service. Applicable to ``TCP-ECV``, ``HTTP-ECV``, and ``UDP-ECV`` monitors. + * - sipmethod + - Choices: + + - OPTIONS + - INVITE + - REGISTER + - SIP method to use for the query. Applicable only to monitors of type ``SIP-UDP``. + * - sipreguri + - + - SIP user to be registered. Applicable only if the monitor is of type ``SIP-UDP`` and the SIP Method parameter is set to ``REGISTER``. + + Minimum length = 1 + * - sipuri + - + - SIP URI string to send to the service (for example, ``sip:sip.test``). Applicable only to monitors of type ``SIP-UDP``. + + Minimum length = 1 + * - sitepath + - + - URL of the logon page. For monitors of type ``CITRIX-WEB-INTERFACE``, to monitor a dynamic page under the site path, terminate the site path with a slash ``/``. Applicable to ``CITRIX-WEB-INTERFACE``, ``CITRIX-WI-EXTENDED`` and ``CITRIX-XDM`` monitors. + + Minimum length = 1 + * - snmpcommunity + - + - Community name for ``SNMP`` monitors. + + Minimum length = 1 + * - snmpthreshold + - + - Threshold for ``SNMP`` monitors. + + Minimum length = 1 + * - snmpversion + - Choices: + + - V1 + - V2 + - SNMP version to be used for ``SNMP`` monitors. + * - sqlquery + - + - SQL query for a ``MYSQL-ECV`` or ``MSSQL-ECV`` monitor. Sent to the database server after the server authenticates the connection. + + Minimum length = 1 + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - storedb + - Choices: + + - enabled + - disabled + - Store the database list populated with the responses to monitor probes. Used in database specific load balancing if ``MSSQL-ECV``/C(MYSQL-ECV) monitor is configured. + * - storefrontacctservice + + *(bool)* + - + - Enable/Disable probing for Account Service. Applicable only to Store Front monitors. For multi-tenancy configuration users my skip account service. + * - storefrontcheckbackendservices + + *(bool)* + - + - This option will enable monitoring of services running on storefront server. Storefront services are monitored by probing to a Windows service that runs on the Storefront server and exposes details of which storefront services are running. + * - storename + - + - Store Name. For monitors of type ``STOREFRONT``, ``storename`` is an optional argument defining storefront service store name. Applicable to ``STOREFRONT`` monitors. + + Minimum length = 1 + * - successretries + - + - Number of consecutive successful probes required to transition a service's state from DOWN to UP. + + Minimum value = ``1`` + + Maximum value = ``32`` + * - supportedvendorids + - + - List of Supported-Vendor-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum eight of these AVPs are supported in a monitoring message. + + Minimum value = ``1`` + + Maximum value = ``4294967295`` + * - tos + + *(bool)* + - + - Probe the service by encoding the destination IP address in the IP TOS (6) bits. + * - tosid + - + - The TOS ID of the specified destination IP. Applicable only when the TOS parameter is set. + + Minimum value = ``1`` + + Maximum value = ``63`` + * - transparent + + *(bool)* + - + - The monitor is bound to a transparent device such as a firewall or router. The state of a transparent device depends on the responsiveness of the services behind it. If a transparent device is being monitored, a destination IP address must be specified. The probe is sent to the specified IP address by using the MAC address of the transparent device. + * - trofscode + - + - Code expected when the server is under maintenance. + * - trofsstring + - + - String expected from the server for the service to be marked as trofs. Applicable to HTTP-ECV/TCP-ECV monitors. + * - type + - Choices: + + - PING + - TCP + - HTTP + - TCP-ECV + - HTTP-ECV + - UDP-ECV + - DNS + - FTP + - LDNS-PING + - LDNS-TCP + - LDNS-DNS + - RADIUS + - USER + - HTTP-INLINE + - SIP-UDP + - SIP-TCP + - LOAD + - FTP-EXTENDED + - SMTP + - SNMP + - NNTP + - MYSQL + - MYSQL-ECV + - MSSQL-ECV + - ORACLE-ECV + - LDAP + - POP3 + - CITRIX-XML-SERVICE + - CITRIX-WEB-INTERFACE + - DNS-TCP + - RTSP + - ARP + - CITRIX-AG + - CITRIX-AAC-LOGINPAGE + - CITRIX-AAC-LAS + - CITRIX-XD-DDC + - ND6 + - CITRIX-WI-EXTENDED + - DIAMETER + - RADIUS_ACCOUNTING + - STOREFRONT + - APPC + - SMPP + - CITRIX-XNC-ECV + - CITRIX-XDM + - CITRIX-STA-SERVICE + - CITRIX-STA-SERVICE-NHOP + - Type of monitor that you want to create. + * - units1 + - Choices: + + - SEC + - MSEC + - MIN + - Unit of measurement for the Deviation parameter. Cannot be changed after the monitor is created. + * - units2 + - Choices: + + - SEC + - MSEC + - MIN + - Unit of measurement for the Down Time parameter. Cannot be changed after the monitor is created. + * - units3 + - Choices: + + - SEC + - MSEC + - MIN + - monitor interval units. + * - units4 + - Choices: + + - SEC + - MSEC + - MIN + - monitor response timeout units. + * - username + - + - User name with which to probe the ``RADIUS``, ``NNTP``, ``FTP``, ``FTP-EXTENDED``, ``MYSQL``, ``MSSQL``, ``POP3``, ``CITRIX-AG``, ``CITRIX-XD-DDC``, ``CITRIX-WI-EXTENDED``, ``CITRIX-XNC`` or ``CITRIX-XDM`` server. + + Minimum length = 1 + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - validatecred + + *(bool)* + - + - Validate the credentials of the Xen Desktop DDC server user. Applicable to monitors of type ``CITRIX-XD-DDC``. + * - vendorid + - + - Vendor-Id value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. + * - vendorspecificacctapplicationids + - + - List of Vendor-Specific-Acct-Application-Id attribute value pairs (AVPs) to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message. + + Minimum value = ``0`` + + Maximum value = ``4294967295`` + * - vendorspecificauthapplicationids + - + - List of Vendor-Specific-Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message. + + Minimum value = ``0`` + + Maximum value = ``4294967295`` + * - vendorspecificvendorid + - + - Vendor-Id to use in the Vendor-Specific-Application-Id grouped attribute-value pair (AVP) in the monitoring CER message. To specify Auth-Application-Id or Acct-Application-Id in Vendor-Specific-Application-Id, use vendorSpecificAuthApplicationIds or vendorSpecificAcctApplicationIds, respectively. Only one Vendor-Id is supported for all the Vendor-Specific-Application-Id AVPs in a CER monitoring message. + + Minimum value = 1 + Examples -------- .. code-block:: yaml+jinja - - name: Set lb monitor local_action: @@ -1391,99 +680,50 @@ Examples nitro_user: nsroot nitro_pass: nsroot validate_certs: no - - + + module: citrix_adc_lb_monitor state: present - + monitorname: monitor_1 type: HTTP-INLINE action: DOWN respcode: ['400'] - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2'}
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dict)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + {'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2'} + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_lb_vserver_module.rst b/docs/modules/citrix_adc_lb_vserver_module.rst index 01918d5c4..5a53b5918 100644 --- a/docs/modules/citrix_adc_lb_vserver_module.rst +++ b/docs/modules/citrix_adc_lb_vserver_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_lb_vserver.py - :orphan: .. _citrix_adc_lb_vserver_module: - citrix_adc_lb_vserver - Manage load balancing vserver configuration +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_lb_vserver - Manage load balancing vserver configuration :local: :depth: 2 - Synopsis -------- - Manage load balancing vserver configuration @@ -32,1435 +28,834 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- appflowlog - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Apply AppFlow logging to the virtual server.
-
- authentication -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable or disable user authentication.
-
- authenticationhost - - -
Fully qualified domain name (FQDN) of the authentication virtual server to which the user must be redirected for authentication. Make sure that the Authentication parameter is set to yes.
-
Minimum length = 3
-
Maximum length = 252
-
- authn401 -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable or disable user authentication with HTTP 401 responses.
-
- authnprofile - - -
Name of the authentication profile to be used when authentication is turned on.
-
- authnvsname - - -
Name of an authentication virtual server with which to authenticate users.
-
Minimum length = 1
-
Maximum length = 252
-
- backuplbmethod - -
    Choices: -
  • ROUNDROBIN
    • -
  • LEASTCONNECTION
    • -
  • LEASTRESPONSETIME
    • -
  • SOURCEIPHASH
    • -
  • LEASTBANDWIDTH
    • -
  • LEASTPACKETS
    • -
  • CUSTOMLOAD
    • -
- 		-
Backup load balancing method. Becomes operational if the primary load balancing me
-
thod fails or cannot be used.
-
Valid only if the primary method is based on static proximity.
-
- backuppersistencetimeout - - -
Time period for which backup persistence is in effect.
-
Minimum value = 2
-
Maximum value = 1440
-
- bypassaaaa -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
If this option is enabled while resolving DNS64 query AAAA queries are not sent to back end dns server.
-
- cacheable -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Route cacheable requests to a cache redirection virtual server. The load balancing virtual server can forward requests only to a transparent cache redirection virtual server that has an IP address and port combination of *:80, so such a cache redirection virtual server must be configured on the appliance.
-
- clttimeout - - -
Idle time, in seconds, after which a client connection is terminated.
-
Minimum value = 0
-
Maximum value = 31536000
-
- comment - - -
Any comments that you might want to associate with the virtual server.
-
- connfailover - -
    Choices: -
  • DISABLED
    • -
  • STATEFUL
    • -
  • STATELESS
    • -
- 		-
Mode in which the connection failover feature must operate for the virtual server. After a failover, established TCP connections and UDP packet flows are kept active and resumed on the secondary appliance. Clients remain connected to the same servers. Available settings function as follows:
-
* STATEFUL - The primary appliance shares state information with the secondary appliance, in real time, resulting in some runtime processing overhead.
-
* STATELESS - State information is not shared, and the new primary appliance tries to re-create the packet flow on the basis of the information contained in the packets it receives.
-
* DISABLED - Connection failover does not occur.
-
- cookiename - - -
Use this parameter to specify the cookie name for COOKIE peristence type. It specifies the name of cookie with a maximum of 32 characters. If not specified, cookie name is internally generated.
-
- datalength - - -
Length of the token to be extracted from the data segment of an incoming packet, for use in the token method of load balancing. The length of the token, specified in bytes, must not be greater than 24 KB. Applicable to virtual servers of type TCP.
-
Minimum value = 1
-
Maximum value = 100
-
- dataoffset - - -
Offset to be considered when extracting a token from the TCP payload. Applicable to virtual servers, of type TCP, using the token method of load balancing. Must be within the first 24 KB of the TCP payload.
-
Minimum value = 0
-
Maximum value = 25400
-
- dbprofilename - - -
Name of the DB profile whose settings are to be applied to the virtual server.
-
Minimum length = 1
-
Maximum length = 127
-
- dbslb - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable database specific load balancing for MySQL and MSSQL service types.
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to yes the lb vserver will be disabled.
-
When set to no the lb vserver will be enabled.
-
Note that due to limitations of the underlying NITRO API a disabled state change alone does not cause the module result to report a changed status.
-
- disableprimaryondown - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
If the primary virtual server goes down, do not allow it to return to primary status until manually enabled.
-
- dns64 - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
This argument is for enabling/disabling the dns64 on lbvserver.
-
- dnsprofilename - - -
Name of the DNS profile to be associated with the VServer. DNS profile properties will be applied to the transactions processed by a VServer. This parameter is valid only for DNS and DNS-TCP VServers.
-
Minimum length = 1
-
Maximum length = 127
-
- downstateflush - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Flush all active transactions associated with a virtual server whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
-
- hashlength - - -
Number of bytes to consider for the hash value used in the URLHASH and DOMAINHASH load balancing methods.
-
Minimum value = 1
-
Maximum value = 4096
-
- healththreshold - - -
Threshold in percent of active services below which vserver state is made down. If this threshold is 0, vserver state will be up even if one bound service is up.
-
Minimum value = 0
-
Maximum value = 100
-
- httpprofilename - - -
Name of the HTTP profile whose settings are to be applied to the virtual server.
-
Minimum length = 1
-
Maximum length = 127
-
- icmpvsrresponse - -
    Choices: -
  • PASSIVE
    • -
  • ACTIVE
    • -
- 		-
How the NetScaler appliance responds to ping requests received for an IP address that is common to one or more virtual servers. Available settings function as follows:
-
* If set to PASSIVE on all the virtual servers that share the IP address, the appliance always responds to the ping requests.
-
* If set to ACTIVE on all the virtual servers that share the IP address, the appliance responds to the ping requests if at least one of the virtual servers is UP. Otherwise, the appliance does not respond.
-
* If set to ACTIVE on some virtual servers and PASSIVE on the others, the appliance responds if at least one virtual server with the ACTIVE setting is UP. Otherwise, the appliance does not respond.
-
Note: This parameter is available at the virtual server level. A similar parameter, ICMP Response, is available at the IP address level, for IPv4 addresses of type VIP. To set that parameter, use the add ip command in the CLI or the Create IP dialog box in the GUI.
-
- insertvserveripport - -
    Choices: -
  • OFF
    • -
  • VIPADDR
    • -
  • V6TOV4MAPPING
    • -
- 		-
Insert an HTTP header, whose value is the IP address and port number of the virtual server, before forwarding a request to the server. The format of the header is <vipHeader>: <virtual server IP address>_<port number >, where vipHeader is the name that you specify for the header. If the virtual server has an IPv6 address, the address in the header is enclosed in brackets ([ and ]) to separate it from the port number. If you have mapped an IPv4 address to a virtual server's IPv6 address, the value of this parameter determines which IP address is inserted in the header, as follows:
-
* VIPADDR - Insert the IP address of the virtual server in the HTTP header regardless of whether the virtual server has an IPv4 address or an IPv6 address. A mapped IPv4 address, if configured, is ignored.
-
* V6TOV4MAPPING - Insert the IPv4 address that is mapped to the virtual server's IPv6 address. If a mapped IPv4 address is not configured, insert the IPv6 address.
-
* OFF - Disable header insertion.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- ipmask - - -
IP mask, in dotted decimal notation, for the IP Pattern parameter. Can have leading or trailing non-zero octets (for example, 255.255.240.0 or 0.0.255.255). Accordingly, the mask specifies whether the first n bits or the last n bits of the destination IP address in a client request are to be matched with the corresponding bits in the IP pattern. The former is called a forward mask. The latter is called a reverse mask.
-
- ippattern - - -
IP address pattern, in dotted decimal notation, for identifying packets to be accepted by the virtual server. The IP Mask parameter specifies which part of the destination IP address is matched against the pattern. Mutually exclusive with the IP Address parameter.
-
For example, if the IP pattern assigned to the virtual server is 198.51.100.0 and the IP mask is 255.255.240.0 (a forward mask), the first 20 bits in the destination IP addresses are matched with the first 20 bits in the pattern. The virtual server accepts requests with IP addresses that range from 198.51.96.1 to 198.51.111.254. You can also use a pattern such as 0.0.2.2 and a mask such as 0.0.255.255 (a reverse mask).
-
If a destination IP address matches more than one IP pattern, the pattern with the longest match is selected, and the associated virtual server processes the request. For example, if virtual servers vs1 and vs2 have the same IP pattern, 0.0.100.128, but different IP masks of 0.0.255.255 and 0.0.224.255, a destination IP address of 198.51.100.128 has the longest match with the IP pattern of vs1. If a destination IP address matches two or more virtual servers to the same extent, the request is processed by the virtual server whose port number matches the port number in the request.
-
- ipv46 - - -
IPv4 or IPv6 address to assign to the virtual server.
-
- l2conn -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use Layer 2 parameters (channel number, MAC address, and VLAN ID) in addition to the 4-tuple (<source IP>:<source port>::<destination IP>:<destination port>) that is used to identify a connection. Allows multiple TCP and non-TCP connections with the same 4-tuple to co-exist on the NetScaler appliance.
-
- lbmethod - -
    Choices: -
  • ROUNDROBIN
    • -
  • LEASTCONNECTION
    • -
  • LEASTRESPONSETIME
    • -
  • URLHASH
    • -
  • DOMAINHASH
    • -
  • DESTINATIONIPHASH
    • -
  • SOURCEIPHASH
    • -
  • SRCIPDESTIPHASH
    • -
  • LEASTBANDWIDTH
    • -
  • LEASTPACKETS
    • -
  • TOKEN
    • -
  • SRCIPSRCPORTHASH
    • -
  • LRTM
    • -
  • CALLIDHASH
    • -
  • CUSTOMLOAD
    • -
  • LEASTREQUEST
    • -
  • AUDITLOGHASH
    • -
  • STATICPROXIMITY
    • -
- 		-
Load balancing method. The available settings function as follows:
-
* ROUNDROBIN - Distribute requests in rotation, regardless of the load. Weights can be assigned to services to enforce weighted round robin distribution.
-
* LEASTCONNECTION (default) - Select the service with the fewest connections.
-
* LEASTRESPONSETIME - Select the service with the lowest average response time.
-
* LEASTBANDWIDTH - Select the service currently handling the least traffic.
-
* LEASTPACKETS - Select the service currently serving the lowest number of packets per second.
-
* CUSTOMLOAD - Base service selection on the SNMP metrics obtained by custom load monitors.
-
* LRTM - Select the service with the lowest response time. Response times are learned through monitoring probes. This method also takes the number of active connections into account.
-
Also available are a number of hashing methods, in which the appliance extracts a predetermined portion of the request, creates a hash of the portion, and then checks whether any previous requests had the same hash value. If it finds a match, it forwards the request to the service that served those previous requests. Following are the hashing methods:
-
* URLHASH - Create a hash of the request URL (or part of the URL).
-
* DOMAINHASH - Create a hash of the domain name in the request (or part of the domain name). The domain name is taken from either the URL or the Host header. If the domain name appears in both locations, the URL is preferred. If the request does not contain a domain name, the load balancing method defaults to LEASTCONNECTION.
-
* DESTINATIONIPHASH - Create a hash of the destination IP address in the IP header.
-
* SOURCEIPHASH - Create a hash of the source IP address in the IP header.
-
* TOKEN - Extract a token from the request, create a hash of the token, and then select the service to which any previous requests with the same token hash value were sent.
-
* SRCIPDESTIPHASH - Create a hash of the string obtained by concatenating the source IP address and destination IP address in the IP header.
-
* SRCIPSRCPORTHASH - Create a hash of the source IP address and source port in the IP header.
-
* CALLIDHASH - Create a hash of the SIP Call-ID header.
-
- listenpolicy - - -
Default syntax expression identifying traffic accepted by the virtual server. Can be either an expression (for example, CLIENT.IP.DST.IN_SUBNET(192.0.2.0/24) or the name of a named expression. In the above example, the virtual server accepts all requests whose destination IP address is in the 192.0.2.0/24 subnet.
-
- listenpriority - - -
Integer specifying the priority of the listen policy. A higher number specifies a lower priority. If a request matches the listen policies of more than one virtual server the virtual server whose listen policy has the highest priority (the lowest priority number) accepts the request.
-
Minimum value = 0
-
Maximum value = 101
-
- m - -
    Choices: -
  • IP
    • -
  • MAC
    • -
  • IPTUNNEL
    • -
  • TOS
    • -
- 		-
Redirection mode for load balancing. Available settings function as follows:
-
* IP - Before forwarding a request to a server, change the destination IP address to the server's IP address.
-
* MAC - Before forwarding a request to a server, change the destination MAC address to the server's MAC address. The destination IP address is not changed. MAC-based redirection mode is used mostly in firewall load balancing deployments.
-
* IPTUNNEL - Perform IP-in-IP encapsulation for client IP packets. In the outer IP headers, set the destination IP address to the IP address of the server and the source IP address to the subnet IP (SNIP). The client IP packets are not modified. Applicable to both IPv4 and IPv6 packets.
-
* TOS - Encode the virtual server's TOS ID in the TOS field of the IP header.
-
You can use either the IPTUNNEL or the TOS option to implement Direct Server Return (DSR).
-
- macmoderetainvlan - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
This option is used to retain vlan information of incoming packet when macmode is enabled.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- maxautoscalemembers - - -
Maximum number of members expected to be present when vserver is used in Autoscale.
-
Minimum value = 0
-
Maximum value = 5000
-
- minautoscalemembers - - -
Minimum number of members expected to be present when vserver is used in Autoscale.
-
Minimum value = 0
-
Maximum value = 5000
-
- mssqlserverversion - -
    Choices: -
  • 70
    • -
  • 2000
    • -
  • 2000SP1
    • -
  • 2005
    • -
  • 2008
    • -
  • 2008R2
    • -
  • 2012
    • -
  • 2014
    • -
- 		-
For a load balancing virtual server of type MSSQL, the Microsoft SQL Server version. Set this parameter if you expect some clients to run a version different from the version of the database. This setting provides compatibility between the client-side and server-side connections by ensuring that all communication conforms to the server's version.
-
- mysqlcharacterset - - -
Character set that the virtual server advertises to clients.
-
- mysqlprotocolversion - - -
MySQL protocol version that the virtual server advertises to clients.
-
- mysqlservercapabilities - - -
Server capabilities that the virtual server advertises to clients.
-
- mysqlserverversion - - -
MySQL server version string that the virtual server advertises to clients.
-
Minimum length = 1
-
Maximum length = 31
-
- name - - -
Name for the virtual server. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore, hash #, period ., space , colon :, at sign @, equal sign =, and hyphen - characters. Can be changed after the virtual server is created.
-
Minimum length = 1
-
- netmask - - -
IPv4 subnet mask to apply to the destination IP address or source IP address when the load balancing method is DESTINATIONIPHASH or SOURCEIPHASH.
-
Minimum length = 1
-
- netprofile - - -
Name of the network profile to associate with the virtual server. If you set this parameter, the virtual server uses only the IP addresses in the network profile as source IP addresses when initiating connections with servers.
-
Minimum length = 1
-
Maximum length = 127
-
- newservicerequest - - -
Number of requests, or percentage of the load on existing services, by which to increase the load on a new service at each interval in slow-start mode. A non-zero value indicates that slow-start is applicable. A zero value indicates that the global RR startup parameter is applied. Changing the value to zero will cause services currently in slow start to take the full traffic as determined by the LB method. Subsequently, any new services added will use the global RR factor.
-
- newservicerequestincrementinterval - - -
Interval, in seconds, between successive increments in the load on a new service or a service whose state has just changed from DOWN to UP. A value of 0 (zero) specifies manual slow start.
-
Minimum value = 0
-
Maximum value = 3600
-
- newservicerequestunit - -
    Choices: -
  • PER_SECOND
    • -
  • PERCENT
    • -
- 		-
Units in which to increment load at each interval in slow-start mode.
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- oracleserverversion - -
    Choices: -
  • 10G
    • -
  • 11G
    • -
- 		-
Oracle server version.
-
- persistavpno - - -
Persist AVP number for Diameter Persistency.
-
In case this AVP is not defined in Base RFC 3588 and it is nested inside a Grouped AVP,
-
define a sequence of AVP numbers (max 3) in order of parent to child. So say persist AVP number X
-
is nested inside AVP Y which is nested in Z, then define the list as Z Y X.
-
Minimum value = 1
-
- persistencebackup - -
    Choices: -
  • SOURCEIP
    • -
  • NONE
    • -
- 		-
Backup persistence type for the virtual server. Becomes operational if the primary persistence mechanism fails.
-
- persistencetype - -
    Choices: -
  • SOURCEIP
    • -
  • COOKIEINSERT
    • -
  • SSLSESSION
    • -
  • RULE
    • -
  • URLPASSIVE
    • -
  • CUSTOMSERVERID
    • -
  • DESTIP
    • -
  • SRCIPDESTIP
    • -
  • CALLID
    • -
  • RTSPSID
    • -
  • DIAMETER
    • -
  • FIXSESSION
    • -
  • NONE
    • -
- 		-
Type of persistence for the virtual server. Available settings function as follows:
-
* SOURCEIP - Connections from the same client IP address belong to the same persistence session.
-
* COOKIEINSERT - Connections that have the same HTTP Cookie, inserted by a Set-Cookie directive from a server, belong to the same persistence session.
-
* SSLSESSION - Connections that have the same SSL Session ID belong to the same persistence session.
-
* CUSTOMSERVERID - Connections with the same server ID form part of the same session. For this persistence type, set the Server ID (CustomServerID) parameter for each service and configure the Rule parameter to identify the server ID in a request.
-
* RULE - All connections that match a user defined rule belong to the same persistence session.
-
* URLPASSIVE - Requests that have the same server ID in the URL query belong to the same persistence session. The server ID is the hexadecimal representation of the IP address and port of the service to which the request must be forwarded. This persistence type requires a rule to identify the server ID in the request.
-
* DESTIP - Connections to the same destination IP address belong to the same persistence session.
-
* SRCIPDESTIP - Connections that have the same source IP address and destination IP address belong to the same persistence session.
-
* CALLID - Connections that have the same CALL-ID SIP header belong to the same persistence session.
-
* RTSPSID - Connections that have the same RTSP Session ID belong to the same persistence session.
-
* FIXSESSION - Connections that have the same SenderCompID and TargetCompID values belong to the same persistence session.
-
- persistmask - - -
Persistence mask for IP based persistence types, for IPv4 virtual servers.
-
Minimum length = 1
-
- port - - -
Port number for the virtual server.
-
Range 1 - 65535
-
* in CLI is represented as 65535 in NITRO API
-
- processlocal - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
By turning on this option packets destined to a vserver in a cluster will not under go any steering. Turn this option for single packet request response mode or when the upstream device is performing a proper RSS for connection based distribution.
-
- push - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Process traffic with the push virtual server that is bound to this load balancing virtual server.
-
- pushlabel - - -
Expression for extracting a label from the server's response. Can be either an expression or the name of a named expression.
-
- pushmulticlients -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Allow multiple Web 2.0 connections from the same client to connect to the virtual server and expect updates.
-
- pushvserver - - -
Name of the load balancing virtual server, of type PUSH or SSL_PUSH, to which the server pushes updates received on the load balancing virtual server that you are configuring.
-
Minimum length = 1
-
- range - - -
Number of IP addresses that the appliance must generate and assign to the virtual server. The virtual server then functions as a network virtual server, accepting traffic on any of the generated IP addresses. The IP addresses are generated automatically, as follows:
-
* For a range of n, the last octet of the address specified by the IP Address parameter increments n-1 times.
-
* If the last octet exceeds 255, it rolls over to 0 and the third octet increments by 1.
-
Note: The Range parameter assigns multiple IP addresses to one virtual server. To generate an array of virtual servers, each of which owns only one IP address, use brackets in the IP Address and Name parameters to specify the range. For example:
-
add lb vserver my_vserver[1-3] HTTP 192.0.2.[1-3] 80.
-
Minimum value = 1
-
Maximum value = 254
-
- recursionavailable -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
When set to YES, this option causes the DNS replies from this vserver to have the RA bit turned on. Typically one would set this option to YES, when the vserver is load balancing a set of DNS servers thatsupport recursive queries.
-
- redirectportrewrite - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Rewrite the port and change the protocol to ensure successful HTTP redirects from services.
-
- redirurl - - -
URL to which to redirect traffic if the virtual server becomes unavailable.
-
WARNING! Make sure that the domain in the URL does not match the domain specified for a content switching policy. If it does, requests are continuously redirected to the unavailable virtual server.
-
Minimum length = 1
-
- resrule - - -
Default syntax expression specifying which part of a server's response to use for creating rule based persistence sessions (persistence type RULE). Can be either an expression or the name of a named expression.
-
Example:
-
HTTP.RES.HEADER("setcookie".VALUE(0).TYPECAST_NVLIST_T('=',';').VALUE("server1")).
-
- rhistate - -
    Choices: -
  • PASSIVE
    • -
  • ACTIVE
    • -
- 		-
Route Health Injection (RHI) functionality of the NetSaler appliance for advertising the route of the VIP address associated with the virtual server. When Vserver RHI Level (RHI) parameter is set to VSVR_CNTRLD, the following are different RHI behaviors for the VIP address on the basis of RHIstate (RHI STATE) settings on the virtual servers associated with the VIP address:
-
* If you set rhistate to PASSIVE on all virtual servers, the NetScaler ADC always advertises the route for the VIP address.
-
* If you set rhistate to ACTIVE on all virtual servers, the NetScaler ADC advertises the route for the VIP address if at least one of the associated virtual servers is in UP state.
-
* If you set rhistate to ACTIVE on some and PASSIVE on others, the NetScaler ADC advertises the route for the VIP address if at least one of the associated virtual servers, whose rhistate set to ACTIVE, is in UP state.
-
- rtspnat -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use network address translation (NAT) for RTSP data connections.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- servicebindings - - -
List of services along with the weights that are load balanced.
-
The following suboptions are available.
-
- servicename - - -
Service to bind to the virtual server.
-
Minimum length = 1
-
- weight - - -
Weight to assign to the specified service.
-
Minimum value = 1
-
Maximum value = 100
-
- servicegroupbindings - - -
List of service groups along with the weights that are load balanced.
-
The following suboptions are available.
-
- servicegroupname - - -
The service group name bound to the selected load balancing virtual server.
-
- weight - - -
Integer specifying the weight of the service. A larger number specifies a greater weight. Defines the capacity of the service relative to the other services in the load balancing configuration. Determines the priority given to the service in load balancing decisions.
-
Minimum value = 1
-
Maximum value = 100
-
- servicetype - -
    Choices: -
  • HTTP
    • -
  • FTP
    • -
  • TCP
    • -
  • UDP
    • -
  • SSL
    • -
  • SSL_BRIDGE
    • -
  • SSL_TCP
    • -
  • DTLS
    • -
  • NNTP
    • -
  • DNS
    • -
  • DHCPRA
    • -
  • ANY
    • -
  • SIP_UDP
    • -
  • SIP_TCP
    • -
  • SIP_SSL
    • -
  • DNS_TCP
    • -
  • RTSP
    • -
  • PUSH
    • -
  • SSL_PUSH
    • -
  • RADIUS
    • -
  • RDP
    • -
  • MYSQL
    • -
  • MSSQL
    • -
  • DIAMETER
    • -
  • SSL_DIAMETER
    • -
  • TFTP
    • -
  • ORACLE
    • -
  • SMPP
    • -
  • SYSLOGTCP
    • -
  • SYSLOGUDP
    • -
  • FIX
    • -
  • SSL_FIX
    • -
- 		-
Protocol used by the service (also called the service type).
-
- sessionless - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Perform load balancing on a per-packet basis, without establishing sessions. Recommended for load balancing of intrusion detection system (IDS) servers and scenarios involving direct server return (DSR), where session information is unnecessary.
-
- skippersistency - -
    Choices: -
  • Bypass
    • -
  • ReLb
    • -
  • None
    • -
- 		-
This argument decides the behavior incase the service which is selected from an existing persistence session has reached threshold.
-
- sobackupaction - -
    Choices: -
  • DROP
    • -
  • ACCEPT
    • -
  • REDIRECT
    • -
- 		-
Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists.
-
- somethod - -
    Choices: -
  • CONNECTION
    • -
  • DYNAMICCONNECTION
    • -
  • BANDWIDTH
    • -
  • HEALTH
    • -
  • NONE
    • -
- 		-
Type of threshold that, when exceeded, triggers spillover. Available settings function as follows:
-
* CONNECTION - Spillover occurs when the number of client connections exceeds the threshold.
-
* DYNAMICCONNECTION - Spillover occurs when the number of client connections at the virtual server exceeds the sum of the maximum client (Max Clients) settings for bound services. Do not specify a spillover threshold for this setting, because the threshold is implied by the Max Clients settings of bound services.
-
* BANDWIDTH - Spillover occurs when the bandwidth consumed by the virtual server's incoming and outgoing traffic exceeds the threshold.
-
* HEALTH - Spillover occurs when the percentage of weights of the services that are UP drops below the threshold. For example, if services svc1, svc2, and svc3 are bound to a virtual server, with weights 1, 2, and 3, and the spillover threshold is 50%, spillover occurs if svc1 and svc3 or svc2 and svc3 transition to DOWN.
-
* NONE - Spillover does not occur.
-
- sopersistence - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
If spillover occurs, maintain source IP address based persistence for both primary and backup virtual servers.
-
- sopersistencetimeout - - -
Timeout for spillover persistence, in minutes.
-
Minimum value = 2
-
Maximum value = 1440
-
- sothreshold - - -
Threshold at which spillover occurs. Specify an integer for the CONNECTION spillover method, a bandwidth value in kilobits per second for the BANDWIDTH method (do not enter the units), or a percentage for the HEALTH method (do not enter the percentage symbol).
-
Minimum value = 1
-
Maximum value = 4294967287
-
- ssl_certkey - - -
The name of the ssl certificate that is bound to this service.
-
The ssl certificate must already exist.
-
Creating the certificate can be done with the citrix_adc_ssl_certkey module.
-
This option is only applicable only when servicetype is SSL.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- tcpprofilename - - -
Name of the TCP profile whose settings are to be applied to the virtual server.
-
Minimum length = 1
-
Maximum length = 127
-
- td - - -
Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
-
Minimum value = 0
-
Maximum value = 4094
-
- timeout - - -
Time period for which a persistence session is in effect.
-
Minimum value = 0
-
Maximum value = 1440
-
- tosid - - -
TOS ID of the virtual server. Applicable only when the load balancing redirection mode is set to TOS.
-
Minimum value = 1
-
Maximum value = 63
-
- v6netmasklen - - -
Number of bits to consider in an IPv6 destination or source IP address, for creating the hash that is required by the DESTINATIONIPHASH and SOURCEIPHASH load balancing methods.
-
Minimum value = 1
-
Maximum value = 128
-
- v6persistmasklen - - -
Persistence mask for IP based persistence types, for IPv6 virtual servers.
-
Minimum value = 1
-
Maximum value = 128
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- vipheader - - -
Name for the inserted header. The default name is vip-header.
-
Minimum length = 1
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - appflowlog + - Choices: + + - enabled + - disabled + - Apply AppFlow logging to the virtual server. + * - authentication + + *(bool)* + - + - Enable or disable user authentication. + * - authenticationhost + - + - Fully qualified domain name (FQDN) of the authentication virtual server to which the user must be redirected for authentication. Make sure that the Authentication parameter is set to ``yes``. + + Minimum length = 3 + + Maximum length = 252 + * - authn401 + + *(bool)* + - + - Enable or disable user authentication with HTTP 401 responses. + * - authnprofile + - + - Name of the authentication profile to be used when authentication is turned on. + * - authnvsname + - + - Name of an authentication virtual server with which to authenticate users. + + Minimum length = 1 + + Maximum length = 252 + * - backuplbmethod + - Choices: + + - ROUNDROBIN + - LEASTCONNECTION + - LEASTRESPONSETIME + - SOURCEIPHASH + - LEASTBANDWIDTH + - LEASTPACKETS + - CUSTOMLOAD + - Backup load balancing method. Becomes operational if the primary load balancing me + + thod fails or cannot be used. + + Valid only if the primary method is based on static proximity. + * - backuppersistencetimeout + - + - Time period for which backup persistence is in effect. + + Minimum value = ``2`` + + Maximum value = ``1440`` + * - bypassaaaa + + *(bool)* + - + - If this option is enabled while resolving DNS64 query AAAA queries are not sent to back end dns server. + * - cacheable + + *(bool)* + - + - Route cacheable requests to a cache redirection virtual server. The load balancing virtual server can forward requests only to a transparent cache redirection virtual server that has an IP address and port combination of *:80, so such a cache redirection virtual server must be configured on the appliance. + * - clttimeout + - + - Idle time, in seconds, after which a client connection is terminated. + + Minimum value = ``0`` + + Maximum value = ``31536000`` + * - comment + - + - Any comments that you might want to associate with the virtual server. + * - connfailover + - Choices: + + - DISABLED + - STATEFUL + - STATELESS + - Mode in which the connection failover feature must operate for the virtual server. After a failover, established TCP connections and UDP packet flows are kept active and resumed on the secondary appliance. Clients remain connected to the same servers. Available settings function as follows: + + * ``STATEFUL`` - The primary appliance shares state information with the secondary appliance, in real time, resulting in some runtime processing overhead. + + * ``STATELESS`` - State information is not shared, and the new primary appliance tries to re-create the packet flow on the basis of the information contained in the packets it receives. + + * ``DISABLED`` - Connection failover does not occur. + * - cookiename + - + - Use this parameter to specify the cookie name for ``COOKIE`` peristence type. It specifies the name of cookie with a maximum of 32 characters. If not specified, cookie name is internally generated. + * - datalength + - + - Length of the token to be extracted from the data segment of an incoming packet, for use in the token method of load balancing. The length of the token, specified in bytes, must not be greater than 24 KB. Applicable to virtual servers of type TCP. + + Minimum value = ``1`` + + Maximum value = ``100`` + * - dataoffset + - + - Offset to be considered when extracting a token from the TCP payload. Applicable to virtual servers, of type TCP, using the token method of load balancing. Must be within the first 24 KB of the TCP payload. + + Minimum value = ``0`` + + Maximum value = ``25400`` + * - dbprofilename + - + - Name of the DB profile whose settings are to be applied to the virtual server. + + Minimum length = 1 + + Maximum length = 127 + * - dbslb + - Choices: + + - enabled + - disabled + - Enable database specific load balancing for MySQL and MSSQL service types. + * - disabled + + *(bool)* + - Default: + + *no* + - When set to ``yes`` the lb vserver will be disabled. + + When set to ``no`` the lb vserver will be enabled. + + Note that due to limitations of the underlying NITRO API a ``disabled`` state change alone does not cause the module result to report a changed status. + * - disableprimaryondown + - Choices: + + - enabled + - disabled + - If the primary virtual server goes down, do not allow it to return to primary status until manually enabled. + * - dns64 + - Choices: + + - enabled + - disabled + - This argument is for enabling/disabling the ``dns64`` on lbvserver. + * - dnsprofilename + - + - Name of the DNS profile to be associated with the VServer. DNS profile properties will be applied to the transactions processed by a VServer. This parameter is valid only for DNS and DNS-TCP VServers. + + Minimum length = 1 + + Maximum length = 127 + * - downstateflush + - Choices: + + - enabled + - disabled + - Flush all active transactions associated with a virtual server whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions. + * - hashlength + - + - Number of bytes to consider for the hash value used in the URLHASH and DOMAINHASH load balancing methods. + + Minimum value = ``1`` + + Maximum value = ``4096`` + * - healththreshold + - + - Threshold in percent of active services below which vserver state is made down. If this threshold is 0, vserver state will be up even if one bound service is up. + + Minimum value = ``0`` + + Maximum value = ``100`` + * - httpprofilename + - + - Name of the HTTP profile whose settings are to be applied to the virtual server. + + Minimum length = 1 + + Maximum length = 127 + * - icmpvsrresponse + - Choices: + + - PASSIVE + - ACTIVE + - How the NetScaler appliance responds to ping requests received for an IP address that is common to one or more virtual servers. Available settings function as follows: + + * If set to ``PASSIVE`` on all the virtual servers that share the IP address, the appliance always responds to the ping requests. + + * If set to ``ACTIVE`` on all the virtual servers that share the IP address, the appliance responds to the ping requests if at least one of the virtual servers is UP. Otherwise, the appliance does not respond. + + * If set to ``ACTIVE`` on some virtual servers and PASSIVE on the others, the appliance responds if at least one virtual server with the ACTIVE setting is UP. Otherwise, the appliance does not respond. + + Note: This parameter is available at the virtual server level. A similar parameter, ICMP Response, is available at the IP address level, for IPv4 addresses of type VIP. To set that parameter, use the add ip command in the CLI or the Create IP dialog box in the GUI. + * - insertvserveripport + - Choices: + + - OFF + - VIPADDR + - V6TOV4MAPPING + - Insert an HTTP header, whose value is the IP address and port number of the virtual server, before forwarding a request to the server. The format of the header is : _, where vipHeader is the name that you specify for the header. If the virtual server has an IPv6 address, the address in the header is enclosed in brackets ([ and ]) to separate it from the port number. If you have mapped an IPv4 address to a virtual server's IPv6 address, the value of this parameter determines which IP address is inserted in the header, as follows: + + * ``VIPADDR`` - Insert the IP address of the virtual server in the HTTP header regardless of whether the virtual server has an IPv4 address or an IPv6 address. A mapped IPv4 address, if configured, is ignored. + + * ``V6TOV4MAPPING`` - Insert the IPv4 address that is mapped to the virtual server's IPv6 address. If a mapped IPv4 address is not configured, insert the IPv6 address. + + * ``OFF`` - Disable header insertion. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - ipmask + - + - IP mask, in dotted decimal notation, for the IP Pattern parameter. Can have leading or trailing non-zero octets (for example, ``255.255.240.0`` or ``0.0.255.255``). Accordingly, the mask specifies whether the first n bits or the last n bits of the destination IP address in a client request are to be matched with the corresponding bits in the IP pattern. The former is called a forward mask. The latter is called a reverse mask. + * - ippattern + - + - IP address pattern, in dotted decimal notation, for identifying packets to be accepted by the virtual server. The IP Mask parameter specifies which part of the destination IP address is matched against the pattern. Mutually exclusive with the IP Address parameter. + + For example, if the IP pattern assigned to the virtual server is ``198.51.100.0`` and the IP mask is ``255.255.240.0`` (a forward mask), the first 20 bits in the destination IP addresses are matched with the first 20 bits in the pattern. The virtual server accepts requests with IP addresses that range from ``198.51.96.1`` to ``198.51.111.254``. You can also use a pattern such as ``0.0.2.2`` and a mask such as ``0.0.255.255`` (a reverse mask). + + If a destination IP address matches more than one IP pattern, the pattern with the longest match is selected, and the associated virtual server processes the request. For example, if virtual servers ``vs1`` and ``vs2`` have the same IP pattern, ``0.0.100.128``, but different IP masks of ``0.0.255.255`` and ``0.0.224.255``, a destination IP address of ``198.51.100.128`` has the longest match with the IP pattern of vs1. If a destination IP address matches two or more virtual servers to the same extent, the request is processed by the virtual server whose port number matches the port number in the request. + * - ipv46 + - + - IPv4 or IPv6 address to assign to the virtual server. + * - l2conn + + *(bool)* + - + - Use Layer 2 parameters (channel number, MAC address, and VLAN ID) in addition to the 4-tuple (::::) that is used to identify a connection. Allows multiple TCP and non-TCP connections with the same 4-tuple to co-exist on the NetScaler appliance. + * - lbmethod + - Choices: + + - ROUNDROBIN + - LEASTCONNECTION + - LEASTRESPONSETIME + - URLHASH + - DOMAINHASH + - DESTINATIONIPHASH + - SOURCEIPHASH + - SRCIPDESTIPHASH + - LEASTBANDWIDTH + - LEASTPACKETS + - TOKEN + - SRCIPSRCPORTHASH + - LRTM + - CALLIDHASH + - CUSTOMLOAD + - LEASTREQUEST + - AUDITLOGHASH + - STATICPROXIMITY + - Load balancing method. The available settings function as follows: + + * ``ROUNDROBIN`` - Distribute requests in rotation, regardless of the load. Weights can be assigned to services to enforce weighted round robin distribution. + + * ``LEASTCONNECTION`` (default) - Select the service with the fewest connections. + + * ``LEASTRESPONSETIME`` - Select the service with the lowest average response time. + + * ``LEASTBANDWIDTH`` - Select the service currently handling the least traffic. + + * ``LEASTPACKETS`` - Select the service currently serving the lowest number of packets per second. + + * ``CUSTOMLOAD`` - Base service selection on the SNMP metrics obtained by custom load monitors. + + * ``LRTM`` - Select the service with the lowest response time. Response times are learned through monitoring probes. This method also takes the number of active connections into account. + + Also available are a number of hashing methods, in which the appliance extracts a predetermined portion of the request, creates a hash of the portion, and then checks whether any previous requests had the same hash value. If it finds a match, it forwards the request to the service that served those previous requests. Following are the hashing methods: + + * ``URLHASH`` - Create a hash of the request URL (or part of the URL). + + * ``DOMAINHASH`` - Create a hash of the domain name in the request (or part of the domain name). The domain name is taken from either the URL or the Host header. If the domain name appears in both locations, the URL is preferred. If the request does not contain a domain name, the load balancing method defaults to ``LEASTCONNECTION``. + + * ``DESTINATIONIPHASH`` - Create a hash of the destination IP address in the IP header. + + * ``SOURCEIPHASH`` - Create a hash of the source IP address in the IP header. + + * ``TOKEN`` - Extract a token from the request, create a hash of the token, and then select the service to which any previous requests with the same token hash value were sent. + + * ``SRCIPDESTIPHASH`` - Create a hash of the string obtained by concatenating the source IP address and destination IP address in the IP header. + + * ``SRCIPSRCPORTHASH`` - Create a hash of the source IP address and source port in the IP header. + + * ``CALLIDHASH`` - Create a hash of the SIP Call-ID header. + * - listenpolicy + - + - Default syntax expression identifying traffic accepted by the virtual server. Can be either an expression (for example, ``CLIENT.IP.DST.IN_SUBNET(192.0.2.0/24``) or the name of a named expression. In the above example, the virtual server accepts all requests whose destination IP address is in the 192.0.2.0/24 subnet. + * - listenpriority + - + - Integer specifying the priority of the listen policy. A higher number specifies a lower priority. If a request matches the listen policies of more than one virtual server the virtual server whose listen policy has the highest priority (the lowest priority number) accepts the request. + + Minimum value = ``0`` + + Maximum value = ``101`` + * - m + - Choices: + + - IP + - MAC + - IPTUNNEL + - TOS + - Redirection mode for load balancing. Available settings function as follows: + + * ``IP`` - Before forwarding a request to a server, change the destination IP address to the server's IP address. + + * ``MAC`` - Before forwarding a request to a server, change the destination MAC address to the server's MAC address. The destination IP address is not changed. MAC-based redirection mode is used mostly in firewall load balancing deployments. + + * ``IPTUNNEL`` - Perform IP-in-IP encapsulation for client IP packets. In the outer IP headers, set the destination IP address to the IP address of the server and the source IP address to the subnet IP (SNIP). The client IP packets are not modified. Applicable to both IPv4 and IPv6 packets. + + * ``TOS`` - Encode the virtual server's TOS ID in the TOS field of the IP header. + + You can use either the ``IPTUNNEL`` or the ``TOS`` option to implement Direct Server Return (DSR). + * - macmoderetainvlan + - Choices: + + - enabled + - disabled + - This option is used to retain vlan information of incoming packet when macmode is enabled. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - maxautoscalemembers + - + - Maximum number of members expected to be present when vserver is used in Autoscale. + + Minimum value = ``0`` + + Maximum value = ``5000`` + * - minautoscalemembers + - + - Minimum number of members expected to be present when vserver is used in Autoscale. + + Minimum value = ``0`` + + Maximum value = ``5000`` + * - mssqlserverversion + - Choices: + + - 70 + - 2000 + - 2000SP1 + - 2005 + - 2008 + - 2008R2 + - 2012 + - 2014 + - For a load balancing virtual server of type ``MSSQL``, the Microsoft SQL Server version. Set this parameter if you expect some clients to run a version different from the version of the database. This setting provides compatibility between the client-side and server-side connections by ensuring that all communication conforms to the server's version. + * - mysqlcharacterset + - + - Character set that the virtual server advertises to clients. + * - mysqlprotocolversion + - + - MySQL protocol version that the virtual server advertises to clients. + * - mysqlservercapabilities + - + - Server capabilities that the virtual server advertises to clients. + * - mysqlserverversion + - + - MySQL server version string that the virtual server advertises to clients. + + Minimum length = 1 + + Maximum length = 31 + * - name + - + - Name for the virtual server. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore, hash ``#``, period ``.``, space `` ``, colon ``:``, at sign ``@``, equal sign ``=``, and hyphen ``-`` characters. Can be changed after the virtual server is created. + + Minimum length = 1 + * - netmask + - + - IPv4 subnet mask to apply to the destination IP address or source IP address when the load balancing method is ``DESTINATIONIPHASH`` or ``SOURCEIPHASH``. + + Minimum length = 1 + * - netprofile + - + - Name of the network profile to associate with the virtual server. If you set this parameter, the virtual server uses only the IP addresses in the network profile as source IP addresses when initiating connections with servers. + + Minimum length = 1 + + Maximum length = 127 + * - newservicerequest + - + - Number of requests, or percentage of the load on existing services, by which to increase the load on a new service at each interval in slow-start mode. A non-zero value indicates that slow-start is applicable. A zero value indicates that the global RR startup parameter is applied. Changing the value to zero will cause services currently in slow start to take the full traffic as determined by the LB method. Subsequently, any new services added will use the global RR factor. + * - newservicerequestincrementinterval + - + - Interval, in seconds, between successive increments in the load on a new service or a service whose state has just changed from DOWN to UP. A value of 0 (zero) specifies manual slow start. + + Minimum value = ``0`` + + Maximum value = ``3600`` + * - newservicerequestunit + - Choices: + + - PER_SECOND + - PERCENT + - Units in which to increment load at each interval in slow-start mode. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - oracleserverversion + - Choices: + + - 10G + - 11G + - Oracle server version. + * - persistavpno + - + - Persist AVP number for Diameter Persistency. + + In case this AVP is not defined in Base RFC 3588 and it is nested inside a Grouped AVP, + + define a sequence of AVP numbers (max 3) in order of parent to child. So say persist AVP number X + + is nested inside AVP Y which is nested in Z, then define the list as Z Y X. + + Minimum value = ``1`` + * - persistencebackup + - Choices: + + - SOURCEIP + - NONE + - Backup persistence type for the virtual server. Becomes operational if the primary persistence mechanism fails. + * - persistencetype + - Choices: + + - SOURCEIP + - COOKIEINSERT + - SSLSESSION + - RULE + - URLPASSIVE + - CUSTOMSERVERID + - DESTIP + - SRCIPDESTIP + - CALLID + - RTSPSID + - DIAMETER + - FIXSESSION + - NONE + - Type of persistence for the virtual server. Available settings function as follows: + + * ``SOURCEIP`` - Connections from the same client IP address belong to the same persistence session. + + * ``COOKIEINSERT`` - Connections that have the same HTTP Cookie, inserted by a Set-Cookie directive from a server, belong to the same persistence session. + + * ``SSLSESSION`` - Connections that have the same SSL Session ID belong to the same persistence session. + + * ``CUSTOMSERVERID`` - Connections with the same server ID form part of the same session. For this persistence type, set the Server ID (CustomServerID) parameter for each service and configure the Rule parameter to identify the server ID in a request. + + * ``RULE`` - All connections that match a user defined rule belong to the same persistence session. + + * ``URLPASSIVE`` - Requests that have the same server ID in the URL query belong to the same persistence session. The server ID is the hexadecimal representation of the IP address and port of the service to which the request must be forwarded. This persistence type requires a rule to identify the server ID in the request. + + * ``DESTIP`` - Connections to the same destination IP address belong to the same persistence session. + + * ``SRCIPDESTIP`` - Connections that have the same source IP address and destination IP address belong to the same persistence session. + + * ``CALLID`` - Connections that have the same CALL-ID SIP header belong to the same persistence session. + + * ``RTSPSID`` - Connections that have the same RTSP Session ID belong to the same persistence session. + + * FIXSESSION - Connections that have the same SenderCompID and TargetCompID values belong to the same persistence session. + * - persistmask + - + - Persistence mask for IP based persistence types, for IPv4 virtual servers. + + Minimum length = 1 + * - port + - + - Port number for the virtual server. + + Range ``1`` - ``65535`` + + * in CLI is represented as ``65535`` in NITRO API + * - processlocal + - Choices: + + - enabled + - disabled + - By turning on this option packets destined to a vserver in a cluster will not under go any steering. Turn this option for single packet request response mode or when the upstream device is performing a proper RSS for connection based distribution. + * - push + - Choices: + + - enabled + - disabled + - Process traffic with the push virtual server that is bound to this load balancing virtual server. + * - pushlabel + - + - Expression for extracting a label from the server's response. Can be either an expression or the name of a named expression. + * - pushmulticlients + + *(bool)* + - + - Allow multiple Web 2.0 connections from the same client to connect to the virtual server and expect updates. + * - pushvserver + - + - Name of the load balancing virtual server, of type PUSH or SSL_PUSH, to which the server pushes updates received on the load balancing virtual server that you are configuring. + + Minimum length = 1 + * - range + - + - Number of IP addresses that the appliance must generate and assign to the virtual server. The virtual server then functions as a network virtual server, accepting traffic on any of the generated IP addresses. The IP addresses are generated automatically, as follows: + + * For a range of n, the last octet of the address specified by the IP Address parameter increments n-1 times. + + * If the last octet exceeds 255, it rolls over to 0 and the third octet increments by 1. + + Note: The Range parameter assigns multiple IP addresses to one virtual server. To generate an array of virtual servers, each of which owns only one IP address, use brackets in the IP Address and Name parameters to specify the range. For example: + + add lb vserver my_vserver[1-3] HTTP 192.0.2.[1-3] 80. + + Minimum value = ``1`` + + Maximum value = ``254`` + * - recursionavailable + + *(bool)* + - + - When set to YES, this option causes the DNS replies from this vserver to have the RA bit turned on. Typically one would set this option to YES, when the vserver is load balancing a set of DNS servers thatsupport recursive queries. + * - redirectportrewrite + - Choices: + + - enabled + - disabled + - Rewrite the port and change the protocol to ensure successful HTTP redirects from services. + * - redirurl + - + - URL to which to redirect traffic if the virtual server becomes unavailable. + + WARNING! Make sure that the domain in the URL does not match the domain specified for a content switching policy. If it does, requests are continuously redirected to the unavailable virtual server. + + Minimum length = 1 + * - resrule + - + - Default syntax expression specifying which part of a server's response to use for creating rule based persistence sessions (persistence type RULE). Can be either an expression or the name of a named expression. + + Example: + + C(HTTP.RES.HEADER("setcookie").VALUE(0).TYPECAST_NVLIST_T('=',';').VALUE("server1")). + * - rhistate + - Choices: + + - PASSIVE + - ACTIVE + - Route Health Injection (RHI) functionality of the NetSaler appliance for advertising the route of the VIP address associated with the virtual server. When Vserver RHI Level (RHI) parameter is set to VSVR_CNTRLD, the following are different RHI behaviors for the VIP address on the basis of RHIstate (RHI STATE) settings on the virtual servers associated with the VIP address: + + * If you set ``rhistate`` to ``PASSIVE`` on all virtual servers, the NetScaler ADC always advertises the route for the VIP address. + + * If you set ``rhistate`` to ``ACTIVE`` on all virtual servers, the NetScaler ADC advertises the route for the VIP address if at least one of the associated virtual servers is in UP state. + + * If you set ``rhistate`` to ``ACTIVE`` on some and PASSIVE on others, the NetScaler ADC advertises the route for the VIP address if at least one of the associated virtual servers, whose ``rhistate`` set to ``ACTIVE``, is in UP state. + * - rtspnat + + *(bool)* + - + - Use network address translation (NAT) for RTSP data connections. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - servicebindings + - + - List of services along with the weights that are load balanced. + + The following suboptions are available. + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - servicename + - + - Service to bind to the virtual server. + + Minimum length = 1 + * - weight + - + - Weight to assign to the specified service. + + Minimum value = ``1`` + + Maximum value = ``100`` + + * - servicegroupbindings + - + - List of service groups along with the weights that are load balanced. + + The following suboptions are available. + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - servicegroupname + - + - The service group name bound to the selected load balancing virtual server. + * - weight + - + - Integer specifying the weight of the service. A larger number specifies a greater weight. Defines the capacity of the service relative to the other services in the load balancing configuration. Determines the priority given to the service in load balancing decisions. + + Minimum value = ``1`` + + Maximum value = ``100`` + + * - servicetype + - Choices: + + - HTTP + - FTP + - TCP + - UDP + - SSL + - SSL_BRIDGE + - SSL_TCP + - DTLS + - NNTP + - DNS + - DHCPRA + - ANY + - SIP_UDP + - SIP_TCP + - SIP_SSL + - DNS_TCP + - RTSP + - PUSH + - SSL_PUSH + - RADIUS + - RDP + - MYSQL + - MSSQL + - DIAMETER + - SSL_DIAMETER + - TFTP + - ORACLE + - SMPP + - SYSLOGTCP + - SYSLOGUDP + - FIX + - SSL_FIX + - Protocol used by the service (also called the service type). + * - sessionless + - Choices: + + - enabled + - disabled + - Perform load balancing on a per-packet basis, without establishing sessions. Recommended for load balancing of intrusion detection system (IDS) servers and scenarios involving direct server return (DSR), where session information is unnecessary. + * - skippersistency + - Choices: + + - Bypass + - ReLb + - None + - This argument decides the behavior incase the service which is selected from an existing persistence session has reached threshold. + * - sobackupaction + - Choices: + + - DROP + - ACCEPT + - REDIRECT + - Action to be performed if spillover is to take effect, but no backup chain to spillover is usable or exists. + * - somethod + - Choices: + + - CONNECTION + - DYNAMICCONNECTION + - BANDWIDTH + - HEALTH + - NONE + - Type of threshold that, when exceeded, triggers spillover. Available settings function as follows: + + * ``CONNECTION`` - Spillover occurs when the number of client connections exceeds the threshold. + + * DYNAMICCONNECTION - Spillover occurs when the number of client connections at the virtual server exceeds the sum of the maximum client (Max Clients) settings for bound services. Do not specify a spillover threshold for this setting, because the threshold is implied by the Max Clients settings of bound services. + + * ``BANDWIDTH`` - Spillover occurs when the bandwidth consumed by the virtual server's incoming and outgoing traffic exceeds the threshold. + + * ``HEALTH`` - Spillover occurs when the percentage of weights of the services that are UP drops below the threshold. For example, if services svc1, svc2, and svc3 are bound to a virtual server, with weights 1, 2, and 3, and the spillover threshold is 50%, spillover occurs if svc1 and svc3 or svc2 and svc3 transition to DOWN. + + * ``NONE`` - Spillover does not occur. + * - sopersistence + - Choices: + + - enabled + - disabled + - If spillover occurs, maintain source IP address based persistence for both primary and backup virtual servers. + * - sopersistencetimeout + - + - Timeout for spillover persistence, in minutes. + + Minimum value = ``2`` + + Maximum value = ``1440`` + * - sothreshold + - + - Threshold at which spillover occurs. Specify an integer for the ``CONNECTION`` spillover method, a bandwidth value in kilobits per second for the ``BANDWIDTH`` method (do not enter the units), or a percentage for the ``HEALTH`` method (do not enter the percentage symbol). + + Minimum value = ``1`` + + Maximum value = ``4294967287`` + * - ssl_certkey + - + - The name of the ssl certificate that is bound to this service. + + The ssl certificate must already exist. + + Creating the certificate can be done with the citrix_adc_ssl_certkey module. + + This option is only applicable only when ``servicetype`` is ``SSL``. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - tcpprofilename + - + - Name of the TCP profile whose settings are to be applied to the virtual server. + + Minimum length = 1 + + Maximum length = 127 + * - td + - + - Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0. + + Minimum value = ``0`` + + Maximum value = ``4094`` + * - timeout + - + - Time period for which a persistence session is in effect. + + Minimum value = ``0`` + + Maximum value = ``1440`` + * - tosid + - + - TOS ID of the virtual server. Applicable only when the load balancing redirection mode is set to TOS. + + Minimum value = ``1`` + + Maximum value = ``63`` + * - v6netmasklen + - + - Number of bits to consider in an IPv6 destination or source IP address, for creating the hash that is required by the ``DESTINATIONIPHASH`` and ``SOURCEIPHASH`` load balancing methods. + + Minimum value = ``1`` + + Maximum value = ``128`` + * - v6persistmasklen + - + - Persistence mask for IP based persistence types, for IPv6 virtual servers. + + Minimum value = ``1`` + + Maximum value = ``128`` + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - vipheader + - + - Name for the inserted header. The default name is vip-header. + + Minimum length = 1 + Examples -------- .. code-block:: yaml+jinja - # Netscaler services service-http-1, service-http-2 must have been already created with the citrix_adc_service module - + - name: Create a load balancing vserver bound to services delegate_to: localhost citrix_adc_lb_vserver: @@ -1468,9 +863,9 @@ Examples nitro_user: nsroot nitro_pass: nsroot validate_certs: no - + state: present - + name: lb_vserver_1 servicetype: HTTP timeout: 12 @@ -1481,9 +876,9 @@ Examples weight: 80 - servicename: service-http-2 weight: 20 - + # Service group service-group-1 must have been already created with the citrix_adc_servicegroup module - + - name: Create load balancing vserver bound to servicegroup delegate_to: localhost citrix_adc_lb_vserver: @@ -1492,7 +887,7 @@ Examples nitro_pass: nsroot validate_certs: no state: present - + name: lb_vserver_2 servicetype: HTTP ipv46: 6.92.2.2 @@ -1502,88 +897,39 @@ Examples - servicegroupname: service-group-1 - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{'clttimeout': 'difference. ours: (float) 10.0 other: (float) 20.0'}
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dict)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + {'clttimeout': 'difference. ours: (float) 10.0 other: (float) 20.0'} + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_nitro_request_module.rst b/docs/modules/citrix_adc_nitro_request_module.rst index 6be623543..0aba9d503 100644 --- a/docs/modules/citrix_adc_nitro_request_module.rst +++ b/docs/modules/citrix_adc_nitro_request_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_nitro_request.py - :orphan: .. _citrix_adc_nitro_request_module: - -citrix_adc_nitro_request - Issue Nitro API requests to a Netscaler instance -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_nitro_request - Issue Nitro API requests to a Netscaler instance. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.5.0 @@ -14,13 +11,13 @@ citrix_adc_nitro_request - Issue Nitro API requests to a Netscaler instance :local: :depth: 2 - Synopsis -------- - Issue Nitro API requests to a Netscaler instance. - This is intended to be a short hand for using the uri Ansible module to issue the raw HTTP requests directly. - It provides consistent return values and has no other dependencies apart from the base Ansible runtime environment. - This module is intended to run either on the Ansible control node or a bastion (jumpserver) with access to the actual Netscaler instance +- Note. This module does not check the target Citrix ADC if a configuration change has actually taken place. It will instead always report a I(changed=yes) status. @@ -28,212 +25,96 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- action - - -
The action to perform when the operation value is set to action.
-
Some common values for this parameter are enable, disable, rename.
-
- args - - -
A dictionary which defines the key arguments by which we will select the Nitro object to operate on.
-
It is required for the following operation values: get_by_args, 'delete_by_args'.
-
- attributes - - -
The attributes of the Nitro object we are operating on.
-
It is required for the following operation values: add, update, action.
-
- expected_nitro_errorcode -
required
 - Default:
[0]
- 		-
A list of numeric values that signify that the operation was successful.
-
- filter - - -
A dictionary which defines the filter with which to refine the Nitro objects returned by the get_filtered operation.
-
- instance_id - - -
The id of the target Netscaler instance when issuing a Nitro request through a MAS proxy.
-
- instance_ip - - -
The IP address of the target Netscaler instance when issuing a Nitro request through a MAS proxy.
-
- instance_name - - -
The name of the target Netscaler instance when issuing a Nitro request through a MAS proxy.
-
- name - - -
The name of the resource we are operating on.
-
It is required for the following operation values: update, get, delete.
-
- nitro_auth_token - - -
The authentication token provided by the mas_login operation. It is required when issuing Nitro API calls through a MAS proxy.
-
- nitro_pass -
required
 - -
The password with which to authenticate to the Netscaler node.
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the Nitro API objects.
-
- nitro_user -
required
 - -
The username with which to authenticate to the Netscaler node.
-
- nsip - - -
The IP address of the Netscaler or MAS instance where the Nitro API calls will be made.
-
The port can be specified with the colon :. E.g. 192.168.1.1:555.
-
- operation - -
    Choices: -
  • add
    • -
  • update
    • -
  • get
    • -
  • get_by_args
    • -
  • get_filtered
    • -
  • get_all
    • -
  • delete
    • -
  • delete_by_args
    • -
  • count
    • -
  • mas_login
    • -
  • save_config
    • -
  • action
    • -
- 		-
Define the Nitro operation that we want to perform.
-
- resource - - -
The type of resource we are operating on.
-
It is required for all operation values except mas_login and save_config.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
+.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - action + - + - The action to perform when the ``operation`` value is set to ``action``. + + Some common values for this parameter are ``enable``, ``disable``, ``rename``. + * - args + - + - A dictionary which defines the key arguments by which we will select the Nitro object to operate on. + + It is required for the following ``operation`` values: ``get_by_args``, ``'delete_by_args'``. + * - attributes + - + - The attributes of the Nitro object we are operating on. + + It is required for the following ``operation`` values: ``add``, ``update``, ``action``. + * - expected_nitro_errorcode + - Default: + + *[0]* + - A list of numeric values that signify that the operation was successful. + * - filter + - + - A dictionary which defines the filter with which to refine the Nitro objects returned by the ``get_filtered`` ``operation``. + * - instance_id + - + - The id of the target Netscaler instance when issuing a Nitro request through a MAS proxy. + * - instance_ip + - + - The IP address of the target Netscaler instance when issuing a Nitro request through a MAS proxy. + * - instance_name + - + - The name of the target Netscaler instance when issuing a Nitro request through a MAS proxy. + * - name + - + - The name of the resource we are operating on. + + It is required for the following ``operation`` values: ``update``, ``get``, ``delete``. + * - nitro_auth_token + - + - The authentication token provided by the ``mas_login`` operation. It is required when issuing Nitro API calls through a MAS proxy. + * - nitro_pass + - + - The password with which to authenticate to the Netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the Nitro API objects. + * - nitro_user + - + - The username with which to authenticate to the Netscaler node. + * - nsip + - + - The IP address of the Netscaler or MAS instance where the Nitro API calls will be made. + + The port can be specified with the colon ``:``. E.g. ``192.168.1.1:555``. + * - operation + - Choices: + + - add + - update + - get + - get_by_args + - get_filtered + - get_all + - delete + - delete_by_args + - count + - mas_login + - save_config + - action + - Define the Nitro operation that we want to perform. + * - resource + - + - The type of resource we are operating on. + + It is required for all ``operation`` values except ``mas_login`` and ``save_config``. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. @@ -241,7 +122,6 @@ Examples -------- .. code-block:: yaml+jinja - - name: Add a server delegate_to: localhost @@ -255,7 +135,7 @@ Examples attributes: name: test-server-1 ipaddress: 192.168.1.1 - + - name: Update server delegate_to: localhost citrix_adc_nitro_request: @@ -268,7 +148,7 @@ Examples attributes: name: test-server-1 ipaddress: 192.168.1.2 - + - name: Get server delegate_to: localhost register: result @@ -279,7 +159,7 @@ Examples operation: get resource: server name: test-server-1 - + - name: Delete server delegate_to: localhost register: result @@ -290,7 +170,7 @@ Examples operation: delete resource: server name: test-server-1 - + - name: Rename server delegate_to: localhost citrix_adc_nitro_request: @@ -303,7 +183,7 @@ Examples attributes: name: test-server-1 newname: test-server-2 - + - name: Get server by args delegate_to: localhost register: result @@ -315,7 +195,7 @@ Examples resource: server args: name: test-server-1 - + - name: Get server by filter delegate_to: localhost register: result @@ -327,12 +207,12 @@ Examples resource: server filter: ipaddress: 192.168.1.2 - + # Doing a NITRO request through MAS. # Requires to have an authentication token from the mas_login and used as the nitro_auth_token parameter # Also nsip is the MAS address and the target Netscaler IP must be defined with instance_ip # The rest of the task arguments remain the same as when issuing the NITRO request directly to a Netscaler instance. - + - name: Do mas login delegate_to: localhost register: login_result @@ -341,7 +221,7 @@ Examples nitro_user: "{{ nitro_user }}" nitro_pass: "{{ nitro_pass }}" operation: mas_login - + - name: Add resource through MAS proxy delegate_to: localhost citrix_adc_nitro_request: @@ -356,138 +236,75 @@ Examples ipaddress: 192.168.1.7 - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- http_response_body -
string
- 		always -
A string with the actual HTTP response body content if existent. If there is no HTTP response body it is an empty string.
-
-
Sample:
-
{ errorcode: 0, message: Done, severity: NONE }
-
- http_response_data -
dict
- 		always -
A dictionary that contains all the HTTP response's data.
-
-
Sample:
-
status: 200
-
- nitro_auth_token -
string
- 		when applicable -
The token returned by the mas_login operation when succesful.
-
-
Sample:
-
##E8D7D74DDBD907EE579E8BB8FF4529655F22227C1C82A34BFC93C9539D66
-
- nitro_errorcode -
int
- 		always -
A numeric value containing the return code of the NITRO operation. When 0 the operation is succesful. Any non zero value indicates an error.
-
-
- nitro_message -
string
- 		always -
A string containing a human readable explanation for the NITRO operation result.
-
-
Sample:
-
Success
-
- nitro_object -
list
- 		when applicable -
The object returned from the NITRO operation. This is applicable to the various get operations which return an object.
-
-
Sample:
-
[{'ipv6address': 'NO', 'maxbandwidth': '0', 'state': 'ENABLED', 'name': 'test-server-1', 'port': 0, 'ipaddress': '192.168.1.8', 'sp': 'OFF'}]
-
- nitro_severity -
string
- 		always -
A string describing the severity of the NITRO operation error or NONE.
-
-
Sample:
-
NONE
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - - - - - -Author -~~~~~~ - -- George Nikolopoulos (@giorgos-nikolopoulos) - - -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Key + - Returned + - Description + * - http_response_body + + *(string)* + - always + - A string with the actual HTTP response body content if existent. If there is no HTTP response body it is an empty string. + + **Sample:** + + { errorcode: 0, message: Done, severity: NONE } + * - http_response_data + + *(dict)* + - always + - A dictionary that contains all the HTTP response's data. + + **Sample:** + + status: 200 + * - nitro_auth_token + + *(string)* + - when applicable + - The token returned by the C(mas_login) operation when succesful. + + **Sample:** + + ##E8D7D74DDBD907EE579E8BB8FF4529655F22227C1C82A34BFC93C9539D66 + * - nitro_errorcode + + *(int)* + - always + - A numeric value containing the return code of the NITRO operation. When 0 the operation is succesful. Any non zero value indicates an error. + + **Sample:** + + 0 + * - nitro_message + + *(string)* + - always + - A string containing a human readable explanation for the NITRO operation result. + + **Sample:** + + Success + * - nitro_object + + *(list)* + - when applicable + - The object returned from the NITRO operation. This is applicable to the various get operations which return an object. + + **Sample:** + + [{'sp': 'OFF', 'ipaddress': '192.168.1.8', 'ipv6address': 'NO', 'port': 0, 'state': 'ENABLED', 'name': 'test-server-1', 'maxbandwidth': '0'}] + * - nitro_severity + + *(string)* + - always + - A string describing the severity of the NITRO operation error or NONE. + + **Sample:** + + NONE diff --git a/docs/modules/citrix_adc_nitro_resource_module.rst b/docs/modules/citrix_adc_nitro_resource_module.rst new file mode 100644 index 000000000..9122782a4 --- /dev/null +++ b/docs/modules/citrix_adc_nitro_resource_module.rst @@ -0,0 +1,126 @@ +:orphan: + +.. _citrix_adc_nitro_resource_module: + +citrix_adc_nitro_resource - Manage NITRO resources +++++++++++++++++++++++++++++++++++++++++++++++++++ + +.. versionadded:: 2.9.1 + +.. contents:: + :local: + :depth: 2 + +Synopsis +-------- +- Manage NITRO resources +- Implements full lifecycle of nitro resource. + + + + +Parameters +---------- + +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - resource + - + - Dictionary containing the resource attributes + + Contents of the dictionary differ depending on which specific NITRO object is configured. + * - state + - Choices: + + - present + - absent + - state of the resource + * - workflow + + *(str)* + - + - Workflow options + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - allow_recreate + - + - Whether to allow deletion and recreation of the resource + + Relevant only for the object lifecycle + * - delete_id_attributes + - + - Attributes list which identify the resource uniquely when deleting + * - endpoint + - + - NITRO endpoint for the object + * - lifecycle + - Choices: + + - object + - binding + - bindings_list + - non_updateable_object + - Describe the lifecycle type of this object + + The lifecyle value determines how the resource will be identified as existing or non existing whether the attributes of the object need to be updated if existing and how to create and delete a particular object. + * - non_updateable_attributes + + *(list)* + - + - Non updateable attributes + * - primary_id_attribute + - + - Primary id attribute + * - resource_missing_errorcode + - + - NITRO response code that is returned when the resource cannot be retrieved + + + + +Examples +-------- + +.. code-block:: yaml+jinja + + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Key + - Returned + - Description + * - loglines + + *(list)* + - always + - list of logged messages by the module + + **Sample:** + + ['message 1', 'message 2'] + * - msg + + *(str)* + - failure + - Message detailing the failure reason + + **Sample:** + + Action does not exist diff --git a/docs/modules/citrix_adc_save_config_module.rst b/docs/modules/citrix_adc_save_config_module.rst index e0dc76b76..4ddfc57e5 100644 --- a/docs/modules/citrix_adc_save_config_module.rst +++ b/docs/modules/citrix_adc_save_config_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_save_config.py - :orphan: .. _citrix_adc_save_config_module: - -citrix_adc_save_config - Save Netscaler configuration -+++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_save_config - Save Netscaler configuration. +++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.4.0 @@ -14,7 +11,6 @@ citrix_adc_save_config - Save Netscaler configuration :local: :depth: 2 - Synopsis -------- - This module uncoditionally saves the configuration on the target netscaler node. @@ -33,83 +29,40 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- nitro_pass -
required
 - -
The password with which to authenticate to the netscaler node.
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler.
-
- nitro_user -
required
 - -
The username with which to authenticate to the netscaler node.
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
+.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler. + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. ``192.168.1.1:555``. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. @@ -117,7 +70,6 @@ Examples -------- .. code-block:: yaml+jinja - --- - name: Save netscaler configuration @@ -126,7 +78,7 @@ Examples nsip: 172.18.0.2 nitro_user: nsroot nitro_pass: nsroot - + - name: Setup server without saving configuration delegate_to: localhost notify: Save configuration @@ -134,14 +86,14 @@ Examples nsip: 172.18.0.2 nitro_user: nsroot nitro_pass: nsroot - + save_config: no - + name: server-1 ipaddress: 192.168.1.1 - + # Under playbook's handlers - + - name: Save configuration delegate_to: localhost citrix_adc_save_config: @@ -150,75 +102,30 @@ Examples nitro_pass: nsroot - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_server_module.rst b/docs/modules/citrix_adc_server_module.rst index dcdd74230..a43f60a0c 100644 --- a/docs/modules/citrix_adc_server_module.rst +++ b/docs/modules/citrix_adc_server_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_server.py - :orphan: .. _citrix_adc_server_module: - citrix_adc_server - Manage server configuration +++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_server - Manage server configuration :local: :depth: 2 - Synopsis -------- - Manage server entities configuration. @@ -32,409 +28,212 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- comment - - -
Any information about the server.
-
- delay -
(added in 2.5)
 - -
Time, in seconds, after which all the services configured on the server are disabled.
-
This option is meaningful only when setting the disabled option to true
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to true the server state will be set to disabled.
-
When set to false the server state will be set to enabled.
-
Note that due to limitations of the underlying NITRO API a disabled state change alone does not cause the module result to report a changed status.
-
- domain - - -
Domain name of the server. For a domain based configuration, you must create the server first.
-
Minimum length = 1
-
- domainresolveretry - - Default:
5
- 		-
Time, in seconds, for which the NetScaler appliance must wait, after DNS resolution fails, before sending the next DNS query to resolve the domain name.
-
Minimum value = 5
-
Maximum value = 20939
-
- graceful -
bool

(added in 2.5)
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Shut down gracefully, without accepting any new connections, and disabling each service when all of its connections are closed.
-
This option is meaningful only when setting the disabled option to true
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- ipaddress - - -
IPv4 or IPv6 address of the server. If you create an IP address based server, you can specify the name of the server, instead of its IP address, when creating a service. Note: If you do not create a server entry, the server IP address that you enter when you create a service becomes the name of the server.
-
- ipv6address -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
Support IPv6 addressing mode. If you configure a server with the IPv6 addressing mode, you cannot use the server in the IPv4 addressing mode.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name - - -
Name for the server.
-
Must begin with an ASCII alphabetic or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at @, equals =, and hyphen - characters.
-
Can be changed after the name is created.
-
Minimum length = 1
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- td - - -
Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
-
Minimum value = 0
-
Maximum value = 4094
-
- translationip - - -
IP address used to transform the server's DNS-resolved IP address.
-
- translationmask - - -
The netmask of the translation ip.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - comment + - + - Any information about the server. + * - delay -Examples --------- + *(added in 2.5)* + - + - Time, in seconds, after which all the services configured on the server are disabled. -.. code-block:: yaml+jinja + This option is meaningful only when setting the ``disabled`` option to ``true`` + * - disabled - - - name: Setup server - delegate_to: localhost - citrix_adc_server: - nsip: 172.18.0.2 - nitro_user: nsroot - nitro_pass: nsroot + *(bool)* + - Default: - state: present + *False* + - When set to ``true`` the server state will be set to ``disabled``. - name: server-1 - ipaddress: 192.168.1.1 + When set to ``false`` the server state will be set to ``enabled``. + Note that due to limitations of the underlying NITRO API a ``disabled`` state change alone does not cause the module result to report a changed status. + * - domain + - + - Domain name of the server. For a domain based configuration, you must create the server first. + Minimum length = 1 + * - domainresolveretry + - Default: + *5* + - Time, in seconds, for which the NetScaler appliance must wait, after DNS resolution fails, before sending the next DNS query to resolve the domain name. -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + Minimum value = ``5`` + + Maximum value = ``20939`` + * - graceful + + *(bool)* + + *(added in 2.5)* + - + - Shut down gracefully, without accepting any new connections, and disabling each service when all of its connections are closed. + + This option is meaningful only when setting the ``disabled`` option to ``true`` + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - ipaddress + - + - IPv4 or IPv6 address of the server. If you create an IP address based server, you can specify the name of the server, instead of its IP address, when creating a service. Note: If you do not create a server entry, the server IP address that you enter when you create a service becomes the name of the server. + * - ipv6address + + *(bool)* + - Default: + + *False* + - Support IPv6 addressing mode. If you configure a server with the IPv6 addressing mode, you cannot use the server in the IPv4 addressing mode. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + - + - Name for the server. -.. raw:: html + Must begin with an ASCII alphabetic or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space `` ``, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2'}
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

+ Can be changed after the name is created. + Minimum length = 1 + * - nitro_auth_token -Status ------- + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + *(bool)* + - Default: + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. -Maintenance ------------ + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - td + - + - Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0. + + Minimum value = ``0`` + + Maximum value = ``4094`` + * - translationip + - + - IP address used to transform the server's DNS-resolved IP address. + * - translationmask + - + - The netmask of the translation ip. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + - name: Setup server + delegate_to: localhost + citrix_adc_server: + nsip: 172.18.0.2 + nitro_user: nsroot + nitro_pass: nsroot + + state: present + + name: server-1 + ipaddress: 192.168.1.1 + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dict)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + {'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2'} + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_service_module.rst b/docs/modules/citrix_adc_service_module.rst index bd6fc6120..f636e9ec5 100644 --- a/docs/modules/citrix_adc_service_module.rst +++ b/docs/modules/citrix_adc_service_module.rst @@ -1,10 +1,7 @@ -:source: citrix_adc_service.py - :orphan: .. _citrix_adc_service_module: - citrix_adc_service - Manage service configuration in Netscaler ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ @@ -14,7 +11,6 @@ citrix_adc_service - Manage service configuration in Netscaler :local: :depth: 2 - Synopsis -------- - Manage service configuration in Netscaler. @@ -34,760 +30,396 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- accessdown - - Default:
no
- 		-
Use Layer 2 mode to bridge the packets sent to this service if it is marked as DOWN. If the service is DOWN, and this parameter is disabled, the packets are dropped.
-
- appflowlog - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable logging of AppFlow information.
-
- cacheable - - Default:
no
- 		-
Use the transparent cache redirection virtual server to forward requests to the cache server.
-
Note: Do not specify this parameter if you set the Cache Type parameter.
-
- cachetype - -
    Choices: -
  • TRANSPARENT
    • -
  • REVERSE
    • -
  • FORWARD
    • -
- 		-
Cache type supported by the cache server.
-
- cip - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Before forwarding a request to the service, insert an HTTP header with the client's IPv4 or IPv6 address as its value. Used if the server needs the client's IP address for security, accounting, or other purposes, and setting the Use Source IP parameter is not a viable option.
-
- cipheader - - -
Name for the HTTP header whose value must be set to the IP address of the client. Used with the Client IP parameter. If you set the Client IP parameter, and you do not specify a name for the header, the appliance uses the header name specified for the global Client IP Header parameter (the cipHeader parameter in the set ns param CLI command or the Client IP Header parameter in the Configure HTTP Parameters dialog box at System > Settings > Change HTTP parameters). If the global Client IP Header parameter is not specified, the appliance inserts a header with the name "client-ip.".
-
Minimum length = 1
-
- cka - - -
Enable client keep-alive for the service.
-
- cleartextport - - -
Port to which clear text data must be sent after the appliance decrypts incoming SSL traffic. Applicable to transparent SSL services.
-
Minimum value = 1
-
- clttimeout - - -
Time, in seconds, after which to terminate an idle client connection.
-
Minimum value = 0
-
Maximum value = 31536000
-
- cmp - - -
Enable compression for the service.
-
- comment - - -
Any information about the service.
-
- customserverid - - Default:
None
- 		-
Unique identifier for the service. Used when the persistency type for the virtual server is set to Custom Server ID.
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to yes the service state will be set to DISABLED.
-
When set to no the service state will be set to ENABLED.
-
Note that due to limitations of the underlying NITRO API a disabled state change alone does not cause the module result to report a changed status.
-
- dnsprofilename - - -
Name of the DNS profile to be associated with the service. DNS profile properties will applied to the transactions processed by a service. This parameter is valid only for ADNS and ADNS-TCP services.
-
Minimum length = 1
-
Maximum length = 127
-
- downstateflush - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Flush all active transactions associated with a service whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
-
- graceful - - Default:
no
- 		-
Shut down gracefully, not accepting any new connections, and disabling the service when all of its connections are closed.
-
- hashid - - -
A numerical identifier that can be used by hash based load balancing methods. Must be unique for each service.
-
Minimum value = 1
-
- healthmonitor - - Default:
yes
- 		-
Monitor the health of this service
-
- httpprofilename - - -
Name of the HTTP profile that contains HTTP configuration settings for the service.
-
Minimum length = 1
-
Maximum length = 127
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- ip - - -
IP to assign to the service.
-
Minimum length = 1
-
- ipaddress - - -
The new IP address of the service.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- maxbandwidth - - -
Maximum bandwidth, in Kbps, allocated to the service.
-
Minimum value = 0
-
Maximum value = 4294967287
-
- maxclient - - -
Maximum number of simultaneous open connections to the service.
-
Minimum value = 0
-
Maximum value = 4294967294
-
- maxreq - - -
Maximum number of requests that can be sent on a persistent connection to the service.
-
Note: Connection requests beyond this value are rejected.
-
Minimum value = 0
-
Maximum value = 65535
-
- monitor_bindings - - -
A list of load balancing monitors to bind to this service.
-
Each monitor entry is a dictionary which may contain the following options.
-
Note that if not using the built in monitors they must first be setup.
-
- dup_weight - - -
Weight to assign to the binding between the monitor and service.
-
- monitorname - - -
Name of the monitor.
-
- dup_state - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
State of the monitor.
-
The state setting for a monitor of a given type affects all monitors of that type.
-
For example, if an HTTP monitor is enabled, all HTTP monitors on the appliance are (or remain) enabled.
-
If an HTTP monitor is disabled, all HTTP monitors on the appliance are disabled.
-
- weight - - -
Weight to assign to the binding between the monitor and service.
-
- monthreshold - - -
Minimum sum of weights of the monitors that are bound to this service. Used to determine whether to mark a service as UP or DOWN.
-
Minimum value = 0
-
Maximum value = 65535
-
- name - - -
Name for the service. Must begin with an ASCII alphabetic or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at @, equals =, and hyphen - characters. Cannot be changed after the service has been created.
-
Minimum length = 1
-
- netprofile - - -
Network profile to use for the service.
-
Minimum length = 1
-
Maximum length = 127
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- pathmonitor - - -
Path monitoring for clustering.
-
- pathmonitorindv - - -
Individual Path monitoring decisions.
-
- port - - -
Port number of the service.
-
Range 1 - 65535
-
* in CLI is represented as 65535 in NITRO API
-
- processlocal - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
By turning on this option packets destined to a service in a cluster will not under go any steering. Turn this option for single packet request response mode or when the upstream device is performing a proper RSS for connection based distribution.
-
- rtspsessionidremap - - Default:
no
- 		-
Enable RTSP session ID mapping for the service.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- serverid - - -
The identifier for the service. This is used when the persistency type is set to Custom Server ID.
-
- servername - - -
Name of the server that hosts the service.
-
Minimum length = 1
-
- servicetype - -
    Choices: -
  • HTTP
    • -
  • FTP
    • -
  • TCP
    • -
  • UDP
    • -
  • SSL
    • -
  • SSL_BRIDGE
    • -
  • SSL_TCP
    • -
  • DTLS
    • -
  • NNTP
    • -
  • RPCSVR
    • -
  • DNS
    • -
  • ADNS
    • -
  • SNMP
    • -
  • RTSP
    • -
  • DHCPRA
    • -
  • ANY
    • -
  • SIP_UDP
    • -
  • SIP_TCP
    • -
  • SIP_SSL
    • -
  • DNS_TCP
    • -
  • ADNS_TCP
    • -
  • MYSQL
    • -
  • MSSQL
    • -
  • ORACLE
    • -
  • RADIUS
    • -
  • RADIUSListener
    • -
  • RDP
    • -
  • DIAMETER
    • -
  • SSL_DIAMETER
    • -
  • TFTP
    • -
  • SMPP
    • -
  • PPTP
    • -
  • GRE
    • -
  • SYSLOGTCP
    • -
  • SYSLOGUDP
    • -
  • FIX
    • -
  • SSL_FIX
    • -
- 		-
Protocol in which data is exchanged with the service.
-
- sp - - -
Enable surge protection for the service.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- svrtimeout - - -
Time, in seconds, after which to terminate an idle server connection.
-
Minimum value = 0
-
Maximum value = 31536000
-
- tcpb - - -
Enable TCP buffering for the service.
-
- tcpprofilename - - -
Name of the TCP profile that contains TCP configuration settings for the service.
-
Minimum length = 1
-
Maximum length = 127
-
- td - - -
Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0.
-
Minimum value = 0
-
Maximum value = 4094
-
- useproxyport - - -
Use the proxy port as the source port when initiating connections with the server. With the NO setting, the client-side connection port is used as the source port for the server-side connection.
-
Note: This parameter is available only when the Use Source IP (USIP) parameter is set to YES.
-
- usip - - -
Use the client's IP address as the source IP address when initiating a connection to the server. When creating a service, if you do not set this parameter, the service inherits the global Use Source IP setting (available in the enable ns mode and disable ns mode CLI commands, or in the System > Settings > Configure modes > Configure Modes dialog box). However, you can override this setting after you create the service.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - accessdown + - Default: + + *False* + - Use Layer 2 mode to bridge the packets sent to this service if it is marked as DOWN. If the service is DOWN, and this parameter is disabled, the packets are dropped. + * - appflowlog + - Choices: + + - enabled + - disabled + - Enable logging of AppFlow information. + * - cacheable + - Default: + + *False* + - Use the transparent cache redirection virtual server to forward requests to the cache server. + + Note: Do not specify this parameter if you set the Cache Type parameter. + * - cachetype + - Choices: + + - TRANSPARENT + - REVERSE + - FORWARD + - Cache type supported by the cache server. + * - cip + - Choices: + + - enabled + - disabled + - Before forwarding a request to the service, insert an HTTP header with the client's IPv4 or IPv6 address as its value. Used if the server needs the client's IP address for security, accounting, or other purposes, and setting the Use Source IP parameter is not a viable option. + * - cipheader + - + - Name for the HTTP header whose value must be set to the IP address of the client. Used with the Client IP parameter. If you set the Client IP parameter, and you do not specify a name for the header, the appliance uses the header name specified for the global Client IP Header parameter (the cipHeader parameter in the set ns param CLI command or the Client IP Header parameter in the Configure HTTP Parameters dialog box at System > Settings > Change HTTP parameters). If the global Client IP Header parameter is not specified, the appliance inserts a header with the name "client-ip.". + + Minimum length = 1 + * - cka + - + - Enable client keep-alive for the service. + * - cleartextport + - + - Port to which clear text data must be sent after the appliance decrypts incoming SSL traffic. Applicable to transparent SSL services. + + Minimum value = 1 + * - clttimeout + - + - Time, in seconds, after which to terminate an idle client connection. + + Minimum value = 0 + + Maximum value = 31536000 + * - cmp + - + - Enable compression for the service. + * - comment + - + - Any information about the service. + * - customserverid + - Default: + + *None* + - Unique identifier for the service. Used when the persistency type for the virtual server is set to Custom Server ID. + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``yes`` the service state will be set to DISABLED. + + When set to ``no`` the service state will be set to ENABLED. + + Note that due to limitations of the underlying NITRO API a ``disabled`` state change alone does not cause the module result to report a changed status. + * - dnsprofilename + - + - Name of the DNS profile to be associated with the service. DNS profile properties will applied to the transactions processed by a service. This parameter is valid only for ADNS and ADNS-TCP services. + + Minimum length = 1 + + Maximum length = 127 + * - downstateflush + - Choices: + + - enabled + - disabled + - Flush all active transactions associated with a service whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions. + * - graceful + - Default: + + *False* + - Shut down gracefully, not accepting any new connections, and disabling the service when all of its connections are closed. + * - hashid + - + - A numerical identifier that can be used by hash based load balancing methods. Must be unique for each service. + + Minimum value = 1 + * - healthmonitor + - Default: + + *True* + - Monitor the health of this service + * - httpprofilename + - + - Name of the HTTP profile that contains HTTP configuration settings for the service. + + Minimum length = 1 + + Maximum length = 127 + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - ip + - + - IP to assign to the service. + + Minimum length = 1 + * - ipaddress + - + - The new IP address of the service. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - maxbandwidth + - + - Maximum bandwidth, in Kbps, allocated to the service. + + Minimum value = 0 + + Maximum value = 4294967287 + * - maxclient + - + - Maximum number of simultaneous open connections to the service. + + Minimum value = 0 + + Maximum value = 4294967294 + * - maxreq + - + - Maximum number of requests that can be sent on a persistent connection to the service. + + Note: Connection requests beyond this value are rejected. + + Minimum value = 0 + + Maximum value = 65535 + * - monitor_bindings + - + - A list of load balancing monitors to bind to this service. + + Each monitor entry is a dictionary which may contain the following options. + + Note that if not using the built in monitors they must first be setup. + + .. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Suboption + - Choices/Defaults + - Comment + + * - dup_state + - Choices: + + - enabled + - disabled + - State of the monitor. + + The state setting for a monitor of a given type affects all monitors of that type. + + For example, if an HTTP monitor is enabled, all HTTP monitors on the appliance are (or remain) enabled. + + If an HTTP monitor is disabled, all HTTP monitors on the appliance are disabled. + * - dup_weight + - + - Weight to assign to the binding between the monitor and service. + * - monitorname + - + - Name of the monitor. + * - weight + - + - Weight to assign to the binding between the monitor and service. + + * - monthreshold + - + - Minimum sum of weights of the monitors that are bound to this service. Used to determine whether to mark a service as UP or DOWN. + + Minimum value = 0 + + Maximum value = 65535 + * - name + - + - Name for the service. Must begin with an ASCII alphabetic or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space `` ``, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. Cannot be changed after the service has been created. + + Minimum length = 1 + * - netprofile + - + - Network profile to use for the service. + + Minimum length = 1 + + Maximum length = 127 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - pathmonitor + - + - Path monitoring for clustering. + * - pathmonitorindv + - + - Individual Path monitoring decisions. + * - port + - + - Port number of the service. + + Range 1 - 65535 + + * in CLI is represented as 65535 in NITRO API + * - processlocal + - Choices: + + - enabled + - disabled + - By turning on this option packets destined to a service in a cluster will not under go any steering. Turn this option for single packet request response mode or when the upstream device is performing a proper RSS for connection based distribution. + * - rtspsessionidremap + - Default: + + *False* + - Enable RTSP session ID mapping for the service. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - serverid + - + - The identifier for the service. This is used when the persistency type is set to Custom Server ID. + * - servername + - + - Name of the server that hosts the service. + + Minimum length = 1 + * - servicetype + - Choices: + + - HTTP + - FTP + - TCP + - UDP + - SSL + - SSL_BRIDGE + - SSL_TCP + - DTLS + - NNTP + - RPCSVR + - DNS + - ADNS + - SNMP + - RTSP + - DHCPRA + - ANY + - SIP_UDP + - SIP_TCP + - SIP_SSL + - DNS_TCP + - ADNS_TCP + - MYSQL + - MSSQL + - ORACLE + - RADIUS + - RADIUSListener + - RDP + - DIAMETER + - SSL_DIAMETER + - TFTP + - SMPP + - PPTP + - GRE + - SYSLOGTCP + - SYSLOGUDP + - FIX + - SSL_FIX + - Protocol in which data is exchanged with the service. + * - sp + - + - Enable surge protection for the service. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - svrtimeout + - + - Time, in seconds, after which to terminate an idle server connection. + + Minimum value = 0 + + Maximum value = 31536000 + * - tcpb + - + - Enable TCP buffering for the service. + * - tcpprofilename + - + - Name of the TCP profile that contains TCP configuration settings for the service. + + Minimum length = 1 + + Maximum length = 127 + * - td + - + - Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0. + + Minimum value = 0 + + Maximum value = 4094 + * - useproxyport + - + - Use the proxy port as the source port when initiating connections with the server. With the NO setting, the client-side connection port is used as the source port for the server-side connection. + + Note: This parameter is available only when the Use Source IP (USIP) parameter is set to YES. + * - usip + - + - Use the client's IP address as the source IP address when initiating a connection to the server. When creating a service, if you do not set this parameter, the service inherits the global Use Source IP setting (available in the enable ns mode and disable ns mode CLI commands, or in the System > Settings > Configure modes > Configure Modes dialog box). However, you can override this setting after you create the service. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - # Monitor monitor-1 must have been already setup - + - name: Setup http service gather_facts: False delegate_to: localhost @@ -795,87 +427,42 @@ Examples nsip: 172.18.0.2 nitro_user: nsroot nitro_pass: nsroot - + state: present - + name: service-http-1 servicetype: HTTP ipaddress: 10.78.0.1 port: 80 - + monitor_bindings: - - monitorname: monitor-1 - - + - monitor-1 Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
A dictionary with a list of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{ 'clttimeout': 'difference. ours: (float) 10.0 other: (float) 20.0' }
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. - +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - diff + *(dict)* + - failure + - A dictionary with a list of differences between the actual configured object and the configuration specified in the module + **Sample:** -Author -~~~~~~ + { 'clttimeout': 'difference. ours: (float) 10.0 other: (float) 20.0' } + * - loglines -- George Nikolopoulos (@giorgos-nikolopoulos) + *(list)* + - always + - list of logged messages by the module + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + ['message 1', 'message 2'] diff --git a/docs/modules/citrix_adc_servicegroup_module.rst b/docs/modules/citrix_adc_servicegroup_module.rst index be8af2bec..8861a456c 100644 --- a/docs/modules/citrix_adc_servicegroup_module.rst +++ b/docs/modules/citrix_adc_servicegroup_module.rst @@ -1,20 +1,16 @@ -:source: citrix_adc_servicegroup.py - :orphan: .. _citrix_adc_servicegroup_module: - citrix_adc_servicegroup - Manage service group configuration in Netscaler +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -.. versionadded:: 2.4 +.. versionadded:: 2.4.0 .. contents:: :local: :depth: 2 - Synopsis -------- - Manage service group configuration in Netscaler. @@ -22,893 +18,550 @@ Synopsis -Requirements -~~~~~~~~~~~~ -The below requirements are needed on the host that executes this module. - -- nitro python sdk - Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- appflowlog - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Enable logging of AppFlow information for the specified service group.
-
- autoscale - -
    Choices: -
  • DISABLED
    • -
  • DNS
    • -
  • POLICY
    • -
- 		-
Auto scale option for a servicegroup.
-
- cacheable -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use the transparent cache redirection virtual server to forward the request to the cache server.
-
Note: Do not set this parameter if you set the Cache Type.
-
- cachetype - -
    Choices: -
  • TRANSPARENT
    • -
  • REVERSE
    • -
  • FORWARD
    • -
- 		-
Cache type supported by the cache server.
-
- cip - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Insert the Client IP header in requests forwarded to the service.
-
- cipheader - - -
Name of the HTTP header whose value must be set to the IP address of the client. Used with the Client IP parameter. If client IP insertion is enabled, and the client IP header is not specified, the value of Client IP Header parameter or the value set by the set ns config command is used as client's IP header name.
-
Minimum length = 1
-
- cka -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable client keep-alive for the service group.
-
- clttimeout - - -
Time, in seconds, after which to terminate an idle client connection.
-
Minimum value = 0
-
Maximum value = 31536000
-
- cmp -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable compression for the specified service.
-
- comment - - -
Any information about the service group.
-
- disabled -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
When set to yes the service group state will be set to DISABLED.
-
When set to no the service group state will be set to ENABLED.
-
Note that due to limitations of the underlying NITRO API a disabled state change alone does not cause the module result to report a changed status.
-
- downstateflush - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Flush all active transactions associated with all the services in the service group whose state transitions from UP to DOWN. Do not enable this option for applications that must complete their transactions.
-
- graceful -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Wait for all existing connections to the service to terminate before shutting down the service.
-
- healthmonitor -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Monitor the health of this service. Available settings function as follows:
-
yes - Send probes to check the health of the service.
-
no - Do not send probes to check the health of the service. With the NO option, the appliance shows the service as UP at all times.
-
- httpprofilename - - -
Name of the HTTP profile that contains HTTP configuration settings for the service group.
-
Minimum length = 1
-
Maximum length = 127
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- maxbandwidth - - -
Maximum bandwidth, in Kbps, allocated for all the services in the service group.
-
Minimum value = 0
-
Maximum value = 4294967287
-
- maxclient - - -
Maximum number of simultaneous open connections for the service group.
-
Minimum value = 0
-
Maximum value = 4294967294
-
- maxreq - - -
Maximum number of requests that can be sent on a persistent connection to the service group.
-
Note: Connection requests beyond this value are rejected.
-
Minimum value = 0
-
Maximum value = 65535
-
- memberport - - -
member port.
-
- monitorbindings - - -
A list of monitornames to bind to this service
-
Note that the monitors must have already been setup possibly using the citrix_adc_lb_monitor module or some other method
-
- monitorname - - -
The monitor name to bind to this servicegroup.
-
- weight - - -
Weight to assign to the binding between the monitor and servicegroup.
-
- monthreshold - - -
Minimum sum of weights of the monitors that are bound to this service. Used to determine whether to mark a service as UP or DOWN.
-
Minimum value = 0
-
Maximum value = 65535
-
- netprofile - - -
Network profile for the service group.
-
Minimum length = 1
-
Maximum length = 127
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- pathmonitor - - -
Path monitoring for clustering.
-
- pathmonitorindv - - -
Individual Path monitoring decisions.
-
- rtspsessionidremap -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable RTSP session ID mapping for the service group.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- servicegroupname - - -
Name of the service group. Must begin with an ASCII alphabetic or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at @, equals =, and hyphen - characters. Can be changed after the name is created.
-
Minimum length = 1
-
- servicemembers - - -
A list of dictionaries describing each service member of the service group.
-
- ip - - -
IP address of the service. Must not overlap with an existing server entity defined by name.
-
- serverid - - -
The identifier for the service.
-
This is used when the persistency type is set to Custom Server ID.
-
- hashid - - -
The hash identifier for the service.
-
This must be unique for each service.
-
This parameter is used by hash based load balancing methods.
-
Minimum value = 1
-
- servername - - -
Name of the server to which to bind the service group.
-
The server must already be configured as a named server.
-
Minimum length = 1
-
- port - - -
Server port number.
-
Range 1 - 65535
-
* in CLI is represented as 65535 in NITRO API
-
- state - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Initial state of the service after binding.
-
- customserverid - - -
The identifier for this IP:Port pair.
-
Used when the persistency type is set to Custom Server ID.
-
- weight - - -
Weight to assign to the servers in the service group.
-
Specifies the capacity of the servers relative to the other servers in the load balancing configuration.
-
The higher the weight, the higher the percentage of requests sent to the service.
-
Minimum value = 1
-
Maximum value = 100
-
- servicetype - -
    Choices: -
  • HTTP
    • -
  • FTP
    • -
  • TCP
    • -
  • UDP
    • -
  • SSL
    • -
  • SSL_BRIDGE
    • -
  • SSL_TCP
    • -
  • DTLS
    • -
  • NNTP
    • -
  • RPCSVR
    • -
  • DNS
    • -
  • ADNS
    • -
  • SNMP
    • -
  • RTSP
    • -
  • DHCPRA
    • -
  • ANY
    • -
  • SIP_UDP
    • -
  • SIP_TCP
    • -
  • SIP_SSL
    • -
  • DNS_TCP
    • -
  • ADNS_TCP
    • -
  • MYSQL
    • -
  • MSSQL
    • -
  • ORACLE
    • -
  • RADIUS
    • -
  • RADIUSListener
    • -
  • RDP
    • -
  • DIAMETER
    • -
  • SSL_DIAMETER
    • -
  • TFTP
    • -
  • SMPP
    • -
  • PPTP
    • -
  • GRE
    • -
  • SYSLOGTCP
    • -
  • SYSLOGUDP
    • -
  • FIX
    • -
  • SSL_FIX
    • -
- 		-
Protocol used to exchange data with the service.
-
- sp -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable surge protection for the service group.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- svrtimeout - - -
Time, in seconds, after which to terminate an idle server connection.
-
Minimum value = 0
-
Maximum value = 31536000
-
- tcpb -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable TCP buffering for the service group.
-
- tcpprofilename - - -
Name of the TCP profile that contains TCP configuration settings for the service group.
-
Minimum length = 1
-
Maximum length = 127
-
- useproxyport -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Use the proxy port as the source port when initiating connections with the server. With the NO setting, the client-side connection port is used as the source port for the server-side connection.
-
Note: This parameter is available only when the Use Source IP usip parameter is set to yes.
-
- usip - - -
Use client's IP address as the source IP address when initiating connection to the server. With the NO setting, which is the default, a mapped IP (MIP) address or subnet IP (SNIP) address is used as the source IP address to initiate server side connections.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - appflowlog + + *(str)* + - Choices: + + - enabled + - disabled + - Enable logging of AppFlow information for the specified service group. + * - autodisabledelay + *(str)* + - + - The time allowed (in seconds) for a graceful shutdown. During this period, new connections or will continue to be sent to this service for clients who already have a persistent session on the Connections or requests from fresh or new clients who do not yet have a persistence sessions on the will not be sent to the service. Instead, they will be load balanced among other available services. the delay time expires, no new requests or connections will be sent to the service. + * - autodisablegraceful -Examples --------- + *(bool)* + - + - Indicates graceful shutdown of the service. System will wait for all outstanding connections to this to be closed before disabling the service. + * - autoscale + + *(str)* + - Choices: -.. code-block:: yaml+jinja + - DISABLED + - DNS + - POLICY + - CLOUD + - API + - Auto scale option for a servicegroup. + * - cacheable - - # The LB Monitors monitor-1 and monitor-2 must already exist - # Service members defined by C(ip) must not redefine an existing server's ip address. - # Service members defined by C(servername) must already exist. + *(bool)* + - + - Use the transparent cache redirection virtual server to forward the request to the cache server. - - name: Setup http service with ip members - delegate_to: localhost - citrix_adc_servicegroup: - nsip: 172.18.0.2 - nitro_user: nsroot - nitro_pass: nsroot + Note: Do not set this parameter if you set the Cache Type. + * - cachetype - state: present + *(str)* + - Choices: - servicegroupname: service-group-1 - servicetype: HTTP - servicemembers: - - ip: 10.78.78.78 - port: 80 - weight: 50 - - ip: 10.79.79.79 - port: 80 - weight: 40 - - servername: server-1 - port: 80 - weight: 10 + - TRANSPARENT + - REVERSE + - FORWARD + - Cache type supported by the cache server. + * - cip - monitorbindings: - - monitorname: monitor-1 - weight: 50 - - monitorname: monitor-2 - weight: 50 + *(str)* + - Choices: + - enabled + - disabled + - Insert the Client IP header in requests forwarded to the service. + * - cipheader + *(str)* + - + - Name of the HTTP header whose value must be set to the IP address of the client. Used with the Client parameter. If client IP insertion is enabled, and the client IP header is not specified, the value of IP Header parameter or the value set by the set ns config command is used as client's IP header name. + Minimum length = 1 + * - cka + *(bool)* + - + - Enable client keep-alive for the service group. + * - clttimeout -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + *(int)* + - + - Time, in seconds, after which to terminate an idle client connection. + + Minimum value = ``0`` + + Maximum value = ``31536000`` + * - cmp + + *(bool)* + - + - Enable compression for the specified service. + * - comment + + *(str)* + - + - Any information about the service group. + * - customserverid + + *(str)* + - + - The identifier for this IP:Port pair. Used when the persistency type is set to Custom Server ID. + * - dbsttl + + *(str)* + - + - Specify the TTL for DNS record for domain based service.The default value of ttl is 0 which indicates use the TTL received in DNS response for monitors. + * - delay + + *(str)* + - + - Time, in seconds, allocated for a shutdown of the services in the service group. During this period, requests are sent to the service only for clients who already have persistent sessions on the Requests from new clients are load balanced among other available services. After the delay time no requests are sent to the service, and the service is marked as unavailable (OUT OF SERVICE). + * - disabled + + *(bool)* + - Default: + + *False* + - When set to ``true`` the server state will be set to ``disabled``. + + When set to ``false`` the server state will be set to ``enabled``. + * - downstateflush + + *(str)* + - Choices: + + - enabled + - disabled + - Flush all active transactions associated with all the services in the service group whose state from UP to DOWN. Do not enable this option for applications that must complete their transactions. + * - dup_weight + + *(str)* + - + - weight of the monitor that is bound to servicegroup. + + Minimum value = ``1`` + * - graceful + + *(bool)* + - + - Wait for all existing connections to the service to terminate before shutting down the service. + * - hashid + + *(str)* + - + - The hash identifier for the service. This must be unique for each service. This parameter is used by based load balancing methods. + + Minimum value = ``1`` + * - healthmonitor + + *(bool)* + - + - Monitor the health of this service. Available settings function as follows: + + YES - Send probes to check the health of the service. + + NO - Do not send probes to check the health of the service. With the NO option, the appliance shows service as UP at all times. + * - httpprofilename + + *(str)* + - + - Name of the HTTP profile that contains HTTP configuration settings for the service group. + + Minimum length = 1 + + Maximum length = 127 + * - includemembers -.. raw:: html + *(bool)* + - + - Display the members of the listed service groups in addition to their settings. Can be specified when service group name is provided in the command. In that case, the details displayed for each service are identical to the details displayed when a service group name is provided, except that bound are not displayed. + * - instance_ip - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dict
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{'clttimeout': 'difference. ours: (float) 10.0 other: (float) 20.0'}
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

+ *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call -Status ------- + *(bool)* + *(added in 2.6.0)* + - Default: + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - maxbandwidth + *(str)* + - + - Maximum bandwidth, in Kbps, allocated for all the services in the service group. + Minimum value = ``0`` -Maintenance ------------ + Maximum value = ``4294967287`` + * - maxclient -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + *(str)* + - + - Maximum number of simultaneous open connections for the service group. -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + Minimum value = ``0`` + Maximum value = ``4294967294`` + * - maxreq + + *(str)* + - + - Maximum number of requests that can be sent on a persistent connection to the service group. + + Note: Connection requests beyond this value are rejected. + + Minimum value = ``0`` + + Maximum value = ``65535`` + * - memberport + + *(int)* + - + - member port. + * - monconnectionclose + + *(str)* + - Choices: + + - RESET + - FIN + - Close monitoring connections by sending the service a connection termination message with the bit set. + * - monitor_bindings + - + - A list of monitor to bind to the servicegroup + * - monitor_name_svc + + *(str)* + - + - Name of the monitor bound to the service group. Used to assign a weight to the monitor. + + Minimum length = 1 + * - monthreshold + + *(str)* + - + - Minimum sum of weights of the monitors that are bound to this service. Used to determine whether to a service as UP or DOWN. + + Minimum value = ``0`` + + Maximum value = ``65535`` + * - nameserver + + *(str)* + - + - Specify the nameserver to which the query for bound domain needs to be sent. If not specified, use global nameserver. + * - netprofile + + *(str)* + - + - Network profile for the service group. + + Minimum length = 1 + + Maximum length = 127 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - pathmonitor + + *(bool)* + - + - Path monitoring for clustering. + * - pathmonitorindv + + *(bool)* + - + - Individual Path monitoring decisions. + * - port + + *(int)* + - + - Server port number. + + Range 1 - 65535 + + * in CLI is represented as 65535 in NITRO API + * - riseapbrstatsmsgcode + + *(int)* + - + - The code indicating the rise apbr status. + * - rtspsessionidremap + + *(bool)* + - + - Enable RTSP session ID mapping for the service group. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - sc + + *(bool)* + - + - State of the SureConnect feature for the service group. + * - serverid + + *(str)* + - + - The identifier for the service. This is used when the persistency type is set to Custom Server ID. + * - servername + + *(str)* + - + - Name of the server to which to bind the service group. + + Minimum length = 1 + * - servicegroupname + + *(str)* + - + - Name of the service group. Must begin with an ASCII alphabetic or underscore (_) character, and must only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and (-) characters. Can be changed after the name is created. + + Minimum length = 1 + * - servicemembers + - + - A list of dictionaries describing each service member of the service group. + * - servicetype + + *(str)* + - Choices: + + - HTTP + - FTP + - TCP + - UDP + - SSL + - SSL_BRIDGE + - SSL_TCP + - DTLS + - NNTP + - RPCSVR + - DNS + - ADNS + - SNMP + - RTSP + - DHCPRA + - ANY + - SIP_UDP + - SIP_TCP + - SIP_SSL + - DNS_TCP + - ADNS_TCP + - MYSQL + - MSSQL + - ORACLE + - RADIUS + - RADIUSListener + - RDP + - DIAMETER + - SSL_DIAMETER + - TFTP + - SMPP + - PPTP + - GRE + - SYSLOGTCP + - SYSLOGUDP + - FIX + - SSL_FIX + - USER_TCP + - USER_SSL_TCP + - QUIC + - IPFIX + - LOGSTREAM + - Protocol used to exchange data with the service. + * - sp + + *(bool)* + - + - Enable surge protection for the service group. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - svrtimeout + + *(int)* + - + - Time, in seconds, after which to terminate an idle server connection. + + Minimum value = ``0`` + + Maximum value = ``31536000`` + * - tcpb + + *(bool)* + - + - Enable TCP buffering for the service group. + * - tcpprofilename + + *(str)* + - + - Name of the TCP profile that contains TCP configuration settings for the service group. + + Minimum length = 1 + + Maximum length = 127 + * - td + + *(str)* + - + - Integer value that uniquely identifies the traffic domain in which you want to configure the entity. you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of + + Minimum value = ``0`` + + Maximum value = ``4094`` + * - useproxyport + + *(bool)* + - + - Use the proxy port as the source port when initiating connections with the server. With the NO the client-side connection port is used as the source port for the server-side connection. + + Note: This parameter is available only when the Use Source IP (USIP) parameter is set to YES. + * - usip + + *(bool)* + - + - Use client's IP address as the source IP address when initiating connection to the server. With the setting, which is the default, a mapped IP (MIP) address or subnet IP (SNIP) address is used as the IP address to initiate server side connections. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - weight + + *(str)* + - + - Weight to assign to the servers in the service group. Specifies the capacity of the servers relative the other servers in the load balancing configuration. The higher the weight, the higher the of requests sent to the service. + + Minimum value = ``1`` + + Maximum value = ``100`` + + + +Examples +-------- + +.. code-block:: yaml+jinja + + # The LB Monitors monitor-1 and monitor-2 must already exist + # Service members defined by C(ip) must not redefine an existing server's ip address. + # Service members defined by C(servername) must already exist. + + - name: Setup http service with ip members + delegate_to: localhost + citrix_adc_servicegroup: + nsip: 172.18.0.2 + nitro_user: nsroot + nitro_pass: nsroot + + state: present + + servicegroupname: service-group-1 + servicetype: HTTP + servicemembers: + mode: exact + attributes: + - ip: 10.78.78.78 + port: 80 + weight: 50 + - ip: 10.79.79.79 + port: 80 + weight: 40 + - servername: server-1 + port: 80 + weight: 10 + + monitor_bindings: + mode: exact + attributes: + - monitorname: monitor-1 + weight: 50 + - monitorname: monitor-2 + weight: 50 + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adc_ssl_certkey_module.rst b/docs/modules/citrix_adc_ssl_certkey_module.rst index 5b3848f0e..edb29c7b9 100644 --- a/docs/modules/citrix_adc_ssl_certkey_module.rst +++ b/docs/modules/citrix_adc_ssl_certkey_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adc_ssl_certkey.py - :orphan: .. _citrix_adc_ssl_certkey_module: - -citrix_adc_ssl_certkey - Manage ssl cerificate keys -+++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adc_ssl_certkey - Manage ssl cerificate keys. +++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.4.0 @@ -14,7 +11,6 @@ citrix_adc_ssl_certkey - Manage ssl cerificate keys :local: :depth: 2 - Synopsis -------- - Manage ssl cerificate keys. @@ -31,277 +27,151 @@ The below requirements are needed on the host that executes this module. Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- cert - - -
Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path.
-
Minimum length = 1
-
- certkey - - -
Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore _ character, and must contain only ASCII alphanumeric, underscore _, hash #, period ., space , colon :, at @, equals =, and hyphen - characters. Cannot be changed after the certificate-key pair is created.
-
The following requirement applies only to the NetScaler CLI:
-
If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my cert" or 'my cert').
-
Minimum length = 1
-
- expirymonitor - -
    Choices: -
  • enabled
    • -
  • disabled
    • -
- 		-
Issue an alert when the certificate is about to expire.
-
- inform - -
    Choices: -
  • DER
    • -
  • PEM
    • -
  • PFX
    • -
- 		-
Input format of the certificate and the private-key files. The three formats supported by the appliance are:
-
PEM - Privacy Enhanced Mail
-
DER - Distinguished Encoding Rule
-
PFX - Personal Information Exchange.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- key - - -
Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path.
-
Minimum length = 1
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- notificationperiod - - -
Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire.
-
Minimum value = 10
-
Maximum value = 100
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- passplain - - -
Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format.
-
Minimum length = 1
-
- password - - -
Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - cert + - + - Name of and, optionally, path to the X509 certificate file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. + + Minimum length = 1 + * - certkey + - + - Name for the certificate and private-key pair. Must begin with an ASCII alphanumeric or underscore ``_`` character, and must contain only ASCII alphanumeric, underscore ``_``, hash ``#``, period ``.``, space `` ``, colon ``:``, at ``@``, equals ``=``, and hyphen ``-`` characters. Cannot be changed after the certificate-key pair is created. + + The following requirement applies only to the NetScaler CLI: + + If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, "my cert" or 'my cert'). + + Minimum length = 1 + * - expirymonitor + - Choices: + + - enabled + - disabled + - Issue an alert when the certificate is about to expire. + * - inform + - Choices: + + - DER + - PEM + - PFX + - Input format of the certificate and the private-key files. The three formats supported by the appliance are: + + PEM - Privacy Enhanced Mail + + DER - Distinguished Encoding Rule + + PFX - Personal Information Exchange. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - key + - + - Name of and, optionally, path to the private-key file that is used to form the certificate-key pair. The certificate file should be present on the appliance's hard-disk drive or solid-state drive. Storing a certificate in any location other than the default might cause inconsistency in a high availability setup. /nsconfig/ssl/ is the default path. + + Minimum length = 1 + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - notificationperiod + - + - Time, in number of days, before certificate expiration, at which to generate an alert that the certificate is about to expire. + + Minimum value = ``10`` + + Maximum value = ``100`` + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - passplain + - + - Pass phrase used to encrypt the private-key. Required when adding an encrypted private-key in PEM format. + + Minimum length = 1 + * - password + - + - Passphrase that was used to encrypt the private-key. Use this option to load encrypted private-keys in PEM format. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - + - name: Setup ssl certkey delegate_to: localhost citrix_adc_ssl_certkey: nitro_user: nsroot nitro_pass: nsroot nsip: 172.18.0.2 - + certkey: certirificate_1 cert: server.crt key: server.key @@ -312,88 +182,39 @@ Examples passplain: somesecret - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- diff -
dictionary
- 		failure -
List of differences between the actual configured object and the configuration specified in the module
-
-
Sample:
-
{ 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' }
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
string
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - diff -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(dictionary)* + - failure + - List of differences between the actual configured object and the configuration specified in the module + **Sample:** + { 'targetlbvserver': 'difference. ours: (str) server1 other: (str) server2' } + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(string)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adm_application_module.rst b/docs/modules/citrix_adm_application_module.rst index 4888dc17f..d9e5fa94c 100644 --- a/docs/modules/citrix_adm_application_module.rst +++ b/docs/modules/citrix_adm_application_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_application.py - :orphan: .. _citrix_adm_application_module: - -citrix_adm_application - Manage applications on Citrix ADM -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_application - Manage applications on Citrix ADM. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,11 +11,10 @@ citrix_adm_application - Manage applications on Citrix ADM :local: :depth: 2 - Synopsis -------- - Manage applications on Citrix ADM. -- Note that due to limitations on the underlying NITRO API an update is always forced when *state=present*. +- Note that due to limitations on the underlying NITRO API an update is always forced when I(state=present). @@ -26,485 +22,260 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- app_category -
str
 - -
Application Category.
-
Minimum length = 1
-
Maximum length = 255
-
- app_components -
list
 - -
Application components.
-
- app_criteria -
list
 - -
Application criteria.
-
- application_ids -
list
 - -
Application IDs that are part of this application.
-
- application_managed -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Managed field.
-
- check_create -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
Check if the application was created on the target citrix adm.
-
Return the created application in the module results.
-
- check_create_delay -
int
 - Default:
10
- 		-
Time in seconds to wait between the create/update operation and retrieval of the created application.
-
This delay should be non zero as the newly created/updated application might not be immediately available to be fetched by the target Citrix ADM.
-
- curclntconnections -
str
 - -
curclntconnections Value across all vips of the app.
-
- cursrvrconnections -
str
 - -
cursrvrconnections Value across all vips of the app.
-
- family -
str
 - -
Application Family.
-
Minimum length = 1
-
Maximum length = 255
-
- force_delete -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
force delete.
-
- id -
str
 - -
Id is system generated key..
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Application Name.
-
Maximum length = 1024
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- no_of_auth -
str
 - -
Number of AUTH VIPs.
-
- no_of_cr -
str
 - -
Number of CR VIPs.
-
- no_of_cs -
str
 - -
Number of CS VIPs.
-
- no_of_gslb -
str
 - -
Number of GSLB VIPs.
-
- no_of_gslbsvc -
str
 - -
Number of LB VIPs.
-
- no_of_haproxy_be -
str
 - -
Number of Banckends.
-
- no_of_haproxy_fe -
str
 - -
Number of Frontends.
-
- no_of_lb -
str
 - -
Number of LB VIPs.
-
- no_of_svc -
str
 - -
Number of Services.
-
- no_of_svcgrp -
str
 - -
Number of Service Groups.
-
- no_of_svr -
str
 - -
Number of Servers.
-
- no_of_vpn -
str
 - -
Number of VPN VIPs.
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- poll_after_delete -
bool
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
Poll the instances after deleting an application to update the application list immediately.
-
By default Citrix ADM will poll every 30 minutes.
-
- poll_delay -
int
 - Default:
10
- 		-
Time in seconds to wait between the delete operation and the subsequent poll operation.
-
This is only relevant when state is set to absent and poll_after_delete is set to true.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- stylebook_params -
str
 - -
Stylebook Parameter.
-
- throughput_avg -
str
 - -
Sum of throughput across all vips of the app.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - app_category + + *(str)* + - + - Application Category. + + Minimum length = 1 + + Maximum length = 255 + * - app_components + + *(list)* + - + - Application components. + * - app_criteria + + *(list)* + - + - Application criteria. + * - application_ids + + *(list)* + - + - Application IDs that are part of this application. + * - application_managed + + *(bool)* + - + - Managed field. + * - check_create + + *(bool)* + - Default: + + *True* + - Check if the application was created on the target citrix adm. + + Return the created application in the module results. + * - check_create_delay + + *(int)* + - Default: + + *10* + - Time in seconds to wait between the create/update operation and retrieval of the created application. + + This delay should be non zero as the newly created/updated application might not be immediately available to be fetched by the target Citrix ADM. + * - curclntconnections + + *(str)* + - + - curclntconnections Value across all vips of the app. + * - cursrvrconnections + + *(str)* + - + - cursrvrconnections Value across all vips of the app. + * - family + + *(str)* + - + - Application Family. + + Minimum length = 1 + + Maximum length = 255 + * - force_delete + + *(bool)* + - + - force delete. + * - id + + *(str)* + - + - Id is system generated key.. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Application Name. + + Maximum length = 1024 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - no_of_auth + + *(str)* + - + - Number of AUTH VIPs. + * - no_of_cr + + *(str)* + - + - Number of CR VIPs. + * - no_of_cs + + *(str)* + - + - Number of CS VIPs. + * - no_of_gslb + + *(str)* + - + - Number of GSLB VIPs. + * - no_of_gslbsvc + + *(str)* + - + - Number of LB VIPs. + * - no_of_haproxy_be + + *(str)* + - + - Number of Banckends. + * - no_of_haproxy_fe + + *(str)* + - + - Number of Frontends. + * - no_of_lb + + *(str)* + - + - Number of LB VIPs. + * - no_of_svc + + *(str)* + - + - Number of Services. + * - no_of_svcgrp + + *(str)* + - + - Number of Service Groups. + * - no_of_svr + + *(str)* + - + - Number of Servers. + * - no_of_vpn + + *(str)* + - + - Number of VPN VIPs. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - poll_after_delete + + *(bool)* + - Default: + + *False* + - Poll the instances after deleting an application to update the application list immediately. + + By default Citrix ADM will poll every 30 minutes. + * - poll_delay + + *(int)* + - Default: + + *10* + - Time in seconds to wait between the delete operation and the subsequent poll operation. + + This is only relevant when ``state`` is set to ``absent`` and ``poll_after_delete`` is set to ``true``. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - stylebook_params + + *(str)* + - + - Stylebook Parameter. + * - throughput_avg + + *(str)* + - + - Sum of throughput across all vips of the app. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - vars: stylebook_params: @@ -521,7 +292,7 @@ Examples svc-port: "80" targets: - id: "6a28b48b-e7c0-4770-b499-3ddb85b47561" - + - name: Login to citrix_adm delegate_to: localhost register: login_result @@ -529,100 +300,49 @@ Examples mas_ip: 192.168.1.1 mas_user: nsroot mas_pass: nsroot - + - name: Setup application delegate_to: localhost citrix_adm_application: mas_ip: 192.168.1.1 nitro_auth_token: "{{ login_result.session_id }}" - + state: present - + app_category: test_category name: playbook5_test_application_name-lb_10.78.60.209_lb stylebook_params: "{{ stylebook_params | to_json }}" - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- application -
dict
- 		success -
Dictionary containing all the attributes of the created application
-
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - application + *(dict)* + - success + - Dictionary containing all the attributes of the created application + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adm_dns_domain_entry_module.rst b/docs/modules/citrix_adm_dns_domain_entry_module.rst index d24545a03..f4c5377d5 100644 --- a/docs/modules/citrix_adm_dns_domain_entry_module.rst +++ b/docs/modules/citrix_adm_dns_domain_entry_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_dns_domain_entry.py - :orphan: .. _citrix_adm_dns_domain_entry_module: - -citrix_adm_dns_domain_entry - Manage Citrix ADM domain names -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_dns_domain_entry - Manage Citrix ADM domain names. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_dns_domain_entry - Manage Citrix ADM domain names :local: :depth: 2 - Synopsis -------- - Manage Citrix ADM domain names. @@ -25,308 +21,164 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- description -
str
 - -
Description of DNS Domain Entry.
-
Minimum length = 1
-
Maximum length = 1024
-
- id -
str
 - -
Id is system generated key for all the DNS Domain Entries.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
DNS Domain Name.
-
Minimum length = 1
-
Maximum length = 128
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- tenant_id -
str
 - -
Tenant Id of the DNS Domain Entries.
-
Minimum length = 1
-
Maximum length = 128
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - description -Examples --------- + *(str)* + - + - Description of DNS Domain Entry. -.. code-block:: yaml+jinja + Minimum length = 1 - - - name: Setup dns domain entry - delegate_to: localhost - citrix_adm_dns_domain_entry: - mas_ip: 192.168.1.1 - mas_user: nsroot - mas_pass: nsroot + Maximum length = 1024 + * - id - state: present + *(str)* + - + - Id is system generated key for all the DNS Domain Entries. + * - instance_ip - name: test.com - description: test.com domain description + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + *(bool)* + *(added in 2.6.0)* + - Default: -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - DNS Domain Name. + + Minimum length = 1 + + Maximum length = 128 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: -.. raw:: html + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- dns_domain_entry -
dict
- 		success -
The created dns domain entry object.
-
-
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

+ The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + *(bool)* + - Default: -Status ------- + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + When present the resource will be created if needed and configured according to the module's parameters. + When absent the resource will be deleted from the netscaler node. + * - tenant_id + *(str)* + - + - Tenant Id of the DNS Domain Entries. -Maintenance ------------ + Minimum length = 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + Maximum length = 128 + * - validate_certs + - Default: -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + - name: Setup dns domain entry + delegate_to: localhost + citrix_adm_dns_domain_entry: + mas_ip: 192.168.1.1 + mas_user: nsroot + mas_pass: nsroot + + state: present + + name: test.com + description: test.com domain description + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - dns_domain_entry + *(dict)* + - success + - The created dns domain entry object. + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** -Author -~~~~~~ + ['message 1', 'message 2'] + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adm_login_module.rst b/docs/modules/citrix_adm_login_module.rst index 4a3692216..0a0cc8c48 100644 --- a/docs/modules/citrix_adm_login_module.rst +++ b/docs/modules/citrix_adm_login_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_login.py - :orphan: .. _citrix_adm_login_module: - -citrix_adm_login - Login to a Citrix ADM instance -+++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_login - Login to a Citrix ADM instance. +++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_login - Login to a Citrix ADM instance :local: :depth: 2 - Synopsis -------- - Login to a Citrix ADM instance. @@ -26,173 +22,94 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - hosts: citrix_adm - + gather_facts: False - + tasks: - name: Login to mas delegate_to: localhost @@ -201,106 +118,57 @@ Examples mas_ip: "{{ mas_ip }}" mas_user: "{{ mas_user }}" mas_pass: "{{ mas_pass }}" - + - name: Setup mpsuser delegate_to: localhost citrix_adm_mpsuser: mas_ip: "{{ mas_ip }}" mas_auth_token: "{{ login_result.session_id }}" - + state: absent - + name: playbook_test_mpsuser_2 password: 1234567 - + session_timeout: 10 session_timeout_unit: Minutes external_authentication: false enable_session_timeout: true - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- session_id -
str
- 		success -
The session id to be used as authentication token on subsequent module calls.
-
-
Sample:
-
##1A44A1437AD74D6158FC51FC95A0009D93FA8C1A8E2CCCEF9F4FD4DA2039
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + * - Key + - Returned + - Description + * - loglines -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -Author -~~~~~~ + Action does not exist + * - session_id -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - success + - The session id to be used as authentication token on subsequent module calls. + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + ##1A44A1437AD74D6158FC51FC95A0009D93FA8C1A8E2CCCEF9F4FD4DA2039 diff --git a/docs/modules/citrix_adm_mpsgroup_module.rst b/docs/modules/citrix_adm_mpsgroup_module.rst index 330e17c1c..8c88f22c3 100644 --- a/docs/modules/citrix_adm_mpsgroup_module.rst +++ b/docs/modules/citrix_adm_mpsgroup_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_mpsgroup.py - :orphan: .. _citrix_adm_mpsgroup_module: - -citrix_adm_mpsgroup - Manage Citrix ADM user groups -+++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_mpsgroup - Manage Citrix ADM user groups. +++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_mpsgroup - Manage Citrix ADM user groups :local: :depth: 2 - Synopsis -------- - Manage Citrix ADM user groups. @@ -25,391 +21,208 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- allow_application_only -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Checks if only application centic page is needed.
-
- application_names -
list
 - -
All Application names that are part of this group.
-
This includes selected appnames as well as applications which are result of defined regex.
-
- application_names_with_regex -
list
 - -
Application names defined with regex that are part of this group
-
- application_names_without_regex -
list
 - -
selected application names that are part of this group.
-
- assign_all_apps -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Assign All Applications (YES|NO).
-
- assign_all_devices -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Assign All Instances (YES|NO).
-
- authscope_props -
list
 - -
authscope_props
-
- description -
str
 - -
Description of Group.
-
Minimum length = 1
-
Maximum length = 1024
-
- enable_session_timeout -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enables session timeout for group.
-
- id -
str
 - -
Id is system generated key for all the system groups.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Group Name.
-
Minimum length = 1
-
Maximum length = 64
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- permission -
str
 -
    Choices: -
  • admin
    • -
  • read-only
    • -
- 		-
Permission for the group (admin/read-only).
-
Minimum length = 1
-
Maximum length = 128
-
- role -
str
 -
    Choices: -
  • admin
    • -
  • nonadmin
    • -
- 		-
Role (admin|nonadmin).
-
- roles -
list
 - -
Roles assigned to the group.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- session_timeout -
str
 - -
Session timeout for the Group.
-
- session_timeout_unit -
str
 - -
Session timeout unit for the Group.
-
- standalone_instances_id -
list
 - -
Stand alone instances belong to this groupp.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- tenant_id -
str
 - -
Id of the tenant.
-
Minimum length = 1
-
Maximum length = 128
-
- users -
list
 - -
Users belong to the group.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - allow_application_only + + *(bool)* + - + - Checks if only application centic page is needed. + * - application_names + + *(list)* + - + - All Application names that are part of this group. + + This includes selected appnames as well as applications which are result of defined regex. + * - application_names_with_regex + + *(list)* + - + - Application names defined with regex that are part of this group + * - application_names_without_regex + + *(list)* + - + - selected application names that are part of this group. + * - assign_all_apps + + *(bool)* + - + - Assign All Applications (YES|NO). + * - assign_all_devices + + *(bool)* + - + - Assign All Instances (YES|NO). + * - authscope_props + + *(list)* + - + - authscope_props + * - description + + *(str)* + - + - Description of Group. + + Minimum length = 1 + + Maximum length = 1024 + * - enable_session_timeout + + *(bool)* + - + - Enables session timeout for group. + * - id + + *(str)* + - + - Id is system generated key for all the system groups. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Group Name. + + Minimum length = 1 + + Maximum length = 64 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - permission + + *(str)* + - Choices: + + - admin + - read-only + - Permission for the group (admin/read-only). + + Minimum length = 1 + + Maximum length = 128 + * - role + + *(str)* + - Choices: + + - admin + - nonadmin + - Role (admin|nonadmin). + * - roles + + *(list)* + - + - Roles assigned to the group. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - session_timeout + + *(str)* + - + - Session timeout for the Group. + * - session_timeout_unit + + *(str)* + - + - Session timeout unit for the Group. + * - standalone_instances_id + + *(list)* + - + - Stand alone instances belong to this groupp. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - tenant_id + + *(str)* + - + - Id of the tenant. + + Minimum length = 1 + + Maximum length = 128 + * - users + + *(list)* + - + - Users belong to the group. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup mpsuser delegate_to: localhost @@ -417,9 +230,9 @@ Examples mas_ip: 192.168.1.1 mas_user: nsroot mas_pass: nsroot - + state: present - + name: test_mpsgroup permission: read-only allow_application_only: true @@ -438,86 +251,35 @@ Examples standalone_instances_id: [] - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- mpsgroup -
dict
- 		success -
Dictionary containing the attributes of the created mpsgroup
-
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - mpsgroup -Author -~~~~~~ + *(dict)* + - success + - Dictionary containing the attributes of the created mpsgroup + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adm_mpsuser_module.rst b/docs/modules/citrix_adm_mpsuser_module.rst index 1148c555e..a63f6d2c4 100644 --- a/docs/modules/citrix_adm_mpsuser_module.rst +++ b/docs/modules/citrix_adm_mpsuser_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_mpsuser.py - :orphan: .. _citrix_adm_mpsuser_module: - -citrix_adm_mpsuser - Manage Citrix ADM users -++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_mpsuser - Manage Citrix ADM users. ++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_mpsuser - Manage Citrix ADM users :local: :depth: 2 - Synopsis -------- - Manage Citrix ADM users. @@ -25,272 +21,146 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- enable_session_timeout -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enables session timeout for user.
-
- external_authentication -
bool
 -
    Choices: -
  • no
    • -
  • yes
    • -
- 		-
Enable external authentication.
-
- groups -
list
 - -
Groups to which user belongs.
-
- id -
str
 - -
Id is system generated key for all the system users.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
User Name.
-
Minimum length = 1
-
Maximum length = 128
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- password -
str
 - -
Password.
-
Minimum length = 1
-
Maximum length = 128
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- session_timeout -
str
 - -
Session timeout for the user.
-
- session_timeout_unit -
str
 - -
Session timeout unit for the user.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- tenant_id -
str
 - -
Tenant Id of the system users.
-
Minimum length = 1
-
Maximum length = 128
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - enable_session_timeout + + *(bool)* + - + - Enables session timeout for user. + * - external_authentication + + *(bool)* + - + - Enable external authentication. + * - groups + + *(list)* + - + - Groups to which user belongs. + * - id + + *(str)* + - + - Id is system generated key for all the system users. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - User Name. + + Minimum length = 1 + + Maximum length = 128 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - password + + *(str)* + - + - Password. + + Minimum length = 1 + + Maximum length = 128 + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - session_timeout + + *(str)* + - + - Session timeout for the user. + * - session_timeout_unit + + *(str)* + - + - Session timeout unit for the user. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - tenant_id + + *(str)* + - + - Tenant Id of the system users. + + Minimum length = 1 + + Maximum length = 128 + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup mpsuser delegate_to: localhost @@ -298,12 +168,12 @@ Examples mas_ip: 192.168.1.1 mas_user: nsroot mas_pass: nsroot - + state: present - + name: test_mpsuser password: 123456 - + session_timeout: 10 session_timeout_unit: Minutes external_authentication: false @@ -312,86 +182,35 @@ Examples - test_mpsgroup - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- mpsuser -
dict
- 		success -
Dictionary containing the attributes of the created mpsuser
-
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - mpsuser -Author -~~~~~~ + *(dict)* + - success + - Dictionary containing the attributes of the created mpsuser + * - msg -- George Nikolopoulos (@giorgos-nikolopoulos) + *(str)* + - failure + - Message detailing the failure reason + **Sample:** -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + Action does not exist diff --git a/docs/modules/citrix_adm_ns_facts_module.rst b/docs/modules/citrix_adm_ns_facts_module.rst index 832afb8d5..e042f84ba 100644 --- a/docs/modules/citrix_adm_ns_facts_module.rst +++ b/docs/modules/citrix_adm_ns_facts_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_ns_facts.py - :orphan: .. _citrix_adm_ns_facts_module: - -citrix_adm_ns_facts - Retrieve facts about Citrix ADM managed instances -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_ns_facts - Retrieve facts about Citrix ADM managed instances. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_ns_facts - Retrieve facts about Citrix ADM managed instances :local: :depth: 2 - Synopsis -------- - Retrieve facts about Citrix ADM managed instances. @@ -25,317 +21,168 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- id -
str
 - -
Id is system generated key for all the managed devices.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- ip_address -
str
 - -
IP Address for this managed device.
-
Minimum length = 1
-
Maximum length = 64
-
- ipv4_address -
str
 - -
IPv4 Address.
-
Minimum length = 1
-
Maximum length = 64
-
- ipv6_address -
str
 - -
IPv6 Address.
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name of managed device.
-
Minimum length = 1
-
Maximum length = 128
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - id -Examples --------- + *(str)* + - + - Id is system generated key for all the managed devices. + * - instance_ip -.. code-block:: yaml+jinja + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. - - - name: Get all ns - delegate_to: localhost - register: ns_facts - citrix_adm_ns_facts: - mas_ip: 192.1681.1.1 - mas_user: nsroot - mas_pass: nsroot + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - ip_address - ipaddress: 192.168.1.2 + *(str)* + - + - IP Address for this managed device. + Minimum length = 1 + Maximum length = 64 + * - ipv4_address + *(str)* + - + - IPv4 Address. + Minimum length = 1 -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + Maximum length = 64 + * - ipv6_address + + *(str)* + - + - IPv6 Address. + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Name of managed device. -.. raw:: html + Minimum length = 1 - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- ns_facts -
list
- 		success -
List containing the details of the requested ns instances
-
-
-

+ Maximum length = 128 + * - nitro_auth_token + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: -Status ------- + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + *(bool)* + - Default: + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: -Maintenance ------------ + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + When present the resource will be created if needed and configured according to the module's parameters. -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + + + +Examples +-------- + +.. code-block:: yaml+jinja + + - name: Get all ns + delegate_to: localhost + register: ns_facts + citrix_adm_ns_facts: + mas_ip: 192.1681.1.1 + mas_user: nsroot + mas_pass: nsroot + + ipaddress: 192.168.1.2 + + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg -Author -~~~~~~ + *(str)* + - failure + - Message detailing the failure reason -- George Nikolopoulos (@giorgos-nikolopoulos) + **Sample:** + Action does not exist + * - ns_facts -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + *(list)* + - success + - List containing the details of the requested ns instances diff --git a/docs/modules/citrix_adm_poll_instances_module.rst b/docs/modules/citrix_adm_poll_instances_module.rst index 086591028..0b729c80c 100644 --- a/docs/modules/citrix_adm_poll_instances_module.rst +++ b/docs/modules/citrix_adm_poll_instances_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_poll_instances.py - :orphan: .. _citrix_adm_poll_instances_module: - -citrix_adm_poll_instances - Force the poll instances network function on the target Citrix ADM -++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_poll_instances - Force the poll instances network function on the target Citrix ADM. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_poll_instances - Force the poll instances network function on the tar :local: :depth: 2 - Synopsis -------- - Force the poll instances network function on the target Citrix ADM. @@ -25,259 +21,129 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - instance_ip -Examples --------- + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. -.. code-block:: yaml+jinja + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call - - - name: Get all ns - delegate_to: localhost - register: ns_facts - citrix_adm_poll_instances: - mas_ip: 192.1681.1.1 - mas_user: nsroot - mas_pass: nsroot + *(bool)* + *(added in 2.6.0)* + - Default: + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - nitro_auth_token + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: -.. raw:: html + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- ns_facts -
list
- 		success -
List containing the details of the requested ns instances
-
-
-

+ The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + *(bool)* + - Default: -Status ------- + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + When present the resource will be created if needed and configured according to the module's parameters. + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. -Maintenance ------------ -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +Examples +-------- + +.. code-block:: yaml+jinja + + - name: Get all ns + delegate_to: localhost + register: ns_facts + citrix_adm_poll_instances: + mas_ip: 192.1681.1.1 + mas_user: nsroot + mas_pass: nsroot + + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg -Author -~~~~~~ + *(str)* + - failure + - Message detailing the failure reason -- George Nikolopoulos (@giorgos-nikolopoulos) + **Sample:** + Action does not exist + * - ns_facts -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + *(list)* + - success + - List containing the details of the requested ns instances diff --git a/docs/modules/citrix_adm_rba_policy_module.rst b/docs/modules/citrix_adm_rba_policy_module.rst index b9105f444..82a074d93 100644 --- a/docs/modules/citrix_adm_rba_policy_module.rst +++ b/docs/modules/citrix_adm_rba_policy_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_rba_policy.py - :orphan: .. _citrix_adm_rba_policy_module: - -citrix_adm_rba_policy - Manage Citrix ADM rba policies -++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_rba_policy - Manage Citrix ADM rba policies. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,11 +11,10 @@ citrix_adm_rba_policy - Manage Citrix ADM rba policies :local: :depth: 2 - Synopsis -------- - Manage Citrix ADM rba policies. -- Note that due to limitations on the underlying NITRO API an update is always forced when *state=present*. +- Note that due to limitations on the underlying NITRO API an update is always forced when I(state=present). - Instead delete and recreate the rba_policy. @@ -27,253 +23,145 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- description -
str
 - -
Description of Policy.
-
Minimum length = 1
-
Maximum length = 1024
-
- id -
str
 - -
Id is system generated key for all the system policys.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Policy Name.
-
Minimum length = 1
-
Maximum length = 128
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- roles -
list
 - -
Roles to which this policy attached.
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- statement -
list
 - -
RBA statement.
-
- tenant_id -
str
 - -
Tenant Id of the RBA roles.
-
Minimum length = 1
-
Maximum length = 128
-
- ui -
list
 - -
RBA for UI components.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - description + + *(str)* + - + - Description of Policy. + + Minimum length = 1 + + Maximum length = 1024 + * - id + + *(str)* + - + - Id is system generated key for all the system policys. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Policy Name. + + Minimum length = 1 + + Maximum length = 128 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - roles + + *(list)* + - + - Roles to which this policy attached. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - statement + + *(list)* + - + - RBA statement. + * - tenant_id + + *(str)* + - + - Tenant Id of the RBA roles. + + Minimum length = 1 + + Maximum length = 128 + * - ui + + *(list)* + - + - RBA for UI components. + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup appfw policy delegate_to: localhost citrix_adm_rba_policy: mas_ip: 192.168.1.1 nitro_auth_token: "{{ login_result.session_id }}" - + state: present - + name: test_policy description: some description tenant_id: "0ea1d85a-06b8-4225-9fc8-5a7065fdd590" @@ -289,86 +177,35 @@ Examples parent_name: rba_policy - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- rba_policy -
dict
- 		success -
Dictionary containing the attributes of the created rba_policy
-
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg -Author -~~~~~~ + *(str)* + - failure + - Message detailing the failure reason -- George Nikolopoulos (@giorgos-nikolopoulos) + **Sample:** + Action does not exist + * - rba_policy -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + *(dict)* + - success + - Dictionary containing the attributes of the created rba_policy diff --git a/docs/modules/citrix_adm_rba_role_module.rst b/docs/modules/citrix_adm_rba_role_module.rst index eb635da61..f434c29dc 100644 --- a/docs/modules/citrix_adm_rba_role_module.rst +++ b/docs/modules/citrix_adm_rba_role_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_rba_role.py - :orphan: .. _citrix_adm_rba_role_module: - -citrix_adm_rba_role - Manage Citrix ADM rba roles -+++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_rba_role - Manage Citrix ADM rba roles. +++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_rba_role - Manage Citrix ADM rba roles :local: :depth: 2 - Synopsis -------- - Manage Citrix ADM rba roles. @@ -25,244 +21,136 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- description -
str
 - -
Description of Role.
-
Minimum length = 1
-
Maximum length = 1024
-
- groups -
list
 - -
Groups to which this role is assigned.
-
- id -
str
 - -
Id is system generated key for all the RBA roles.
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Role Name.
-
Minimum length = 1
-
Maximum length = 128
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- policies -
list
 - -
Policies attached to this role..
-
- resourcegroups -
list
 - -
Resourcegroups attached to this role..
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- tenant_id -
str
 - -
Tenant Id of the RBA roles.
-
Minimum length = 1
-
Maximum length = 128
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Parameter + - Choices/Defaults + - Comment + * - description + + *(str)* + - + - Description of Role. + + Minimum length = 1 + + Maximum length = 1024 + * - groups + + *(list)* + - + - Groups to which this role is assigned. + * - id + + *(str)* + - + - Id is system generated key for all the RBA roles. + * - instance_ip + + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. + + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call + + *(bool)* + + *(added in 2.6.0)* + - Default: + + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + + *(str)* + - + - Role Name. + + Minimum length = 1 + + Maximum length = 128 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - policies + + *(list)* + - + - Policies attached to this role.. + * - resourcegroups + + *(list)* + - + - Resourcegroups attached to this role.. + * - save_config + + *(bool)* + - Default: + + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. + + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + + When present the resource will be created if needed and configured according to the module's parameters. + + When absent the resource will be deleted from the netscaler node. + * - tenant_id + + *(str)* + - + - Tenant Id of the RBA roles. + + Minimum length = 1 + + Maximum length = 128 + * - validate_certs + - Default: + + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + Examples -------- .. code-block:: yaml+jinja - - name: Setup rba role delegate_to: localhost @@ -270,9 +158,9 @@ Examples mas_ip: 192.168.1.1 mas_user: nsroot mas_pass: nsroot - + state: present - + name: test_role description: some description tenant_id: 0ea1d85a-06b8-4225-9fc8-5a7065fdd590 @@ -280,86 +168,35 @@ Examples - test_policy - - Return Values ------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: - -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- rba_role -
dict
- 		success -
Dictionary contatining the attributes of the created rba_role.
-
-
-

- - -Status ------- - - - -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. - - - -Maintenance ------------ - -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg -Author -~~~~~~ + *(str)* + - failure + - Message detailing the failure reason -- George Nikolopoulos (@giorgos-nikolopoulos) + **Sample:** + Action does not exist + * - rba_role -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + *(dict)* + - success + - Dictionary contatining the attributes of the created rba_role. diff --git a/docs/modules/citrix_adm_stylebook_module.rst b/docs/modules/citrix_adm_stylebook_module.rst index a74ae4191..a5ddaa7ef 100644 --- a/docs/modules/citrix_adm_stylebook_module.rst +++ b/docs/modules/citrix_adm_stylebook_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_stylebook.py - :orphan: .. _citrix_adm_stylebook_module: - -citrix_adm_stylebook - Create or delete Citrix ADM stylebooks -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_stylebook - Create or delete Citrix ADM stylebooks. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,12 +11,11 @@ citrix_adm_stylebook - Create or delete Citrix ADM stylebooks :local: :depth: 2 - Synopsis -------- - Create or delete Citrix ADM stylebooks. - Note that due to API limitations this module does not work with basic authentication. -- Instead use the *nitro_auth_token* option. +- Instead use the I(nitro_auth_token) option. @@ -27,325 +23,178 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- display_name -
str
 - -
Display name of the StyleBook.
-
Minimum length = 1
-
Maximum length = 128
-
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name of the StyleBook.
-
- namespace -
str
 - -
Namespace of the StyleBook.
-
Minimum length = 1
-
Maximum length = 32
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- source -
str
 - -
Source definition of the StyleBook.
-
Minimum length = 1
-
Maximum length = 32
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
- version -
str
 - -
Version of the StyleBook.
-
Minimum length = 1
-
Maximum length = 32
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - display_name -Examples --------- + *(str)* + - + - Display name of the StyleBook. -.. code-block:: yaml+jinja + Minimum length = 1 - - vars: - stylebook_contents: "{{ lookup('file', 'stylebook_sample.yaml') }}" + Maximum length = 128 + * - instance_ip - - name: Setup stylebook - delegate_to: localhost - citrix_adm_stylebook: - mas_ip: 192.168.1.1 - nitro_auth_token: "{{ login_result.session_id }}" + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. - state: present + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call - name: basic-lb-config - namespace: com.example.stylebooks - version: "0.1" + *(bool)* - source: "{{ stylebook_contents }}" + *(added in 2.6.0)* + - Default: + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name + *(str)* + - + - Name of the StyleBook. + * - namespace -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + *(str)* + - + - Namespace of the StyleBook. + + Minimum length = 1 + + Maximum length = 32 + * - nitro_auth_token + + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: + + - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. + + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + + *(bool)* + - Default: -.. raw:: html + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- stylebook -
dict
- 		success -
Dictionary containing the attributes of the created stylebook.
-
-
-

+ The module will not save the configuration on the netscaler node if it made no changes. + * - source + *(str)* + - + - Source definition of the StyleBook. -Status ------- + Minimum length = 1 + Maximum length = 32 + * - state + - Choices: + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + When present the resource will be created if needed and configured according to the module's parameters. + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. + * - version -Maintenance ------------ + *(str)* + - + - Version of the StyleBook. -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + Minimum length = 1 -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. + Maximum length = 32 + + + +Examples +-------- + +.. code-block:: yaml+jinja + + vars: + stylebook_contents: "{{ lookup('file', 'stylebook_sample.yaml') }}" + + - name: Setup stylebook + delegate_to: localhost + citrix_adm_stylebook: + mas_ip: 192.168.1.1 + nitro_auth_token: "{{ login_result.session_id }}" + + state: present + + name: basic-lb-config + namespace: com.example.stylebooks + version: "0.1" + + source: "{{ stylebook_contents }}" + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Key + - Returned + - Description + * - loglines + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg -Author -~~~~~~ + *(str)* + - failure + - Message detailing the failure reason -- George Nikolopoulos (@giorgos-nikolopoulos) + **Sample:** + Action does not exist + * - stylebook -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + *(dict)* + - success + - Dictionary containing the attributes of the created stylebook. diff --git a/docs/modules/citrix_adm_tenant_facts_module.rst b/docs/modules/citrix_adm_tenant_facts_module.rst index 878621ebf..1c3dc2f64 100644 --- a/docs/modules/citrix_adm_tenant_facts_module.rst +++ b/docs/modules/citrix_adm_tenant_facts_module.rst @@ -1,12 +1,9 @@ -:source: citrix_adm_tenant_facts.py - :orphan: .. _citrix_adm_tenant_facts_module: - -citrix_adm_tenant_facts - Retrieve facts about Citrix ADM tenants -+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +citrix_adm_tenant_facts - Retrieve facts about Citrix ADM tenants. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.8.0 @@ -14,7 +11,6 @@ citrix_adm_tenant_facts - Retrieve facts about Citrix ADM tenants :local: :depth: 2 - Synopsis -------- - Retrieve facts about Citrix ADM tenants. @@ -25,264 +21,131 @@ Synopsis Parameters ---------- -.. raw:: html - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
ParameterChoices/DefaultsComments
- instance_ip -
(added in 2.6.0)
 - -
The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to.
-
It is meaningful only when having set mas_proxy_call to true
-
- mas_proxy_call -
bool

(added in 2.6.0)
 -
    Choices: -
  • no ←
    • -
  • yes
    • -
- 		-
If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance.
-
{'When true you must also define the following options': 'nitro_auth_token, instance_ip.'}
-
- name -
str
 - -
Name of the Tenant.
-
Minimum length = 1
-
Maximum length = 512
-
- nitro_auth_token -
(added in 2.6.0)
 - -
The authentication token provided by a login operation.
-

aliases: m, a, s, _, a, u, t, h, _, t, o, k, e, n
-
- nitro_pass - - -
The password with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, p, a, s, s
-
- nitro_protocol - -
    Choices: -
  • http ←
    • -
  • https
    • -
- 		-
Which protocol to use when accessing the nitro API objects.
-
- nitro_timeout - - Default:
310
- 		-
Time in seconds until a timeout error is thrown when establishing a new session with Netscaler
-
- nitro_user - - -
The username with which to authenticate to the netscaler node.
-

aliases: m, a, s, _, u, s, e, r
-
- nsip -
required
 - -
The ip address of the netscaler appliance where the nitro API calls will be made.
-
The port can be specified with the colon (:). E.g. 192.168.1.1:555.
-

aliases: m, a, s, _, i, p
-
- save_config -
bool
 -
    Choices: -
  • no
    • -
  • yes ←
    • -
- 		-
If true the module will save the configuration on the netscaler node if it makes any changes.
-
The module will not save the configuration on the netscaler node if it made no changes.
-
- state - -
    Choices: -
  • present ←
    • -
  • absent
    • -
- 		-
The state of the resource being configured by the module on the netscaler node.
-
When present the resource will be created if needed and configured according to the module's parameters.
-
When absent the resource will be deleted from the netscaler node.
-
- validate_certs - - Default:
yes
- 		-
If no, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.
-
-
- - -Notes ------ - -.. note:: - - For more information on using Ansible to manage Citrix NetScaler Network devices see https://www.ansible.com/ansible-netscaler. +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + * - Parameter + - Choices/Defaults + - Comment + * - instance_ip -Examples --------- + *(added in 2.6.0)* + - + - The target Netscaler instance ip address to which all underlying NITRO API calls will be proxied to. -.. code-block:: yaml+jinja + It is meaningful only when having set ``mas_proxy_call`` to ``true`` + * - mas_proxy_call - - FIXME + *(bool)* + *(added in 2.6.0)* + - Default: + *False* + - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. + When true you must also define the following options: ``nitro_auth_token``, ``instance_ip``. + * - name -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this module: + *(str)* + - + - Name of the Tenant. + + Minimum length = 1 + + Maximum length = 512 + * - nitro_auth_token -.. raw:: html + *(added in 2.6.0)* + - + - The authentication token provided by a login operation. + * - nitro_pass + - + - The password with which to authenticate to the netscaler node. + * - nitro_protocol + - Choices: - - - - - - - - - - - - - - - - - - - - - -
KeyReturnedDescription
- loglines -
list
- 		always -
list of logged messages by the module
-
-
Sample:
-
['message 1', 'message 2']
-
- msg -
str
- 		failure -
Message detailing the failure reason
-
-
Sample:
-
Action does not exist
-
- tenant -
list
- 		success -
List containing the details of the requested tenants.
-
-
-

+ - http (*default*) + - https + - Which protocol to use when accessing the nitro API objects. + * - nitro_timeout + - Default: + *310* + - Time in seconds until a timeout error is thrown when establishing a new session with Netscaler + * - nitro_user + - + - The username with which to authenticate to the netscaler node. + * - nsip + - + - The ip address of the netscaler appliance where the nitro API calls will be made. -Status ------- + The port can be specified with the colon (:). E.g. 192.168.1.1:555. + * - save_config + *(bool)* + - Default: + *True* + - If true the module will save the configuration on the netscaler node if it makes any changes. -This module is flagged as **preview** which means that it is not guaranteed to have a backwards compatible interface. + The module will not save the configuration on the netscaler node if it made no changes. + * - state + - Choices: + - present (*default*) + - absent + - The state of the resource being configured by the module on the netscaler node. + When present the resource will be created if needed and configured according to the module's parameters. -Maintenance ------------ + When absent the resource will be deleted from the netscaler node. + * - validate_certs + - Default: -This module is flagged as **community** which means that it is maintained by the Ansible Community. See :ref:`Module Maintenance & Support ` for more info. + *yes* + - If ``no``, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. -For a list of other modules that are also maintained by the Ansible Community, see :ref:`here `. +Examples +-------- + +.. code-block:: yaml+jinja + + FIXME + + +Return Values +------------- +.. list-table:: + :widths: 10 10 60 + :header-rows: 1 + + * - Key + - Returned + - Description + * - loglines + + *(list)* + - always + - list of logged messages by the module + **Sample:** + ['message 1', 'message 2'] + * - msg -Author -~~~~~~ + *(str)* + - failure + - Message detailing the failure reason -- George Nikolopoulos (@giorgos-nikolopoulos) + **Sample:** + Action does not exist + * - tenant -.. hint:: - If you notice any issues in this documentation you can `edit this document `_ to improve it. + *(list)* + - success + - List containing the details of the requested tenants. diff --git a/docs/modules/list_of_all_modules.rst b/docs/modules/list_of_all_modules.rst index ac7aa6068..c83c0a84e 100644 --- a/docs/modules/list_of_all_modules.rst +++ b/docs/modules/list_of_all_modules.rst @@ -5,48 +5,44 @@ All modules - * :ref:`citrix_adc_appfw_confidfield_module` - * :ref:`citrix_adc_appfw_fieldtype_module` - * :ref:`citrix_adc_appfw_global_bindings_module` - * :ref:`citrix_adc_appfw_htmlerrorpage_module` - * :ref:`citrix_adc_appfw_jsoncontenttype_module` - * :ref:`citrix_adc_appfw_learningsettings_module` - * :ref:`citrix_adc_appfw_policy_module` - * :ref:`citrix_adc_appfw_policylabel_module` - * :ref:`citrix_adc_appfw_profile_module` - * :ref:`citrix_adc_appfw_settings_module` - * :ref:`citrix_adc_appfw_signatures_module` - * :ref:`citrix_adc_appfw_wsdl_module` - * :ref:`citrix_adc_appfw_xmlcontenttype_module` - * :ref:`citrix_adc_appfw_xmlerrorpage_module` - * :ref:`citrix_adc_appfw_xmlschema_module` - * :ref:`citrix_adc_cs_action_module` - * :ref:`citrix_adc_cs_policy_module` - * :ref:`citrix_adc_cs_vserver_module` - * :ref:`citrix_adc_gslb_service_module` - * :ref:`citrix_adc_gslb_site_module` - * :ref:`citrix_adc_gslb_vserver_module` - * :ref:`citrix_adc_lb_monitor_module` - * :ref:`citrix_adc_lb_vserver_module` - * :ref:`citrix_adc_nitro_request_module` - * :ref:`citrix_adc_save_config_module` - * :ref:`citrix_adc_server_module` - * :ref:`citrix_adc_service_module` - * :ref:`citrix_adc_servicegroup_module` - * :ref:`citrix_adc_ssl_certkey_module` - * :ref:`citrix_adm_application_module` - * :ref:`citrix_adm_dns_domain_entry_module` - * :ref:`citrix_adm_login_module` - * :ref:`citrix_adm_mpsgroup_module` - * :ref:`citrix_adm_mpsuser_module` - * :ref:`citrix_adm_ns_facts_module` - * :ref:`citrix_adm_poll_instances_module` - * :ref:`citrix_adm_rba_policy_module` - * :ref:`citrix_adm_rba_role_module` - * :ref:`citrix_adm_stylebook_module` - * :ref:`citrix_adm_tenant_facts_module` - - -.. note:: - - **(D)**: This marks a module as deprecated, which means a module is kept for backwards compatibility but usage is discouraged. - The module documentation details page may explain more about this rationale. + * :ref:`citrix_adc_appfw_confidfield_module` + * :ref:`citrix_adc_appfw_fieldtype_module` + * :ref:`citrix_adc_appfw_global_bindings_module` + * :ref:`citrix_adc_appfw_htmlerrorpage_module` + * :ref:`citrix_adc_appfw_jsoncontenttype_module` + * :ref:`citrix_adc_appfw_learningsettings_module` + * :ref:`citrix_adc_appfw_policy_module` + * :ref:`citrix_adc_appfw_policylabel_module` + * :ref:`citrix_adc_appfw_profile_module` + * :ref:`citrix_adc_appfw_settings_module` + * :ref:`citrix_adc_appfw_signatures_module` + * :ref:`citrix_adc_appfw_wsdl_module` + * :ref:`citrix_adc_appfw_xmlcontenttype_module` + * :ref:`citrix_adc_appfw_xmlerrorpage_module` + * :ref:`citrix_adc_appfw_xmlschema_module` + * :ref:`citrix_adc_cs_action_module` + * :ref:`citrix_adc_cs_policy_module` + * :ref:`citrix_adc_cs_vserver_module` + * :ref:`citrix_adc_gslb_service_module` + * :ref:`citrix_adc_gslb_site_module` + * :ref:`citrix_adc_gslb_vserver_module` + * :ref:`citrix_adc_lb_monitor_module` + * :ref:`citrix_adc_lb_vserver_module` + * :ref:`citrix_adc_nitro_request_module` + * :ref:`citrix_adc_nitro_resource_module` + * :ref:`citrix_adc_save_config_module` + * :ref:`citrix_adc_server_module` + * :ref:`citrix_adc_service_module` + * :ref:`citrix_adc_servicegroup_module` + * :ref:`citrix_adc_ssl_certkey_module` + * :ref:`citrix_adm_application_module` + * :ref:`citrix_adm_dns_domain_entry_module` + * :ref:`citrix_adm_login_module` + * :ref:`citrix_adm_mpsgroup_module` + * :ref:`citrix_adm_mpsuser_module` + * :ref:`citrix_adm_ns_facts_module` + * :ref:`citrix_adm_poll_instances_module` + * :ref:`citrix_adm_rba_policy_module` + * :ref:`citrix_adm_rba_role_module` + * :ref:`citrix_adm_stylebook_module` + * :ref:`citrix_adm_tenant_facts_module` diff --git a/docs/modules/list_of_network_modules.rst b/docs/modules/list_of_network_modules.rst new file mode 100644 index 000000000..eb17f5581 --- /dev/null +++ b/docs/modules/list_of_network_modules.rst @@ -0,0 +1,48 @@ +.. _network_modules: + +Network modules +``````````` + + + + * :ref:`citrix_adc_appfw_confidfield_module` + * :ref:`citrix_adc_appfw_fieldtype_module` + * :ref:`citrix_adc_appfw_global_bindings_module` + * :ref:`citrix_adc_appfw_htmlerrorpage_module` + * :ref:`citrix_adc_appfw_jsoncontenttype_module` + * :ref:`citrix_adc_appfw_learningsettings_module` + * :ref:`citrix_adc_appfw_policy_module` + * :ref:`citrix_adc_appfw_policylabel_module` + * :ref:`citrix_adc_appfw_profile_module` + * :ref:`citrix_adc_appfw_settings_module` + * :ref:`citrix_adc_appfw_signatures_module` + * :ref:`citrix_adc_appfw_wsdl_module` + * :ref:`citrix_adc_appfw_xmlcontenttype_module` + * :ref:`citrix_adc_appfw_xmlerrorpage_module` + * :ref:`citrix_adc_appfw_xmlschema_module` + * :ref:`citrix_adc_cs_action_module` + * :ref:`citrix_adc_cs_policy_module` + * :ref:`citrix_adc_cs_vserver_module` + * :ref:`citrix_adc_gslb_service_module` + * :ref:`citrix_adc_gslb_site_module` + * :ref:`citrix_adc_gslb_vserver_module` + * :ref:`citrix_adc_lb_monitor_module` + * :ref:`citrix_adc_lb_vserver_module` + * :ref:`citrix_adc_nitro_request_module` + * :ref:`citrix_adc_nitro_resource_module` + * :ref:`citrix_adc_save_config_module` + * :ref:`citrix_adc_server_module` + * :ref:`citrix_adc_service_module` + * :ref:`citrix_adc_servicegroup_module` + * :ref:`citrix_adc_ssl_certkey_module` + * :ref:`citrix_adm_application_module` + * :ref:`citrix_adm_dns_domain_entry_module` + * :ref:`citrix_adm_login_module` + * :ref:`citrix_adm_mpsgroup_module` + * :ref:`citrix_adm_mpsuser_module` + * :ref:`citrix_adm_ns_facts_module` + * :ref:`citrix_adm_poll_instances_module` + * :ref:`citrix_adm_rba_policy_module` + * :ref:`citrix_adm_rba_role_module` + * :ref:`citrix_adm_stylebook_module` + * :ref:`citrix_adm_tenant_facts_module` diff --git a/utils/docs/formatter.py b/utils/docs/formatter.py new file mode 100644 index 000000000..152e06d62 --- /dev/null +++ b/utils/docs/formatter.py @@ -0,0 +1,442 @@ +import os +import argparse +from jinja2 import Environment, FileSystemLoader +import importlib +import sys +import yaml +import json +import re + +HERE = os.path.dirname(os.path.abspath(os.path.realpath(__file__))) +HEAD1_CHAR = '+' +HEAD2_CHAR = '-' +HEAD3_CHAR = '~' +INDENT = ' ' + +def populate_template(module_name, **kwargs): + env = Environment( + # keep python templates valid python + #block_start_string='#{%', + loader=FileSystemLoader(HERE), + # trim_blocks=True, + # lstrip_blocks=True, + ) + + template = env.get_template('module.rst.j2') + stream = template.stream(**kwargs) + + #output_file = 'citrix_adc_appfw_profile.py' + output_file = os.path.join(args.output_dir, module_name) + stream.dump( + output_file, + encoding='utf-8' + ) + +def get_document_fragments(): + fragments_dir = os.path.abspath(os.path.join(HERE, '../../documentation_fragments')) + sys.path.append(fragments_dir) + module = importlib.import_module('netscaler') + fragments_doc = module.ModuleDocFragment.DOCUMENTATION + sys.path = sys.path[:-1] + data = yaml.load(fragments_doc) + return data['options'] + + +def extract_module_title(module): + data = module['documentation_data'] + title_lines = [] + title_lines.append(' - '.join([data['module'], data['short_description']])) + title_lines.append(HEAD1_CHAR * len(title_lines[0])) + return '\n'.join(title_lines) + +def extract_module_synopsis(module): + data = module['documentation_data'] + synopsis_lines = [] + if isinstance(data['description'], str): + return '- %s' % data['description'] + + # Fallthrough + for line in data['description']: + synopsis_lines.append('- %s' % line) + ret_val = '\n'.join(synopsis_lines) + return ret_val + +def extract_module_requirements(module): + data = module['documentation_data'] + requirements = data.get('requirements') + if requirements is None: + return None + else: + lines = [] + for requirement in requirements: + lines.append('- %s' % requirement) + return '\n'.join(lines) + + +def extract_module_parameters(module): + data = module['documentation_data'] + parameters = data.get('options', {}) + docfrag = data.get('extends_documentation_fragment') + if docfrag is not None: + parameters.update(FRAGMENTS) + + header = '\n'.join([ + '.. list-table::', + '%s:widths: 10 10 60' % INDENT, + '%s:header-rows: 1\n' % INDENT, + '%s* - Parameter' % INDENT, + '%s - Choices/Defaults' % INDENT, + '%s - Comment' % INDENT, + ]) + + rows = [] + for key in sorted(parameters.keys()): + rows.append(process_parameter_row(parameters, key, module)) + + return ''.join([header, '\n', ''.join(rows)]) + +def process_parameter_row(parameters, key, module): + parameter_cell = generate_parameter_cell(parameters, key, module) + choices_cell = generate_choices_cell(parameters, key, module) + comment_cell = generate_comment_cell(parameters, key, module) + + return ''.join([ + parameter_cell, + choices_cell, + comment_cell, + ]) + + +def generate_parameter_cell(parameters, key, module, indlvl=1): + #print('parameters %s' % json.dumps(parameters, indent=4)) + + data = module['documentation_data'] + module_version_added = data['version_added'] + + key = key + type = parameters[key].get('type') + + parameter_version_added = parameters[key].get('version_added') + + cell_lines = [] + cell_lines.extend([ + '%s* - %s\n' % (INDENT * indlvl, key), + ]) + if type is not None: + cell_lines.extend([ + '\n', + '%s *(%s)*\n' % (INDENT * indlvl, type), + ]) + + if parameter_version_added is not None: + if parameter_version_added != module_version_added: + cell_lines.extend([ + '\n', + '%s *(added in %s)*\n' % (INDENT * indlvl, parameter_version_added), + ]) + + + key_cell = ''.join(cell_lines) + + return key_cell + +def generate_choices_cell(parameters, key, module, indlvl=1): + data = parameters[key] + choices = data.get('choices') + default = data.get('default') + + cell_lines = [] + + def process_choices(): + cell_lines.extend([ + '%s - Choices:\n' % (INDENT * indlvl), + '\n', + ]) + for choice in choices: + if choice == default: + cell_lines.extend([ + '%s - %s (*default*)\n' % (INDENT * (indlvl + 1), choice), + ]) + else: + cell_lines.extend([ + '%s - %s\n' % (INDENT * (indlvl + 1), choice), + ]) + + def process_default(): + if default is not None: + cell_lines.extend([ + '%s - Default:\n' % INDENT * indlvl, + '\n', + '%s *%s*\n' % (INDENT * indlvl, default), + ]) + else: + cell_lines.extend([ + '%s -\n' % (INDENT * indlvl), + ]) + + if choices is not None: + process_choices() + else: + process_default() + + return ''.join(cell_lines) + + +def generate_comment_cell(parameters, key, module, indlvl=1): + description = parameters[key].get('description') + if description is None: + return '%s -\n' % INDENT * indlvl + + # Fallthrough + if isinstance(description, str): + return '%s - %s\n' % (INDENT * indlvl, process_comment_text(description)) + + # Fallthrough + cell_lines = [] + + + # First line + cell_lines.extend([ + '%s - %s\n' % (INDENT * indlvl, process_comment_text(description[0])) + ]) + + # Rest of lines + for descline in description[1:]: + cell_lines.extend([ + '\n', + '%s %s\n' % (INDENT * indlvl, process_comment_text(descline)) + ]) + + retval = ''.join(cell_lines) + + if 'suboptions' in parameters[key]: + suboptions = process_suboptions(parameters, key, module) + #suboptions = 'suboptionshere' + retval = ''.join([ + '%s' % retval, + '\n', + '%s' % suboptions, + ]) + + return retval + +def process_suboptions(parameters, key, module): + + header = ''.join([ + '%s.. list-table::\n' % (INDENT * 2), + '%s:widths: 10 10 60\n' % (INDENT * 3), + '%s:header-rows: 1\n' % (INDENT * 3), + '\n', + '%s* - Suboption\n' % (INDENT * 3), + '%s - Choices/Defaults\n' % (INDENT * 3), + '%s - Comment\n' % (INDENT * 3), + '\n' + ]) + + suboption_lines = [] + for suboption in sorted(parameters[key]['suboptions']): + suboption_key = suboption + suboption_parameters = parameters[key]['suboptions'] + parameter_cell = generate_parameter_cell(suboption_parameters, suboption_key, module, indlvl=3) + choices_cell = generate_choices_cell(suboption_parameters, suboption_key, module, indlvl=3) + comment_cell = generate_comment_cell(suboption_parameters, suboption_key, module, indlvl=3) + suboption_lines.append(''.join([parameter_cell, choices_cell, comment_cell])) + + return ''.join([header, ''.join(suboption_lines), '\n']) + +def process_comment_text(text): + if type(text) != str: + print('processing text (%s) "%s"' % (type(text), text)) + raise Exception('Cannot process description line "%s"' % text) + + def repl(m): + if m.group(1) in 'ULM': + return ' %s' % m.group(2) + elif m.group(1) in 'CI': + return ' ``%s``' % m.group(2) + else: + raise Exception('Cannot handle replacement "%s"' % m.group(1)) + + pattern = r' ([LUICM])\(([^)]*)\)' + text = re.sub(pattern, repl, text) + + return text + +def extract_module_examples(module): + data = module['examples'] + output_lines = [] + output_lines.append('.. code-block:: yaml+jinja') + for line in data.splitlines(): + output_lines.append('%s%s' % (INDENT, line)) + return '\n'.join(output_lines) + +def extract_module_return_values(module): + data = module['return'] + if data is None: + return '' + + # Fallthrough + + + output_lines = [] + for key in sorted(data.keys()): + row = process_return_value_row(data, key) + output_lines.append(row) + + header = '\n'.join([ + '.. list-table::', + '%s:widths: 10 10 60' % INDENT, + '%s:header-rows: 1\n' % INDENT, + '%s* - Key' % INDENT, + '%s - Returned' % INDENT, + '%s - Description' % INDENT, + ]) + body = ''.join(output_lines) + return ''.join([header,'\n', body]) + +def process_return_value_row(data, key): + key = key + type = data[key]['type'] + + key_cell = ''.join([ + '%s* - %s\n' % (INDENT, key), + '\n', + '%s *(%s)*\n' % (INDENT, type), + ]) + + returned_text = data[key]['returned'] + returned_cell = ''.join([ + '%s - %s\n' % (INDENT, returned_text), + ]) + + description = data[key]['description'] + description_cell_list = [ + '%s - %s\n' % (INDENT, description), + ] + + sample = data[key].get('sample') + if sample is not None: + description_cell_list.append(''.join([ + '\n', + '%s **%s**\n' % (INDENT, 'Sample:'), + '\n', + '%s %s\n' % (INDENT, sample), + ]) + ) + + description_cell = ''.join(description_cell_list) + row = ''.join([key_cell, returned_cell, description_cell]) + return row + +def extract_module_version_added(module): + data = module['documentation_data'] + return data['version_added'] + +def extract_module_reference(module_dict): + module_name = module_dict['documentation_data']['module'] + return '.. _%s_module:' % module_name + +def extract_documentation(module): + module_dict = {} + module_dict['documentation_data'] = yaml.load(module.DOCUMENTATION) + module_dict['examples'] = module.EXAMPLES + module_dict['return'] = yaml.load(module.RETURN) + + module_template_dict = {} + + module_template_dict['module_reference'] = extract_module_reference(module_dict) + module_template_dict['module_title'] = extract_module_title(module_dict) + module_template_dict['module_version_added'] = extract_module_version_added(module_dict) + module_template_dict['module_synopsis'] = extract_module_synopsis(module_dict) + module_template_dict['module_requirements'] = extract_module_requirements(module_dict) + module_template_dict['module_parameters'] = extract_module_parameters(module_dict) + module_template_dict['module_examples'] = extract_module_examples(module_dict) + module_template_dict['module_return_values'] = extract_module_return_values(module_dict) + + documentation = module_dict['documentation_data'] + module_name = '%s_module.rst' % documentation['module'] + populate_template(module_name, **module_template_dict) + + + + +def process_module(module_file): + if module_file.startswith('__') or module_file == 'netscaler.py': + print('Skipping processing of file %s' % module_file) + return + print('processing module file %s' % module_file) + + ALL_MODULES.append(module_file) + + module_name = os.path.splitext(module_file)[0] + + module = importlib.import_module(module_name) + extract_documentation(module) + +def process_modules(): + global ALL_MODULES + ALL_MODULES = [] + modules_dir = os.path.abspath(os.path.join(HERE, '../../ansible-modules')) + sys.path.append(modules_dir) + for module_file in os.listdir(modules_dir): + process_module(module_file) + sys.path = sys.path[:-1] + + generate_module_indexes() + +def generate_module_indexes(): + refs = [] + + for module_file in sorted(ALL_MODULES): + ref = ' * :ref:`%s_module`\n' % os.path.splitext(module_file)[0] + refs.append(ref) + + all_modules_header = ''.join([ + '.. _all_modules:\n', + '\n', + 'All modules\n', + '```````````\n', + '\n\n\n', + ]) + + network_modules_header = ''.join([ + '.. _network_modules:\n', + '\n', + 'Network modules\n', + '```````````\n', + '\n\n\n', + ]) + + list_of_all_modules_path = os.path.join(args.output_dir, 'list_of_all_modules.rst') + list_of_network_modules_path = os.path.join(args.output_dir, 'list_of_network_modules.rst') + + with open(list_of_all_modules_path, 'w') as fh: + content = ''.join([ + all_modules_header, + ''.join(refs) + ]) + fh.write(content) + + with open(list_of_network_modules_path, 'w') as fh: + content = ''.join([ + network_modules_header, + ''.join(refs) + ]) + fh.write(content) + +def main(): + global args + parser = argparse.ArgumentParser() + parser.add_argument('--output-dir', required=True) + args = parser.parse_args() + + if not os.path.exists(args.output_dir): + os.makedirs(args.output_dir) + + global FRAGMENTS + FRAGMENTS = get_document_fragments() + + process_modules() + +if __name__ == '__main__': + main() diff --git a/utils/docs/module.rst.j2 b/utils/docs/module.rst.j2 new file mode 100644 index 000000000..f8efd192b --- /dev/null +++ b/utils/docs/module.rst.j2 @@ -0,0 +1,40 @@ +:orphan: + +{{ module_reference }} + +{{ module_title }} + +.. versionadded:: {{ module_version_added }} + +.. contents:: + :local: + :depth: 2 + +Synopsis +-------- +{{ module_synopsis }} + + +{% if module_requirements is not none %} +Requirements +~~~~~~~~~~~~ +The below requirements are needed on the host that executes this module. + +{{ module_requirements }} +{% endif %} + +Parameters +---------- + +{{ module_parameters }} + + +Examples +-------- + +{{ module_examples }} + + +Return Values +------------- +{{ module_return_values }} diff --git a/utils/docs/templates/cli_rst.j2 b/utils/docs/templates/cli_rst.j2 deleted file mode 100644 index 6b9d74f18..000000000 --- a/utils/docs/templates/cli_rst.j2 +++ /dev/null @@ -1,139 +0,0 @@ -{% set name = cli_name -%} -{% set name_slug = cli_name -%} - -.. _{{name}}: - -{% set name_len = name|length + 0-%} -{{ '=' * name_len }} -{{name}} -{{ '=' * name_len }} - - -:strong:`{{short_desc|default('')}}` - - -.. contents:: - :local: - :depth: 2 - - -.. program:: {{cli_name}} - -Synopsis -======== - -.. code-block:: bash - - {{ usage|replace('%prog', cli_name) }} - - -Description -=========== - - -{{ long_desc|default('', True) }} - -{% if options %} -Common Options -============== - - -{% for option in options|sort(attribute='options') %} - -.. option:: {% for switch in option['options'] %}{{switch}}{% if option['arg'] %} <{{option['arg']}}>{% endif %}{% if not loop.last %}, {% endif %}{% endfor %} - - {{ option['desc'] }} -{% endfor %} -{% endif %} - -{% if arguments %} -ARGUMENTS -========= - -.. program:: {{cli_name}} - -{% for arg in arguments %} -.. option:: {{ arg }} - - {{ (arguments[arg]|default(' '))}} - -{% endfor %} -{% endif %} - -{% if actions %} -Actions -======= - -{% for action in actions %} - -.. program:: {{cli_name}} {{action}} -.. _{{cli_name|replace('-','_')}}_{{action}}: - -{{ action}} -{{ '-' * action|length}} - -{{ (actions[action]['desc']|default(' '))}} - -{% if actions[action]['options'] %} - - -{% for option in actions[action]['options']|sort(attribute='options') %} -.. option:: {% for switch in option['options'] if switch in actions[action]['option_names'] %}{{switch}} {% if option['arg'] %} <{{option['arg']}}>{% endif %}{% if not loop.last %}, {% endif %}{% endfor %} - - {{ (option['desc']) }} -{% endfor %} -{% endif %} - -{% endfor %} -.. program:: {{cli_name}} -{% endif %} - -Environment -=========== - -The following environment variables may be specified. - -{% if inventory %} -:envvar:`ANSIBLE_INVENTORY` -- Override the default ansible inventory file - -{% endif %} -{% if library %} -:envvar:`ANSIBLE_LIBRARY` -- Override the default ansible module library path - -{% endif %} -:envvar:`ANSIBLE_CONFIG` -- Override the default ansible config file - -Many more are available for most options in ansible.cfg - - -Files -===== - -{% if inventory %} -:file:`/etc/ansible/hosts` -- Default inventory file - -{% endif %} -:file:`/etc/ansible/ansible.cfg` -- Config file, used if present - -:file:`~/.ansible.cfg` -- User config file, overrides the default config if present - -Author -====== - -Ansible was originally written by Michael DeHaan. - -See the `AUTHORS` file for a complete list of contributors. - - -Copyright -========= - -Copyright © 2017 Red Hat, Inc | Ansible. - -Ansible is released under the terms of the GPLv3 License. - -See also -======== - -{% for other in cli_bin_name_list|sort %}:manpage:`{{other}}(1)`, {% endfor %} - diff --git a/utils/docs/templates/config.rst.j2 b/utils/docs/templates/config.rst.j2 deleted file mode 100644 index de86cade5..000000000 --- a/utils/docs/templates/config.rst.j2 +++ /dev/null @@ -1,146 +0,0 @@ -.. _ansible_configuration_settings: - -{% set name = 'Ansible Configuration Settings' -%} -{% set name_slug = 'config' -%} - -{% set name_len = name|length + 0-%} -{{ '=' * name_len }} -{{name}} -{{ '=' * name_len }} - -Ansible supports a few ways of providing configuration variables, mainly through environment variables, command line switches and an ini file named ``ansible.cfg``. - -Starting at Ansible 2.4 the ``ansible-config`` utility allows users to see all the configuration settings available, their defaults, how to set them and -where their current value comes from. See :ref:`ansible-config` for more information. - -.. _ansible_configuration_settings_locations: - -The configuration file -====================== - -Changes can be made and used in a configuration file which will be searched for in the following order: - - * ``ANSIBLE_CONFIG`` (environment variable if set) - * ``ansible.cfg`` (in the current directory) - * ``~/.ansible.cfg`` (in the home directory) - * ``/etc/ansible/ansible.cfg`` - -Ansible will process the above list and use the first file found, all others are ignored. - -.. note:: - - The configuration file is one variant of an INI format. - Both the hash sign (``#``) and semicolon (``;``) are allowed as - comment markers when the comment starts the line. - However, if the comment is inline with regular values, - only the semicolon is allowed to introduce the comment. - For instance:: - - # some basic default values... - inventory = /etc/ansible/hosts ; This points to the file that lists your hosts - - -.. _cfg_in_world_writable_dir: - -Avoiding security risks with ``ansible.cfg`` in the current directory ---------------------------------------------------------------------- - - -If Ansible were to load :file:ansible.cfg from a world-writable current working -directory, it would create a serious security risk. Another user could place -their own config file there, designed to make Ansible run malicious code both -locally and remotely, possibly with elevated privileges. For this reason, -Ansible will not automatically load a config file from the current working -directory if the directory is world-writable. - -If you depend on using Ansible with a config file in the current working -directory, the best way to avoid this problem is to restrict access to your -Ansible directories to particular user(s) and/or group(s). If your Ansible -directories live on a filesystem which has to emulate Unix permissions, like -Vagrant or Windows Subsystem for Linux (WSL), you may, at first, not know how -you can fix this as ``chmod``, ``chown``, and ``chgrp`` might not work there. -In most of those cases, the correct fix is to modify the mount options of the -filesystem so the files and directories are readable and writable by the users -and groups running Ansible but closed to others. For more details on the -correct settings, see: - -* for Vagrant, Jeremy Kendall's `blog post `_ covers synced folder permissions. -* for WSL, the `WSL docs `_ - and this `Microsoft blog post `_ cover mount options. - -If you absolutely depend on having the config live in a world-writable current -working directory, you can explicitly specify the config file via the -:envvar:`ANSIBLE_CONFIG` environment variable. Please take -appropriate steps to mitigate the security concerns above before doing so. - - -Common Options -============== - -This is a copy of the options available from our release, your local install might have extra options due to additional plugins, -you can use the command line utility mentioned above (`ansible-config`) to browse through those. - -{% if config_options %} - - -{% for config_option in config_options|sort %} -{% set config_len = config_option|length -%} -{% set config = config_options[config_option] %} -.. _{{config_option}}: - -{{config_option}} -{{ '-' * config_len }} - -{% if config['description'] and config['description'] != [''] %} -{% if config['description'] != ['TODO: write it'] %} -:Description: {{' '.join(config['description'])}} -{% endif %} -{% endif %} -{% if config['type'] %} -:Type: {{config['type']}} -{% endif %} -:Default: {{config['default']}} -{% if config['version_added'] %} -:Version Added: {{config['version_added']}} -{% endif %} -{% for ini_map in config['ini']|sort(attribute='section') %} -:Ini Section: {{ini_map['section']}} -:Ini Key: {{ini_map['key']}} -{% endfor %} -{% for env_var_map in config['env']|sort(attribute='name') %} -:Environment: :envvar:`{{env_var_map['name']}}` -{% endfor %} -{% if config['deprecated'] %} -:Deprecated in: {{config['deprecated']['version']}} -:Deprecated detail: {{config['deprecated']['why']}} -:Deprecated alternatives: {{config['deprecated']['alternatives']}} -{% endif %} - -{% endfor %} - -Environment Variables -===================== - -.. envvar:: ANSIBLE_CONFIG - - - Override the default ansible config file - - -{% for config_option in config_options %} -{% for env_var_map in config_options[config_option]['env'] %} -.. envvar:: {{env_var_map['name']}} - -{% if config_options[config_option]['description'] and config_options[config_option]['description'] != [''] %} -{% if config_options[config_option]['description'] != ['TODO: write it'] %} - {{ ''.join(config_options[config_option]['description']) }} -{% endif %} -{% endif %} - - See also :ref:`{{config_option}} <{{config_option}}>` - -{% endfor %} - -{% endfor %} - -{% endif %} diff --git a/utils/docs/templates/list_of_CATEGORY_modules.rst.j2 b/utils/docs/templates/list_of_CATEGORY_modules.rst.j2 deleted file mode 100644 index 808451b0b..000000000 --- a/utils/docs/templates/list_of_CATEGORY_modules.rst.j2 +++ /dev/null @@ -1,36 +0,0 @@ -.. _@{ title.lower() + '_' + plugin_type + 's' }@: - -@{ title }@ @{ plugin_type + 's' }@ -@{ '`' * title | length }@```````` - -{% if blurb %} -@{ blurb }@ - -{% endif %} - -{% if category['_modules'] %} - -{% for module in category['_modules'] | sort %} - * :ref:`@{ module }@_@{ plugin_type }@`{% if module_info[module]['deprecated'] %} **(D)**{% endif%} -{% endfor %} -{% endif %} - -{% for name, info in subcategories.items() | sort %} - -.. _@{ name.lower() + '_' + title.lower() + '_' + plugin_type + 's' }@: - -@{ name.title() }@ -@{ '-' * name | length }@ - - - -{% for module in info['_modules'] | sort %} - * :ref:`@{ module }@_@{ plugin_type }@`{% if module_info[module]['deprecated'] %} **(D)**{% endif%} -{% endfor %} - -{% endfor %} - -.. note:: - - **(D)**: This marks a module as deprecated, which means a module is kept for backwards compatibility but usage is discouraged. - The module documentation details page may explain more about this rationale. - diff --git a/utils/docs/templates/list_of_CATEGORY_plugins.rst.j2 b/utils/docs/templates/list_of_CATEGORY_plugins.rst.j2 deleted file mode 100644 index 0f9b611fb..000000000 --- a/utils/docs/templates/list_of_CATEGORY_plugins.rst.j2 +++ /dev/null @@ -1,36 +0,0 @@ -.. _@{ title.lower() + '_' + plugin_type + 's' }@: - -@{ title }@ @{ plugin_type }@ -@{ '`' * title | length }@```````` - -{% if blurb %} -@{ blurb }@ - -{% endif %} -.. toctree:: :maxdepth: 1 -{% if category['_modules'] %} - -{% for module in category['_modules'] | sort %} - @{ module }@{% if module_info[module]['deprecated'] %} **(D)**{% endif%}{% if module_info[module]['doc']['short_description'] %} -- @{ module_info[module]['doc']['short_description'] }@{% endif %} -{% endfor %} -{% endif %} - -{% for name, info in subcategories.items() | sort %} - -.. _@{ name.lower() + '_' + title.lower() + '_' + plugin_type + 's' }@: - -@{ name.title() }@ -@{ '-' * name | length }@ - -.. toctree:: :maxdepth: 1 - -{% for module in info['_modules'] | sort %} - :ref:`@{ module }@_@{ plugin_type }@`{% if module_info[module]['deprecated'] %} **(D)**{% endif%} -- @{ module_info[module]['doc']['short_description'] }@ -{% endfor %} - -{% endfor %} - -.. note:: - - **(D)**: This marks a module as deprecated, which means a module is kept for backwards compatibility but usage is discouraged. - The module documentation details page may explain more about this rationale. - diff --git a/utils/docs/templates/man.j2 b/utils/docs/templates/man.j2 deleted file mode 100644 index d13874a8f..000000000 --- a/utils/docs/templates/man.j2 +++ /dev/null @@ -1,128 +0,0 @@ -{% set name = ('ansible' if cli == 'adhoc' else 'ansible-%s' % cli) -%} -{{name}} -{{ '=' * ( name|length|int ) }} - -{{ '-' * ( short_desc|default('')|string|length|int ) }} -{{short_desc|default('')}} -{{ '-' * ( short_desc|default('')|string|length|int ) }} - -:Version: Ansible %VERSION% -:Manual section: 1 -:Manual group: System administration commands - - - -SYNOPSIS --------- -{{ usage|replace('%prog', name) }} - - -DESCRIPTION ------------ -{{ long_desc|default('', True)|wordwrap }} - -{% if options %} -COMMON OPTIONS --------------- -{% for option in options|sort(attribute='options') %} -{% for switch in option['options'] %}**{{switch}}**{% if option['arg'] %} '{{option['arg']}}'{% endif %}{% if not loop.last %}, {% endif %}{% endfor %} - - {{ option['desc'] }} -{% endfor %} -{% endif %} - -{% if arguments %} -ARGUMENTS ---------- - -{% for arg in arguments %} -{{ arg }} - -{{ (arguments[arg]|default(' '))|wordwrap }} - -{% endfor %} -{% endif %} - -{% if actions %} -ACTIONS -------- -{% for action in actions %} -**{{ action }}** - {{ (actions[action]['desc']|default(' '))}} - -{% if actions[action]['options'] %} -{% for option in actions[action]['options']|sort(attribute='options') %} -{% for switch in option['options'] if switch in actions[action]['option_names'] %} **{{switch}}**{% if option['arg'] %} '{{option['arg']}}'{% endif %}{% if not loop.last %}, {% endif %}{% endfor %} - - {{ (option['desc']) }} -{% endfor %} -{% endif %} -{% endfor %} -{% endif %} - - -{% if inventory %} -INVENTORY ---------- - -Ansible stores the hosts it can potentially operate on in an inventory. -This can be an YAML file, ini-like file, a script, directory, list, etc. -For additional options, see the documentation on https://docs.ansible.com/. - -{% endif %} -ENVIRONMENT ------------ - -The following environment variables may be specified. - -{% if inventory %} -ANSIBLE_INVENTORY -- Override the default ansible inventory sources - -{% endif %} -{% if library %} -ANSIBLE_LIBRARY -- Override the default ansible module library path - -{% endif %} -ANSIBLE_CONFIG -- Specify override location for the ansible config file - -Many more are available for most options in ansible.cfg - -For a full list check https://docs.ansible.com/. or use the `ansible-config` command. - -FILES ------ - -{% if inventory %} -/etc/ansible/hosts -- Default inventory file - -{% endif %} -/etc/ansible/ansible.cfg -- Config file, used if present - -~/.ansible.cfg -- User config file, overrides the default config if present - -./ansible.cfg -- Local config file (in current working directory) assumed to be 'project specific' and overrides the rest if present. - -As mentioned above, the ANSIBLE_CONFIG environment variable will override all others. - -AUTHOR ------- - -Ansible was originally written by Michael DeHaan. - - -COPYRIGHT ---------- - -Copyright © 2018 Red Hat, Inc | Ansible. -Ansible is released under the terms of the GPLv3 license. - - -SEE ALSO --------- - -{% for other in cli_list|sort %}{% if other != cli %}**ansible{% if other != 'adhoc' %}-{{other}}{% endif %}** (1){% if not loop.last %}, {% endif %}{% endif %}{% endfor %} - -Extensive documentation is available in the documentation site: -. -IRC and mailing list info can be found in file CONTRIBUTING.md, -available in: diff --git a/utils/docs/templates/modules_by_category.rst.j2 b/utils/docs/templates/modules_by_category.rst.j2 deleted file mode 100644 index 0b8f4d0d2..000000000 --- a/utils/docs/templates/modules_by_category.rst.j2 +++ /dev/null @@ -1,14 +0,0 @@ -.. _modules_by_category: - -{# avoids rST "isn't included in any toctree" errors for module index docs #} -:orphan: - -Module Index -============ - - -.. toctree:: :maxdepth: 1 - -{% for name in categories %} - list_of_@{ name }@_modules -{% endfor %} diff --git a/utils/docs/templates/modules_by_support.rst.j2 b/utils/docs/templates/modules_by_support.rst.j2 deleted file mode 100644 index 368a2f0b0..000000000 --- a/utils/docs/templates/modules_by_support.rst.j2 +++ /dev/null @@ -1,16 +0,0 @@ -.. _@{ slug }@: - -{# avoids rST "isn't included in any toctree" errors for module index docs #} -:orphan: - -Modules Maintained by the @{ maintainers }@ -``````````````````````````@{ '`' * maintainers | length }@ - -{% for module in modules | sort %} - * :ref:`@{ module }@_@{plugin_type}@`{% if module_info[module]['deprecated'] %} **(D)**{% endif%} -{% endfor %} - -.. note:: - - **(D)**: This marks a module as deprecated, which means a module is kept for backwards compatibility but usage is discouraged. - The module documentation details page may explain more about this rationale. - diff --git a/utils/docs/templates/playbooks_keywords.rst.j2 b/utils/docs/templates/playbooks_keywords.rst.j2 deleted file mode 100644 index 407491b42..000000000 --- a/utils/docs/templates/playbooks_keywords.rst.j2 +++ /dev/null @@ -1,32 +0,0 @@ -.. _playbook_keywords: - -Playbook Keywords -================= - -These are the keywords available on common playbook objects. - -.. note:: Please note: - - * Aliases for the directives are not reflected here, nor are mutable one. For example, - :term:`action` in task can be substituted by the name of any Ansible module. - * The keywords do not have ``version_added`` information at this time - * Some keywords set defaults for the objects inside of them rather than for the objects - themselves - - -.. contents:: - :local: - :depth: 1 - -{% for name in clist %} - -{{ name }} -{{ '-' * name|length }} -.. glossary:: - -{% for attribute in oblist[name]|sort %} - {{ attribute }} - {{ oblist[name][attribute] |indent(8) }} - -{% endfor %} -{% endfor %} diff --git a/utils/docs/templates/plugin.rst.j2 b/utils/docs/templates/plugin.rst.j2 deleted file mode 100644 index 095b9aa34..000000000 --- a/utils/docs/templates/plugin.rst.j2 +++ /dev/null @@ -1,444 +0,0 @@ -:source: @{ source }@ - -{# avoids rST "isn't included in any toctree" errors for module docs #} -{% if plugin_type == 'module' %} -:orphan: -{% endif %} - -.. _@{ module }@_@{ plugin_type }@: -{% for alias in aliases %} -.. _@{ alias }@_@{ plugin_type }@: -{% endfor %} - -{% if short_description %} -{% set title = module + ' - ' + short_description|convert_symbols_to_format %} -{% else %} -{% set title = module %} -{% endif %} - -@{ title }@ -@{ '+' * title|length }@ - -{% if version_added is defined and version_added != '' -%} -.. versionadded:: @{ version_added | default('') }@ -{% endif %} - -.. contents:: - :local: - :depth: 2 - -{# ------------------------------------------ - # - # Please note: this looks like a core dump - # but it isn't one. - # - --------------------------------------------#} -{% if deprecated is defined -%} - - -DEPRECATED ----------- -{# use unknown here? skip the fields? #} -:Removed in Ansible: version: @{ deprecated['removed_in'] | default('') | string | convert_symbols_to_format }@ -:Why: @{ deprecated['why'] | default('') | convert_symbols_to_format }@ -:Alternative: @{ deprecated['alternative'] | default('')| convert_symbols_to_format }@ - - -{% endif %} - -Synopsis --------- -{% if description -%} - -{% if description is string -%} -- @{ description | convert_symbols_to_format }@ -{% else %} -{% for desc in description %} -- @{ desc | convert_symbols_to_format }@ -{% endfor %} -{% endif %} - -{% endif %} - -{% if aliases is defined -%} -Aliases: @{ ','.join(aliases) }@ -{% endif %} - -{% if requirements -%} - -Requirements -~~~~~~~~~~~~ -{% if plugin_type == 'module' %} -The below requirements are needed on the host that executes this @{ plugin_type }@. -{% else %} -The below requirements are needed on the local master node that executes this @{ plugin_type }@. -{% endif %} - -{% for req in requirements %} -- @{ req | convert_symbols_to_format }@ -{% endfor %} - -{% endif %} - -{% if options -%} - -Parameters ----------- - -.. raw:: html - - - {# Pre-compute the nesting depth to allocate columns -#} - @{ to_kludge_ns('maxdepth', 1) -}@ - {% for key, value in options|dictsort recursive -%} - @{ to_kludge_ns('maxdepth', [loop.depth, from_kludge_ns('maxdepth')] | max) -}@ - {% if value.suboptions -%} - {% if value.suboptions.items -%} - @{ loop(value.suboptions.items()) -}@ - {% elif value.suboptions[0].items -%} - @{ loop(value.suboptions[0].items()) -}@ - {% endif -%} - {% endif -%} - {% endfor -%} - {# Header of the documentation -#} - - - - {% if plugin_type != 'module' %} - - {% endif %} - - - {% for key, value in options|dictsort recursive %} - - {# indentation based on nesting level #} - {% for i in range(1, loop.depth) %} - - {% endfor %} - {# parameter name with required and/or introduced label #} - - {# default / choices #} - - {# configuration #} - {% if plugin_type != 'module' %} - - {% endif %} - {# description #} - - - {% if value.suboptions %} - {% if value.suboptions.items %} - @{ loop(value.suboptions.items()) }@ - {% elif value.suboptions[0].items %} - @{ loop(value.suboptions[0].items()) }@ - {% endif %} - {% endif %} - {% endfor %} -
ParameterChoices/DefaultsConfigurationComments
- @{ key }@ - {% if value.get('type', None) %}
@{ value.type }@
{% endif %} - {% if value.get('required', False) %}
required
{% endif %} - {% if value.version_added %}
(added in @{value.version_added}@)
{% endif %} - 		- {# Turn boolean values in 'yes' and 'no' values #} - {% if value.default is sameas true %} - {% set _x = value.update({'default': 'yes'}) %} - {% elif value.default is sameas false %} - {% set _x = value.update({'default': 'no'}) %} - {% endif %} - {% if value.type == 'bool' %} - {% set _x = value.update({'choices': ['no', 'yes']}) %} - {% endif %} - {# Show possible choices and highlight details #} - {% if value.choices %} -
    Choices: - {% for choice in value.choices %} - {# Turn boolean values in 'yes' and 'no' values #} - {% if choice is sameas true %} - {% set choice = 'yes' %} - {% elif choice is sameas false %} - {% set choice = 'no' %} - {% endif %} - {% if (value.default is not list and value.default == choice) or (value.default is list and choice in value.default) %} -
  • @{ choice | escape }@ ←
    • - {% else %} -
  • @{ choice | escape }@
    • - {% endif %} - {% endfor %} -
- {% endif %} - {# Show default value, when multiple choice or no choices #} - {% if value.default is defined and value.default not in value.choices %} - Default:
@{ value.default | escape }@
- {% endif %} - 		- {% if 'ini' in value %} -
ini entries: - {% for ini in value.ini %} -

[@{ ini.section }@]
@{ ini.key }@ = @{ value.default | default('VALUE') }@

- {% endfor %} -
- {% endif %} - {% if 'env' in value %} - {% for env in value.env %} -
env:@{ env.name }@
- {% endfor %} - {% endif %} - {% if 'vars' in value %} - {% for myvar in value.vars %} -
var: @{ myvar.name }@
- {% endfor %} - {% endif %} - 		- {% if value.description is string %} -
@{ value.description | replace('\n', '\n ') | html_ify }@
- {% else %} - {% for desc in value.description %} -
@{ desc | replace('\n', '\n ') | html_ify }@
- {% endfor %} - {% endif %} - {% if 'aliases' in value and value.aliases %} -

aliases: @{ value.aliases|join(', ') }@
- {% endif %} -
-
- -{% endif %} - -{% if notes -%} - -Notes ------ - -.. note:: -{% for note in notes %} - - @{ note | convert_symbols_to_format }@ -{% endfor %} - -{% endif %} - -{% if examples or plainexamples -%} - -Examples --------- - -.. code-block:: yaml+jinja - -{% for example in examples %} -{% if example['description'] %}@{ example['description'] | indent(4, True) }@{% endif %} -@{ example['code'] | escape | indent(4, True) }@ -{% endfor %} -{% if plainexamples %}@{ plainexamples | indent(4, True) }@{% endif %} - -{% endif %} - -{% if not returnfacts and returndocs and returndocs.ansible_facts is defined %} -{% set returnfacts = returndocs.ansible_facts.contains %} -{% set _x = returndocs.pop('ansible_facts', None) %} -{% endif %} - -{% if returnfacts -%} - -Returned Facts --------------- -Facts returned by this module are added/updated in the ``hostvars`` host facts and can be referenced by name just like any other host fact. They do not need to be registered in order to use them. - -.. raw:: html - - - {# Pre-compute the nesting depth to allocate columns #} - @{ to_kludge_ns('maxdepth', 1) -}@ - {% for key, value in returnfacts|dictsort recursive %} - @{ to_kludge_ns('maxdepth', [loop.depth, from_kludge_ns('maxdepth')] | max) -}@ - {% if value.contains -%} - {% if value.contains.items -%} - @{ loop(value.contains.items()) -}@ - {% elif value.contains[0].items -%} - @{ loop(value.contains[0].items()) -}@ - {% endif -%} - {% endif -%} - {% endfor -%} - - - - - - {% for key, value in returnfacts|dictsort recursive %} - - {% for i in range(1, loop.depth) %} - - {% endfor %} - - - - - {# --------------------------------------------------------- - # sadly we cannot blindly iterate through the child dicts, - # since in some documentations, - # lists are used instead of dicts. This handles both types - # ---------------------------------------------------------#} - {% if value.contains %} - {% if value.contains.items %} - @{ loop(value.contains.items()) }@ - {% elif value.contains[0].items %} - @{ loop(value.contains[0].items()) }@ - {% endif %} - {% endif %} - {% endfor %} -
FactReturnedDescription
- @{ key }@ -
@{ value.type }@
- {% if value.version_added %}
(added in @{value.version_added}@)
{% endif %} - 		@{ value.returned | html_ify }@ - {% if value.description is string %} -
@{ value.description | html_ify }@ -
- {% else %} - {% for desc in value.description %} -
@{ desc | html_ify }@ -
- {% endfor %} - {% endif %} -
- {% if value.sample is defined and value.sample %} -
Sample:
- {# TODO: The sample should be escaped, using | escape or | htmlify, but both mess things up beyond repair with dicts #} -
@{ value.sample | replace('\n', '\n ') | html_ify }@
- {% endif %} -
-

- -{% endif %} - -{% if returndocs -%} - -Return Values -------------- -Common return values are documented :ref:`here `, the following are the fields unique to this @{ plugin_type }@: - -.. raw:: html - - - @{ to_kludge_ns('maxdepth', 1) -}@ - {% for key, value in returndocs|dictsort recursive -%} - @{ to_kludge_ns('maxdepth', [loop.depth, from_kludge_ns('maxdepth')] | max) -}@ - {% if value.contains -%} - {% if value.contains.items -%} - @{ loop(value.contains.items()) -}@ - {% elif value.contains[0].items -%} - @{ loop(value.contains[0].items()) -}@ - {% endif -%} - {% endif -%} - {% endfor -%} - - - - - - {% for key, value in returndocs|dictsort recursive %} - - {% for i in range(1, loop.depth) %} - - {% endfor %} - - - - - {# --------------------------------------------------------- - # sadly we cannot blindly iterate through the child dicts, - # since in some documentations, - # lists are used instead of dicts. This handles both types - # ---------------------------------------------------------#} - {% if value.contains %} - {% if value.contains.items %} - @{ loop(value.contains.items()) }@ - {% elif value.contains[0].items %} - @{ loop(value.contains[0].items()) }@ - {% endif %} - {% endif %} - {% endfor %} -
KeyReturnedDescription
  - @{ key }@ -
@{ value.type }@
- {% if value.version_added %}
(added in @{value.version_added}@)
{% endif %} - 		@{ value.returned | html_ify }@ - {% if value.description is string %} -
@{ value.description | html_ify |indent(4) | trim}@
- {% else %} - {% for desc in value.description %} -
@{ desc | html_ify |indent(4) | trim}@
- {% endfor %} - {% endif %} -
- {% if value.sample is defined and value.sample %} -
Sample:
- {# TODO: The sample should be escaped, using |escape or |htmlify, but both mess things up beyond repair with dicts #} -
@{ value.sample | replace('\n', '\n ') | html_ify }@
- {% endif %} -
-

- -{% endif %} - -Status ------- -{% if not deprecated %} - -{% set support = { 'core': 'the Ansible Core Team', 'network': 'the Ansible Network Team', 'certified': 'an Ansible Partner', 'community': 'the Ansible Community', 'curated': 'a Third Party'} %} -{% set module_states = { 'preview': 'it is not guaranteed to have a backwards compatible interface', 'stableinterface': 'the maintainers for this module guarantee that no backward incompatible interface changes will be made'} %} - -{% if metadata %} -{% if metadata.status %} - -{% for cur_state in metadata.status %} -This @{ plugin_type }@ is flagged as **@{cur_state}@** which means that @{module_states[cur_state]}@. -{% endfor %} - -{% endif %} - -{% if metadata.supported_by %} - -Maintenance ------------ - -{% set supported_by = support[metadata.supported_by] %} -This @{ plugin_type }@ is flagged as **@{metadata.supported_by}@** which means that it is maintained by @{ supported_by }@. See :ref:`Module Maintenance & Support ` for more info. - -For a list of other modules that are also maintained by @{ supported_by }@, see :ref:`here <@{ metadata.supported_by }@_supported>`. - -{% if metadata.supported_by in ('core', 'network') %} - -Support -~~~~~~~ - -For more information about Red Hat's support of this @{ plugin_type }@, -please refer to this `Knowledge Base article `_ -{% endif %} - -{% endif %} - -{% endif %} - -{% else %} - -This @{ plugin_type }@ is flagged as **deprecated** and will be removed in version @{ deprecated['removed_in'] | default('') | string | convert_symbols_to_format }@. For more information see `DEPRECATED`_. - -{% endif %} - -{% if author is defined -%} - -Author -~~~~~~ - -{% for author_name in author %} -- @{ author_name }@ -{% endfor %} - -{% endif %} - -.. hint:: -{% if plugin_type == 'module' %} - If you notice any issues in this documentation you can `edit this document `_ to improve it. -{% else %} - If you notice any issues in this documentation you can `edit this document `_ to improve it. -{% endif %} diff --git a/utils/docs/templates/plugins_by_category.rst.j2 b/utils/docs/templates/plugins_by_category.rst.j2 deleted file mode 100644 index 9febc09fa..000000000 --- a/utils/docs/templates/plugins_by_category.rst.j2 +++ /dev/null @@ -1,9 +0,0 @@ -Plugin Index -============ - - -.. toctree:: :maxdepth: 1 - -{% for name in categories %} - list_of_@{ name }@_plugins -{% endfor %} diff --git a/utils/docs/templates/plugins_by_support.rst.j2 b/utils/docs/templates/plugins_by_support.rst.j2 deleted file mode 100644 index fefe84a3b..000000000 --- a/utils/docs/templates/plugins_by_support.rst.j2 +++ /dev/null @@ -1,15 +0,0 @@ -.. _@{ slug }@: - -Plugins Maintained by the @{ maintainers }@ -``````````````````````````@{ '`' * maintainers | length }@ - -.. toctree:: :maxdepth: 1 - -{% for module in modules | sort %} - @{ module }@{% if module_info[module]['deprecated'] %} **(D)**{% endif %} - @{ module_info[module]['doc']['short_description'] }@ -{% endfor %} - -.. note:: - - **(D)**: This marks a plugin as deprecated, which means a plugin is kept for backwards compatibility but usage is discouraged. - The plugin documentation details page may explain more about this rationale. - From 14013cee4eba1fd23a09497440b449993cea9eaf Mon Sep 17 00:00:00 2001 From: George Nikolopoulos Date: Thu, 19 Dec 2019 17:36:58 +0200 Subject: [PATCH 2/5] Add citrix_adc_nitro_resource module and integration tests --- ansible-modules/citrix_adc_nitro_resource.py | 857 ++++++++++++++++++ utils/generate_integration_tests.sh | 5 + utils/generate_workflows.sh | 8 + ...generate_citrix_adc_nitro_resource_test.py | 48 + .../nitro_resource_tests/__init__.py | 170 ++++ .../nitro_resource_tests/basic.py | 216 +++++ .../bindings_list_failures.py | 178 ++++ .../nitro_resource_tests/lbassorted.py | 303 +++++++ .../nitro_resource_tests/lbgroup.py | 112 +++ .../nitro_resource_tests/lbmetrictable.py | 47 + .../nitro_resource_tests/lbvserver.py | 247 +++++ .../nitro_resource_tests/spillover.py | 36 + .../generate_workflows.py | 443 +++++++++ .../nitro_resource_utils/workflows.yaml | 438 +++++++++ 14 files changed, 3108 insertions(+) create mode 100644 ansible-modules/citrix_adc_nitro_resource.py create mode 100644 utils/generate_workflows.sh create mode 100644 utils/source/generate_integration_tests/generate_citrix_adc_nitro_resource_test.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/__init__.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/basic.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/bindings_list_failures.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/lbassorted.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/lbgroup.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/lbmetrictable.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/lbvserver.py create mode 100644 utils/source/generate_integration_tests/nitro_resource_tests/spillover.py create mode 100644 utils/source/nitro_resource_utils/generate_workflows.py create mode 100644 utils/source/nitro_resource_utils/workflows.yaml diff --git a/ansible-modules/citrix_adc_nitro_resource.py b/ansible-modules/citrix_adc_nitro_resource.py new file mode 100644 index 000000000..e6f35d15e --- /dev/null +++ b/ansible-modules/citrix_adc_nitro_resource.py @@ -0,0 +1,857 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- + +# Copyright (c) 2018 Citrix Systems +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +from __future__ import absolute_import, division, print_function +__metaclass__ = type + + +ANSIBLE_METADATA = {'metadata_version': '1.1', + 'status': ['preview'], + 'supported_by': 'community'} + + + +DOCUMENTATION = ''' +--- +module: citrix_adc_nitro_resource +short_description: Manage NITRO resources +description: + - Manage NITRO resources + - Implements full lifecycle of nitro resource. + +version_added: "2.9.1" + +author: + - George Nikolopoulos (@giorgos-nikolopoulos) + +options: + + state: + description: + - state of the resource + choices: + - present + - absent + workflow: + description: + - Workflow options + type: str + suboptions: + lifecycle: + description: + - Describe the lifecycle type of this object + - >- + The lifecyle value determines how the resource will be identified as existing or non existing + whether the attributes of the object need to be updated if existing and + how to create and delete a particular object. + choices: + - 'object' + - 'binding' + - 'bindings_list' + - 'non_updateable_object' + endpoint: + description: + - NITRO endpoint for the object + resource_missing_errorcode: + description: + - NITRO response code that is returned when the resource cannot be retrieved + non_updateable_attributes: + description: + - Non updateable attributes + type: list + allow_recreate: + description: + - Whether to allow deletion and recreation of the resource + - Relevant only for the object lifecycle + primary_id_attribute: + description: + - Primary id attribute + delete_id_attributes: + description: + - Attributes list which identify the resource uniquely when deleting + + resource: + description: + - Dictionary containing the resource attributes + - Contents of the dictionary differ depending on which specific NITRO object is configured. +''' + +EXAMPLES = ''' +''' + +RETURN = ''' +loglines: + description: list of logged messages by the module + returned: always + type: list + sample: ['message 1', 'message 2'] + +msg: + description: Message detailing the failure reason + returned: failure + type: str + sample: "Action does not exist" +''' + +import copy +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.network.netscaler.netscaler import NitroResourceConfig, NitroException, netscaler_common_arguments, log, loglines, NitroAPIFetcher + +class ModuleExecutor(object): + + def __init__(self, module): + self.module = module + self.fetcher = NitroAPIFetcher(self.module) + + self.module_result = dict( + changed=False, + failed=False, + loglines=loglines, + ) + + self.lifecycle = self.module.params['workflow']['lifecycle'] + + self.retrieved_object = None + self.configured_object = self.module.params['resource'] + + self.endpoint = self.module.params['workflow'].get('endpoint') + + self.differing_attributes = [] + + # Parse non updateable attributes + self.non_updateable_attributes = self.module.params['workflow'].get('non_updateable_attributes') + if self.non_updateable_attributes is None: + self.non_updateable_attributes = [] + + id_key = self.module.params['workflow'].get('primary_id_attribute') + if id_key is not None: + self.id = self.module.params['resource'][id_key] + else: + self.id = None + + log('self.id %s' % self.id) + + # Parse delete id attributes + self.delete_id_attributes = self.module.params['workflow'].get('delete_id_attributes') + if self.delete_id_attributes is None: + self.delete_id_attributes = [] + + def resource_exists(self): + log('ModuleExecutor.resource_exists()') + if self.lifecycle == 'object': + return self.object_exists() + elif self.lifecycle == 'binding': + return self.binding_exists() + elif self.lifecycle == 'bindings_list': + return self.bindings_list_exists() + elif self.lifecycle == 'non_updateable_object': + return self.non_updateable_object_exists() + else: + msg = 'Unrecognized lifecycle value "%s"' % self.lifecycle + self.module.fail_json(msg=msg, **self.module_result) + + def resource_identical(self): + log('ModuleExecutor.resource_identical()') + if self.lifecycle == 'object': + return self.object_identical() + elif self.lifecycle == 'binding': + return self.binding_identical() + elif self.lifecycle == 'bindings_list': + return self.bindings_list_identical() + elif self.lifecycle == 'non_updateable_object': + return self.non_updateable_object_identical() + + def resource_create(self): + log('ModuleExecutor.resource_create()') + if self.lifecycle == 'object': + self.object_create() + elif self.lifecycle == 'binding': + self.binding_create() + elif self.lifecycle == 'bindings_list': + self.bindings_list_create() + elif self.lifecycle == 'non_updateable_object': + return self.non_updateable_object_create() + + def resource_update(self): + log('ModuleExecutor.resource_update()') + if self.lifecycle == 'object': + self.object_update() + elif self.lifecycle == 'binding': + self.binding_update() + elif self.lifecycle == 'bindings_list': + self.bindings_list_update() + elif self.lifecycle == 'non_updateable_object': + return self.non_updateable_object_update() + + def resource_delete(self): + log('ModuleExecutor.resource_delete()') + if self.lifecycle == 'object': + self.object_delete() + elif self.lifecycle == 'binding': + self.binding_delete() + elif self.lifecycle == 'bindings_list': + self.bindings_list_delete() + elif self.lifecycle == 'non_updateable_object': + return self.non_updateable_object_delete() + + def binding_matches_id_attributes(self, binding): + log('ModuleExecutor.binding_matches_id_attributes()') + retval = True + id_keys = [] + id_keys.append(self.module.params['workflow']['primary_id_attribute']) + id_keys.extend(self.module.params['workflow']['delete_id_attributes']) + + for attribute in self.module.params['resource'].keys(): + if attribute in id_keys: + configured_value = self.module.params['resource'][attribute] + retrieved_value = binding.get(attribute) + if configured_value != retrieved_value: + log('Non matching id attribute %s' % attribute) + retval = False + + return retval + + + def binding_exists(self): + log('ModuleExecutor.binding_exists()') + + result = self.fetcher.get(self.endpoint, self.id) + + log('get result %s' % result) + + if result['nitro_errorcode'] == 0: + if self.endpoint not in result['data']: + return False + + objects_returned = result['data'][self.endpoint] + matching_objects = [] + + # Compare the present id attributes + for object in objects_returned: + if self.binding_matches_id_attributes(object): + matching_objects.append(object) + + if len(matching_objects) == 0: + return False + elif len(matching_objects) == 1: + self.retrieved_object = matching_objects[0] + return True + elif len(matching_objects) > 1: + msg = 'Found multiple matching objects for binding' + self.module.fail_json(msg=msg, **self.module_result) + elif result['nitro_errorcode'] == self.module.params['workflow']['bound_resource_missing_errorcode']: + return False + else: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def binding_identical(self): + log('ModuleExecutor.binding_identical()') + return self.object_identical() + + def binding_create(self): + log('ModuleExecutor.binding_create()') + + attributes = self.module.params['resource'] + + put_data = { + self.endpoint: attributes + } + + log('request put data: %s' % put_data) + + result = self.fetcher.put(put_data=put_data, resource=self.endpoint) + + log('result of put: %s' % result) + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def binding_update(self): + log('ModuleExecutor.binding_update()') + self.binding_delete() + self.binding_create() + + def binding_delete(self): + log('ModuleExecutor.binding_delete()') + + args = {} + for key in self.module.params['workflow']['delete_id_attributes']: + if key in self.configured_object: + args[key] = self.configured_object[key] + + result = self.fetcher.delete(resource=self.endpoint, id=self.id, args=args) + log('delete result %s' % result) + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def bindings_list_exists(self): + log('ModuleExecutor.bindings_list_exists()') + return self.bindings_list_identical() + + def bindings_list_identical(self): + log('ModuleExecutor.bindings_list_identical()') + + configured_bindings = self.configured_object['bindings_list'] + + self.key_attributes = copy.deepcopy(self.module.params['workflow']['binding_workflow']['delete_id_attributes']) + self.key_attributes.insert(0, self.module.params['workflow']['binding_workflow']['primary_id_attribute']) + + # Sanity check that at least one item is defined in bindings_list + if len(configured_bindings) == 0: + msg = 'Bindings list must have at least one item.' + self.module.fail_json(msg=msg, **self.module_result) + + # Fallthrough + + # Sanity check that all bindings have uniform resource attribute keys + key_tuples = [] + for binding in configured_bindings: + attribute_keys_present = list(frozenset(binding.keys()) & frozenset(self.key_attributes)) + key_tuple = tuple(sorted(attribute_keys_present)) + key_tuples.append(key_tuple) + + key_tuple_set = frozenset(key_tuples) + log('key_tuple_set %s' % key_tuple_set) + if len(key_tuple_set) > 1: + key_tuples = [item for item in key_tuple_set] + msg = 'Bindings list key attributes are not uniform. Attribute key sets found %s' % key_tuples + self.module.fail_json(msg=msg, **self.module_result) + + # Fallthrough + + # Sanity check that all primary ids are one and the same + primary_id_key = self.module.params['workflow']['binding_workflow']['primary_id_attribute'] + primary_ids_list = [ item[primary_id_key] for item in configured_bindings ] + primary_ids_set = frozenset(primary_ids_list) + log('primary_ids_set %s' % primary_ids_set) + if len(primary_ids_set) > 1: + keys = [ item for item in primary_ids_set ] + msg = 'Need to have only one primary id value. Found: %s' % keys + self.module.fail_json(msg=msg, **self.module_result) + + # Fallthrough + + # Get existing bindings + self.id = list(primary_ids_set)[0] + self.endpoint = self.module.params['workflow']['binding_workflow']['endpoint'] + + result = self.fetcher.get(self.endpoint, self.id) + + log('get result %s' % result) + + existing_bindings = [] + if result['nitro_errorcode'] == 0: + if self.endpoint not in result['data']: + existing_bindings = [] + else: + existing_bindings = result['data'][self.endpoint] + + elif result['nitro_errorcode'] == self.module.params['workflow']['binding_workflow']['bound_resource_missing_errorcode']: + existing_bindings = [] + else: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + # Construct the dictionaries keyed by tuple of key attributes + # First attribute must be the primary id attribute + self.key_attributes_present = [] + for item in self.key_attributes: + if item in list(key_tuple_set)[0]: + self.key_attributes_present.append(item) + + self.configured_bindings_dict = {} + for binding in configured_bindings: + binding_key = self._get_binding_key_tuple(binding) + + if binding_key in self.configured_bindings_dict: + msg = 'Found duplicate key for configured bindings %s' % (binding_key,) + self.module.fail_json(msg=msg, **self.module_result) + + log('Configured binding id %s registered to dict' % (binding_key,)) + self.configured_bindings_dict[binding_key] = binding + + self.existing_bindings_dict = {} + + for binding in existing_bindings: + binding_key = self._get_binding_key_tuple(binding) + + if binding_key in self.existing_bindings_dict: + msg = 'Found duplicate key for existing bindings %s' % (binding_key,) + self.module.fail_json(msg=msg, **self.module_result) + + log('Existing binding id %s registered to dict' % (binding_key,)) + self.existing_bindings_dict[binding_key] = binding + + # Calculate to delete keys + self.to_delete_keys = [] + for existing_key in self.existing_bindings_dict: + if existing_key not in self.configured_bindings_dict: + log('Existing binding key marked for delete %s' % (existing_key,)) + self.to_delete_keys.append(existing_key) + + # Calculate to update keys + self.to_update_keys = [] + for existing_key in self.existing_bindings_dict: + if existing_key in self.configured_bindings_dict: + configured = self.configured_bindings_dict[existing_key] + existing = self.existing_bindings_dict[existing_key] + if not self._binding_list_item_identical_to_configured(configured, existing): + log('Existing binding key marked for update %s' % (existing_key,)) + self.to_update_keys.append(existing_key) + + # Calculate to create keys + self.to_create_keys = [] + for configured_key in self.configured_bindings_dict: + if configured_key not in self.existing_bindings_dict: + log('Configured binding key marked for create %s' % (configured_key,)) + self.to_create_keys.append(configured_key) + + # Calculate all changes + all_change_keys = self.to_create_keys + self.to_update_keys + self.to_delete_keys + if len(all_change_keys) == 0: + return True + else: + return False + + + + def _get_binding_key_tuple(self, binding_dict): + log('ModuleExecutor._get_binding_key_tuple()') + ret_val = [] + # Order of attribute values is determined by ordering of self.key_attributes_present + for attribute in self.key_attributes_present: + if attribute in binding_dict: + attribute_value = binding_dict[attribute] + ret_val.append(attribute_value) + return tuple(ret_val) + + def _binding_list_item_identical_to_configured(self, configured_dict, retrieved_dict): + log('ModuleExecutor._binding_list_item_identical_to_configured()') + ret_val = True + + for attribute in configured_dict.keys(): + configured_value = configured_dict[attribute] + retrieved_value = retrieved_dict.get(attribute) + if configured_value != retrieved_value: + ret_val = False + str_tuple = ( + attribute, + type(configured_value), + configured_value, + type(retrieved_value), + retrieved_value, + ) + self.differing_attributes.append(attribute) + log('Attribute "%s" differs. Configured parameter: (%s) %s. Retrieved NITRO parameter: (%s) %s' % str_tuple) + + return ret_val + + def _binding_list_item_delete(self, binding): + log('ModuleExecutor._binding_list_item_delete()') + + log('Deleting binding %s' % binding) + + # First attribute is the primary id attribute + id_key = self.key_attributes_present[0] + id = binding[id_key] + + args = {} + for key in self.key_attributes_present[1:]: + if key in binding: + args[key] = binding[key] + + result = self.fetcher.delete(resource=self.endpoint, id=id, args=args) + log('delete result %s' % result) + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def _binding_list_item_create(self, binding): + log('ModuleExecutor._binding_list_item_create()') + + put_data = { + self.endpoint: binding + } + + log('request put data: %s' % put_data) + + result = self.fetcher.put(put_data=put_data, resource=self.endpoint) + + log('result of put: %s' % result) + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def bindings_list_create(self): + log('ModuleExecutor.bindings_list_create()') + self.bindings_list_update() + + def bindings_list_update(self): + log('ModuleExecutor.bindings_list_update()') + + for key in self.to_delete_keys: + self._binding_list_item_delete(self.existing_bindings_dict[key]) + + for key in self.to_update_keys: + self._binding_list_item_delete(self.existing_bindings_dict[key]) + + for key in self.to_update_keys: + self._binding_list_item_create(self.configured_bindings_dict[key]) + + for key in self.to_create_keys: + self._binding_list_item_create(self.configured_bindings_dict[key]) + + + def bindings_list_delete(self): + log('ModuleExecutor.bindings_list_delete()') + + for key in self.configured_bindings_dict: + binding = self.configured_bindings_dict[key] + self._binding_list_item_delete(binding) + + + def object_exists(self): + log('ModuleExecutor.object_exists()') + + resource_missing_errorcode = self.module.params['workflow'].get('resource_missing_errorcode') + log('resource missing errorcode %a' % resource_missing_errorcode) + + if resource_missing_errorcode is None: + msg = 'object lifecycle requires resource_missing_errorcode workflow parameter' + self.module.fail_json(msg=msg, **self.module_result) + + result = self.fetcher.get(self.endpoint, self.id) + + log('get result %s' % result) + if result['nitro_errorcode'] == 0: + self.retrieved_object = result['data'][self.endpoint][0] + return True + elif result['nitro_errorcode'] == resource_missing_errorcode: + return False + else: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def object_identical(self): + log('ModuleExecutor.object_identical()') + ret_val = True + + if self.retrieved_object is None: + raise Exception('Should have a retrieved object by now.') + + for attribute in self.module.params['resource'].keys(): + configured_value = self.module.params['resource'][attribute] + retrieved_value = self.retrieved_object.get(attribute) + if configured_value != retrieved_value: + ret_val = False + str_tuple = ( + attribute, + type(configured_value), + configured_value, + type(retrieved_value), + retrieved_value, + ) + self.differing_attributes.append(attribute) + log('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple) + + return ret_val + + def object_create(self): + log('ModuleExecutor.object_create()') + attributes = self.module.params['resource'] + post_data = { + self.endpoint : attributes + } + + log('post data %s' % post_data) + result = self.fetcher.post(post_data=post_data, resource=self.endpoint) + log('post result %s' % result) + + if result['http_response_data']['status'] == 201: + if result.get('nitro_errorcode') is not None: + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + elif 400 <= result['http_response_data']['status'] <= 599: + raise NitroException( + errorcode=result.get('nitro_errorcode'), + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + else: + msg = 'Did not get nitro errorcode and http status was not 201 or 4xx (%s)' % result['http_response_data']['status'] + self.module.fail_json(msg=msg, **self.module_result) + + def object_update(self): + log('ModuleExecutor.object_update()') + + non_updateables_changed = list( + frozenset(self.non_updateable_attributes) & frozenset(self.differing_attributes) + ) + if len(non_updateables_changed) > 0: + log('Non updateables changed %s' % non_updateables_changed) + if self.module.params['workflow']['allow_recreate']: + self.object_delete() + self.object_create() + else: + msg = ('Not allowed to recreate object. Non updateable attributes changed %s' % non_updateables_changed) + self.module.fail_json(msg=msg, **self.module_result) + else: + attributes = self.module.params['resource'] + for attribute in self.non_updateable_attributes: + if attribute in attributes: + del attributes[attribute] + + put_data = { + self.endpoint : attributes + } + + log('request put data: %s' % put_data) + + result = self.fetcher.put(put_data=put_data, resource=self.endpoint) + + log('result of put: %s' % result) + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def object_delete(self): + log('ModuleExecutor.object_delete()') + + args = {} + for key in self.module.params['workflow'].get('delete_id_attributes', []): + if key in self.configured_object: + args[key] = self.configured_object[key] + + result = self.fetcher.delete(resource=self.endpoint, id=self.id, args=args) + log('delete result %s' % result) + + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + def non_updateable_object_exists(self): + log('ModuleExecutor.non_updateable_object_exists()') + + resource_missing_errorcode = self.module.params['workflow'].get('resource_missing_errorcode') + log('resource missing errorcode %a' % resource_missing_errorcode) + + if resource_missing_errorcode is None: + msg = 'object lifecycle requires resource_missing_errorcode workflow parameter' + self.module.fail_json(msg=msg, **self.module_result) + + args = {} + for key in self.module.params['workflow'].get('delete_id_attributes', []): + if key in self.configured_object: + args[key] = self.configured_object[key] + + log('self.id %s' % self.id) + result = self.fetcher.get(self.endpoint, id=self.id, args=args) + log('get result %s' % result) + + if result['nitro_errorcode'] == 0: + returned_list = result['data'][self.endpoint] + if len(returned_list) > 1: + msg = 'Found more than one existing objects' + self.module.fail_json(msg=msg, **self.module_result) + + # Fallthrough + self.retrieved_object = result['data'][self.endpoint][0] + return True + elif result['nitro_errorcode'] == resource_missing_errorcode: + return False + else: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def non_updateable_object_identical(self): + log('ModuleExecutor.non_updateable_object_identical()') + + ret_val = True + + if self.retrieved_object is None: + raise Exception('Should have a retrieved object by now.') + + for attribute in self.module.params['resource'].keys(): + configured_value = self.module.params['resource'][attribute] + retrieved_value = self.retrieved_object.get(attribute) + if configured_value != retrieved_value: + ret_val = False + str_tuple = ( + attribute, + type(configured_value), + configured_value, + type(retrieved_value), + retrieved_value, + ) + self.differing_attributes.append(attribute) + log('Attribute "%s" differs. Playbook parameter: (%s) %s. Retrieved NITRO object: (%s) %s' % str_tuple) + + return ret_val + + def non_updateable_object_create(self): + log('ModuleExecutor.non_updateable_object_create()') + + attributes = self.module.params['resource'] + post_data = { + self.endpoint : attributes + } + + log('post data %s' % post_data) + result = self.fetcher.post(post_data=post_data, resource=self.endpoint) + log('post result %s' % result) + + if result['http_response_data']['status'] == 201: + if result.get('nitro_errorcode') is not None: + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + elif 400 <= result['http_response_data']['status'] <= 599: + raise NitroException( + errorcode=result.get('nitro_errorcode'), + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + else: + msg = 'Did not get nitro errorcode and http status was not 201 or 4xx (%s)' % result['http_response_data']['status'] + self.module.fail_json(msg=msg, **self.module_result) + + def non_updateable_object_update(self): + log('ModuleExecutor.non_updateable_object_update()') + self.non_updateable_object_delete() + self.non_updateable_object_create() + + def non_updateable_object_delete(self): + log('ModuleExecutor.non_updateable_object_delete()') + + args = {} + for key in self.module.params['workflow']['delete_id_attributes']: + if key in self.configured_object: + args[key] = self.configured_object[key] + + result = self.fetcher.delete(resource=self.endpoint, id=self.id, args=args) + log('delete result %s' % result) + + if result['nitro_errorcode'] != 0: + raise NitroException( + errorcode=result['nitro_errorcode'], + message=result.get('nitro_message'), + severity=result.get('nitro_severity'), + ) + + def update_or_create_resource(self): + log('ModuleExecutor.update_or_create_resource()') + + # Create or update main object + if not self.resource_exists(): + self.module_result['changed'] = True + if not self.module.check_mode: + self.resource_create() + else: + if not self.resource_identical(): + self.module_result['changed'] = True + if not self.module.check_mode: + self.resource_update() + else: + log('Existing resource has identical values to configured.') + + def delete_resource(self): + log('ModuleExecutor.delete_resource()') + + if self.resource_exists(): + self.module_result['changed'] = True + if not self.module.check_mode: + self.resource_delete() + + def main(self): + try: + + if self.module.params['state'] == 'present': + self.update_or_create_resource() + elif self.module.params['state'] == 'absent': + self.delete_resource() + + self.module.exit_json(**self.module_result) + + except NitroException as e: + msg = "nitro exception errorcode=%s, message=%s, severity=%s" % (str(e.errorcode), e.message, e.severity) + self.module.fail_json(msg=msg, **self.module_result) + except Exception as e: + msg = 'Exception %s: %s' % (type(e), str(e)) + self.module.fail_json(msg=msg, **self.module_result) + + + +def main(): + + + argument_spec = dict() + + + argument_spec.update(netscaler_common_arguments) + + module_specific_arguments = dict( + state=dict(type='str'), + workflow=dict(type='dict'), + resource=dict(type='dict'), + ) + + argument_spec.update(module_specific_arguments) + + module = AnsibleModule( + argument_spec=argument_spec, + supports_check_mode=True, + ) + + executor = ModuleExecutor(module=module) + executor.main() + + +if __name__ == '__main__': + main() diff --git a/utils/generate_integration_tests.sh b/utils/generate_integration_tests.sh index 7429e3e2b..744f1f6e9 100755 --- a/utils/generate_integration_tests.sh +++ b/utils/generate_integration_tests.sh @@ -71,9 +71,14 @@ module=${file%.py} done +python generate_citrix_adc_nitro_resource_test.py \ +--ns-version $NS_VERSION \ +--dir-path $target_dir/citrix_adc_direct_calls/roles + # Add skeleton modules skeleton_modules=( "citrix_adc_nitro_request" +"citrix_adc_nitro_resource" "citrix_adc_save_config" "citrix_adc_ssl_certkey" diff --git a/utils/generate_workflows.sh b/utils/generate_workflows.sh new file mode 100644 index 000000000..8611b63f9 --- /dev/null +++ b/utils/generate_workflows.sh @@ -0,0 +1,8 @@ +HERE=$(realpath $( dirname ${BASH_SOURCE[0]})) + +cd $HERE/source/nitro_resource_utils + +echo $PWD +python generate_workflows.py \ +--nitro-api-defines "../nitro_api_defines/mana_41_28" \ +--output ./workflows.yaml diff --git a/utils/source/generate_integration_tests/generate_citrix_adc_nitro_resource_test.py b/utils/source/generate_integration_tests/generate_citrix_adc_nitro_resource_test.py new file mode 100644 index 000000000..cbb1e63a7 --- /dev/null +++ b/utils/source/generate_integration_tests/generate_citrix_adc_nitro_resource_test.py @@ -0,0 +1,48 @@ +import os +import argparse +import pyaml +import yaml +import copy +import functools +from collections import OrderedDict as od + +def generate_test_cases(args): + generate_lbgroup(args) + generate_lbmetrictable(args) + generate_bindings_list_failure_checks(args) + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument('--dir-path', default=None, help="Directory path to where the integration tests to be generated") + parser.add_argument('--ns-version', default='12.1', help="Target Netscaler version") + + args = parser.parse_args() + + import nitro_resource_tests + nitro_resource_tests.generate_skeleton(args) + + from nitro_resource_tests import lbvserver + lbvserver.generate_all(args) + + from nitro_resource_tests import lbassorted + lbassorted.generate_all(args) + + from nitro_resource_tests import lbgroup + lbgroup.generate_all(args) + + from nitro_resource_tests import lbmetrictable + lbmetrictable.generate_all(args) + + from nitro_resource_tests import bindings_list_failures + bindings_list_failures.generate_all(args) + + from nitro_resource_tests import spillover + spillover.generate_all(args) + + from nitro_resource_tests import basic + basic.generate_all(args) + + + +if __name__ == '__main__': + main() diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/__init__.py b/utils/source/generate_integration_tests/nitro_resource_tests/__init__.py new file mode 100644 index 000000000..aa0453254 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/__init__.py @@ -0,0 +1,170 @@ +import os.path +import yaml +import pyaml +import functools +import copy +from collections import OrderedDict as od + +HERE = os.path.dirname(os.path.abspath(os.path.realpath(__file__))) + +NITRO_RESOURCE_TASK_FILE='''\ +- name: "Nitro resource task: `{{ resource_name | default('') }}` for state `{{ state }}`" + delegate_to: localhost + register: result + ignore_errors: "{{ ignore_errors | default('no') }}" + check_mode: "{{ check_mode }}" + citrix_adc_nitro_resource: + nitro_user: '{{ nitro_user }}' + nitro_pass: '{{ nitro_pass }}' + nsip: '{{ nsip }}' + state: '{{ state }}' + + workflow: "{{ workflow_dict }}" + resource: "{{ resource_attributes }}" +''' + +MAIN_ROLE_FILE='''\ +- include: nitro.yaml + tags: + - nitro +''' + +NITRO_ROLE_FILE='''\ +- name: 'collect all nitro test cases' + find: + paths: '{{ role_path }}/tests/nitro' + patterns: '{{ testcase }}.yaml' + register: test_cases +- name: 'set test_items' + set_fact: 'test_items="{{ test_cases.files | map(attribute=''path'') | list }}"' +- name: 'run test case' + include: '{{ test_case_to_run }}' + with_items: '{{ test_items }}' + loop_control: + loop_var: test_case_to_run +''' + +DEFAUTLS_VARIABLES_FILE='''\ +testcase: "*" +test_cases: [] +nitro_user: nsroot +nitro_pass: nsroot +''' + +def generate_skeleton(args): + + role_path = os.path.join(args.dir_path, 'citrix_adc_nitro_resource') + if not os.path.exists(role_path): + os.makedirs(role_path) + + paths = [ + os.path.join(role_path, 'tasks'), + os.path.join(role_path, 'defaults'), + os.path.join(role_path, 'vars'), + os.path.join(role_path, 'tests/nitro/tasks'), + ] + for path in paths: + if not os.path.exists(path): + os.makedirs(path) + + with open(os.path.join(role_path, 'tasks', 'main.yaml'), 'w') as fh: + fh.write(MAIN_ROLE_FILE) + + with open(os.path.join(role_path, 'tasks', 'nitro.yaml'), 'w') as fh: + fh.write(NITRO_ROLE_FILE) + + with open(os.path.join(role_path, 'defaults', 'main.yaml'), 'w') as fh: + fh.write(DEFAUTLS_VARIABLES_FILE) + + with open(os.path.join(role_path, 'tests/nitro/tasks', 'nitro_resource_task.yaml'), 'w') as fh: + fh.write(NITRO_RESOURCE_TASK_FILE) + + + workflow_source = os.path.join(HERE, '../../nitro_resource_utils/workflows.yaml') + with open(workflow_source, 'r') as fh: + workflow = yaml.load(fh) + + with open(os.path.join(role_path, 'vars', 'main.yaml'), 'w') as fh: + pyaml.dump(workflow, fh) + + + +def generate_step(workflow_key, resource, state, check_mode, step_name=None): + if step_name is None: + step_name = 'Processing resource `%s` for state `%s` with check_mode `%s`' % (workflow_key, state, check_mode) + step = od([ + ('name', step_name), + ('include_tasks', od([ + ('file', 'tasks/nitro_resource_task.yaml'), + ('apply', od([ + ('vars', od([ + ('resource_name', workflow_key), + ('state', state), + ('check_mode', check_mode), + ('workflow_dict', '{{ workflow.%s }}' % workflow_key), + ('resource_attributes', copy.deepcopy(resource)), + ])), + ])), + ])), + ]) + return step + +def generate_bindings_list_step(workflow_key, resource, state, check_mode, step_name=None): + if step_name is None: + step_name = 'Processing bindings list `%s` for state `%s` with check_mode `%s`' % (workflow_key, state, check_mode) + step = od([ + ('name', step_name), + ('include_tasks', od([ + ('file', 'tasks/nitro_resource_task.yaml'), + ('apply', od([ + ('vars', od([ + ('resource_name', '%s bindings list' % workflow_key), + ('state', state), + ('check_mode', check_mode), + ('workflow_dict', od([ + ('lifecycle', 'bindings_list'), + ('binding_workflow', '{{ workflow.%s }}' % workflow_key), + ])), + ('resource_attributes', od([ + ('bindings_list', copy.deepcopy(resource)), + ])), + ])), + ])), + ])), + ]) + return step + +ASSERT_RESULT_CHANGED_STEP = { + 'assert':{ + 'that': 'result is changed' + } +} + +ASSERT_RESULT_NOT_CHANGED_STEP = { + 'assert':{ + 'that': 'not result is changed' + } +} + +def full_cycle(playbook, step_function, cycle): + if cycle not in ('present', 'absent'): + raise Exception('cycle value not valid %s' % cycle) + + # Fallthrough + + playbook.append(step_function(state=cycle, check_mode='yes')) + playbook.append(copy.deepcopy(ASSERT_RESULT_CHANGED_STEP)) + + playbook.append(step_function(state=cycle, check_mode='no')) + playbook.append(copy.deepcopy(ASSERT_RESULT_CHANGED_STEP)) + + playbook.append(step_function(state=cycle, check_mode='yes')) + playbook.append(copy.deepcopy(ASSERT_RESULT_NOT_CHANGED_STEP)) + + playbook.append(step_function(state=cycle, check_mode='no')) + playbook.append(copy.deepcopy(ASSERT_RESULT_NOT_CHANGED_STEP)) + +def save_test(args, playbook_name, playbook): + playbook_file = os.path.join(args.dir_path, 'citrix_adc_nitro_resource', 'tests', 'nitro', '%s.yaml' % playbook_name) + with open(playbook_file, 'w') as fh: + pyaml.dump(playbook, fh, vspacing=[1,0]) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/basic.py b/utils/source/generate_integration_tests/nitro_resource_tests/basic.py new file mode 100644 index 000000000..269e7c1e6 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/basic.py @@ -0,0 +1,216 @@ +from . import * + +def generate_service(args): + playbook = [] + resources = { + 'services': [ + { + 'name': 'service-http-1', + 'servicetype': 'HTTP', + 'ip': '10.78.0.1', + 'port': '80', + }, + { + 'name': 'service-http-2', + 'servicetype': 'HTTP', + 'ip': '10.78.0.2', + 'port': '80', + }, + ], + 'lbmonitors':[ + { + 'monitorname': 'lb-monitor-http', + 'type': 'HTTP', + }, + { + 'monitorname': 'lb-monitor-http-inline', + 'type': 'HTTP-INLINE', + }, + ], + 'service_lbmonitor_bindings': [ + { + 'name': 'service-http-1', + 'monitor_name': 'lb-monitor-http', + }, + { + 'name': 'service-http-1', + 'monitor_name': 'lb-monitor-http-inline', + }, + ], + 'service_tcp_default_binding': { + 'name': 'service-http-1', + 'monitor_name': 'tcp-default', + }, + } + + service_step = functools.partial( + generate_step, + workflow_key='service', + resource=resources['services'][0], + ) + + lbmonitor_steps = [] + for item in resources['lbmonitors']: + step = functools.partial( + generate_step, + workflow_key='lbmonitor', + resource=item + ) + lbmonitor_steps.append(step) + + service_lbmonitor_binding_steps = [] + for item in resources['service_lbmonitor_bindings']: + step = functools.partial( + generate_step, + workflow_key='service_lbmonitor_binding', + resource=item + ) + service_lbmonitor_binding_steps.append(step) + + resource=copy.deepcopy(resources['service_lbmonitor_bindings']) + resource.append(copy.deepcopy(resources['service_tcp_default_binding'])) + service_lbmonitor_binding_list_full_step = functools.partial( + generate_bindings_list_step, + workflow_key='service_lbmonitor_binding', + resource=resource, + ) + + resource=copy.deepcopy(resources['service_lbmonitor_bindings'][:-1]) + resource.append(copy.deepcopy(resources['service_tcp_default_binding'])) + service_lbmonitor_binding_list_short_step = functools.partial( + generate_bindings_list_step, + workflow_key='service_lbmonitor_binding', + resource=resource, + ) + + # Clean up remains + playbook.append(service_step(state='absent', check_mode='no')) + + # Standalone full cycle + + playbook.append(service_step(state='present', check_mode='no')) + playbook.append(copy.deepcopy(ASSERT_RESULT_CHANGED_STEP)) + + playbook.append(service_step(state='absent', check_mode='no')) + playbook.append(copy.deepcopy(ASSERT_RESULT_CHANGED_STEP)) + + # Prerequisites for next steps + playbook.append(service_step(state='present', check_mode='no')) + playbook.append(lbmonitor_steps[0](state='present', check_mode='no')) + playbook.append(lbmonitor_steps[1](state='present', check_mode='no')) + + # full cycle lbmonitor bidings + full_cycle(playbook, service_lbmonitor_binding_steps[0], cycle='present') + full_cycle(playbook, service_lbmonitor_binding_steps[1], cycle='present') + full_cycle(playbook, service_lbmonitor_binding_steps[1], cycle='absent') + full_cycle(playbook, service_lbmonitor_binding_steps[0], cycle='absent') + + # fails trying to delete default tcp monitor + # full cycle lbmonitor binding list + #full_cycle(playbook, service_lbmonitor_binding_list_full_step, cycle='present') + #full_cycle(playbook, service_lbmonitor_binding_list_short_step, cycle='present') + #full_cycle(playbook, service_lbmonitor_binding_list_full_step, cycle='present') + #full_cycle(playbook, service_lbmonitor_binding_list_full_step, cycle='absent') + + # Prerequisites clean up + playbook.append(service_step(state='absent', check_mode='no')) + playbook.append(lbmonitor_steps[0](state='absent', check_mode='no')) + playbook.append(lbmonitor_steps[1](state='absent', check_mode='no')) + + save_test(args, 'service', playbook) + +def generate_servicegroup(args): + pass + playbook = [] + resources = { + 'servicegroup': { + 'servicegroupname': 'integration-test-servicegroup-1', + 'servicetype': 'HTTP', + }, + + 'lbmonitors':[ + { + 'monitorname': 'lb-monitor-http', + 'type': 'HTTP', + }, + { + 'monitorname': 'lb-monitor-http-inline', + 'type': 'HTTP-INLINE', + }, + ], + 'servicegroup_lbmonitor_bindings': [ + { + 'servicegroupname': 'integration-test-servicegroup-1', + 'monitor_name': 'lb-monitor-http', + }, + { + 'servicegroupname': 'integration-test-servicegroup-1', + 'monitor_name': 'lb-monitor-http-inline', + }, + ] + } + + servicegroup_step = functools.partial( + generate_step, + workflow_key='servicegroup', + resource=resources['servicegroup'] + ) + + lbmonitor_steps = [] + for item in resources['lbmonitors']: + step = functools.partial( + generate_step, + workflow_key='lbmonitor', + resource=item + ) + lbmonitor_steps.append(step) + + servicegroup_lbmonitor_binding_steps = [] + for item in resources['servicegroup_lbmonitor_bindings']: + step = functools.partial( + generate_step, + workflow_key='servicegroup_lbmonitor_binding', + resource=item + ) + servicegroup_lbmonitor_binding_steps.append(step) + + servicegroup_lbmonitor_binding_list_full_step = functools.partial( + generate_bindings_list_step, + workflow_key='servicegroup_lbmonitor_binding', + resource=copy.deepcopy(resources['servicegroup_lbmonitor_bindings']) + ) + + servicegroup_lbmonitor_binding_list_short_step = functools.partial( + generate_bindings_list_step, + workflow_key='servicegroup_lbmonitor_binding', + resource=copy.deepcopy(resources['servicegroup_lbmonitor_bindings'][:-1]) + ) + + + # Clean up remains + playbook.append(servicegroup_step(state='absent', check_mode='no')) + + # Full cycle + full_cycle(playbook, servicegroup_step, cycle='present') + full_cycle(playbook, servicegroup_step, cycle='absent') + + # Prerequisites + playbook.append(servicegroup_step(state='present', check_mode='no')) + playbook.append(lbmonitor_steps[0](state='present', check_mode='no')) + playbook.append(lbmonitor_steps[1](state='present', check_mode='no')) + + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[0], cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[1], cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[1], cycle='absent') + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[0], cycle='absent') + + full_cycle(playbook, servicegroup_lbmonitor_binding_list_full_step, cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_list_short_step, cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_list_full_step, cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_list_full_step, cycle='absent') + + save_test(args, 'servicegroup', playbook) + +def generate_all(args): + generate_service(args) + generate_servicegroup(args) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/bindings_list_failures.py b/utils/source/generate_integration_tests/nitro_resource_tests/bindings_list_failures.py new file mode 100644 index 000000000..72639e6f7 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/bindings_list_failures.py @@ -0,0 +1,178 @@ +from . import * + +def generate_all(args): + playbook = [] + resource_lbvserver = { + 'name': 'resource-lb-vserver', + 'servicetype': 'HTTP', + 'ipv46': '10.60.44.22', + 'port': '8080', + } + + resource_service_1 = { + 'name': 'service-http-1', + 'servicetype': 'HTTP', + 'ip': '10.78.0.1', + 'port': '80', + } + + resource_service_2 = { + 'name': 'service-http-2', + 'servicetype': 'HTTP', + 'ip': '10.78.0.2', + 'port': '80', + } + + + lbvserver_step = functools.partial( + generate_step, + workflow_key = 'lbvserver', + resource = resource_lbvserver, + check_mode = 'no' + ) + + service_1_step = functools.partial( + generate_step, + workflow_key = 'service', + resource = resource_service_1, + check_mode = 'no' + ) + + service_2_step = functools.partial( + generate_step, + workflow_key = 'service', + resource = resource_service_2, + check_mode = 'no' + ) + + def generate_test_step(workflow, resource, step_name, state): + step = od([ + ('name', step_name), + ('include_tasks', od([ + ('file', 'tasks/nitro_resource_task.yaml'), + ('apply', od([ + ('vars', od([ + ('state', state), + ('check_mode', 'no'), + ('ignore_errors', 'yes'), + ('workflow_dict', workflow), + ('resource_attributes', resource), + ])), + ])), + ])), + ]) + return step + + workflow_dict = od([ + + ('lifecycle', 'bindings_list'), + ('bound_resource_id', 'resource-lb-vserver'), + ('binding_workflow', od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_service_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', 'name'), + ('delete_id_attributes', [ 'servicename', 'servicegroupname']), + ])), + ]) + + bindings = [ + od([ + ('name', 'resource-lb-vserver'), + ('servicename', 'service-http-1'), + ('weight', '!!str 40'), + ]), + + od([ + ('name', 'resource-lb-vserver'), + ('servicename', 'service-http-2'), + ('weight', '!!str 40'), + ]), + ] + + not_uniform_key_attributes_resource = { + 'bindings_list': copy.deepcopy(bindings) + } + del not_uniform_key_attributes_resource['bindings_list'][0]['servicename'] + + not_uniform_step = functools.partial( + generate_test_step, + resource=not_uniform_key_attributes_resource, + workflow=copy.deepcopy(workflow_dict), + step_name='Cause not uniform key error', + state='present', + ) + + not_uniform_key_assertion = od([ + ('name', 'Assert error msg contains("Bindings list key attributes are not uniform")'), + ('assert', { + 'that': [ + "'msg' in result", + 'result.msg.find("Bindings list key attributes are not uniform") != -1' + ] + }) + ]) + + multiple_primary_ids_resource = { + 'bindings_list': copy.deepcopy(bindings) + } + multiple_primary_ids_resource['bindings_list'][0]['name'] = 'other-lb-vserver' + + multiple_primary_ids_step = functools.partial( + generate_test_step, + resource=multiple_primary_ids_resource, + workflow=copy.deepcopy(workflow_dict), + step_name='Cause multiple primary ids error', + state='present', + ) + + multiple_primary_ids_assertion = od([ + ('name', 'Assert error msg contains("Need to have only one primary id value")'), + ('assert',{ + 'that': [ + "'msg' in result", + 'result.msg.find("Need to have only one primary id value") != -1' + ] + }), + ]) + + empty_bindings_list_step = functools.partial( + generate_test_step, + resource={'bindings_list': []}, + workflow=copy.deepcopy(workflow_dict), + step_name='Cause empty items list error', + state='present', + ) + + empty_bindings_list_assertion = od([ + ('name', 'Assert error msg contains("Bindings list must have at least one item.")'), + ('assert',{ + 'that': [ + "'msg' in result", + 'result.msg.find("Bindings list must have at least one item.") != -1' + ] + }), + ]) + + + + # Create prerequisites + #playbook.append(lbvserver_step(state='present', step_name='Create prerequisite lb vserver')) + #playbook.append(service_1_step(state='present', step_name='Create prerequisite service 1')) + #playbook.append(service_2_step(state='present', step_name='Create prerequisite service 2')) + + playbook.append(not_uniform_step()) + playbook.append(not_uniform_key_assertion) + + playbook.append(multiple_primary_ids_step()) + playbook.append(multiple_primary_ids_assertion) + + playbook.append(empty_bindings_list_step()) + playbook.append(empty_bindings_list_assertion) + + # Delete prerequisites + #playbook.append(lbvserver_step(state='absent', step_name='Delete prerequisite lb vserver')) + #playbook.append(service_1_step(state='absent', step_name='Delete prerequisite service 1')) + #playbook.append(service_2_step(state='absent', step_name='Delete prerequisite service 2')) + + save_test(args, 'bindings_list_failures', playbook) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/lbassorted.py b/utils/source/generate_integration_tests/nitro_resource_tests/lbassorted.py new file mode 100644 index 000000000..b7557b5c6 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/lbassorted.py @@ -0,0 +1,303 @@ +from . import * + + + +def generate_monitor(args): + playbook = [] + + resources = { + 'lbmonitor':{ + 'monitorname': 'lb-monitor-http', + 'type': 'HTTP', + 'httprequest': 'HEAD /file.html', + }, + + 'services': [ + { + 'name': 'service-http-1', + 'servicetype': 'HTTP', + 'ip': '10.78.0.1', + 'port': '80', + }, + { + 'name': 'service-http-2', + 'servicetype': 'HTTP', + 'ip': '10.78.0.2', + 'port': '80', + }, + ], + + 'service_lbmonitor_bindings': [ + { + 'name': 'service-http-1', + 'monitor_name': 'lb-monitor-http', + }, + { + 'name': 'service-http-2', + 'monitor_name': 'lb-monitor-http', + }, + ], + + 'servicegroups': [ + { + 'servicegroupname': 'integration-test-servicegroup-1', + 'servicetype': 'HTTP', + }, + { + 'servicegroupname': 'integration-test-servicegroup-2', + 'servicetype': 'HTTP', + }, + ], + + 'servicegroup_lbmonitor_bindings': [ + { + 'servicegroupname': 'integration-test-servicegroup-1', + 'monitor_name': 'lb-monitor-http', + }, + { + 'servicegroupname': 'integration-test-servicegroup-2', + 'monitor_name': 'lb-monitor-http', + }, + ] + + } + + + lbmonitor_step = functools.partial( + generate_step, + workflow_key='lbmonitor', + resource=copy.deepcopy(resources['lbmonitor']) + ) + + resource=copy.deepcopy(resources['lbmonitor']) + resource['httprequest'] = 'HEAD /other_file.html' + lbmonitor_modified_step = functools.partial( + generate_step, + workflow_key='lbmonitor', + resource=resource, + ) + service_steps = [] + for item in resources['services']: + step = functools.partial( + generate_step, + workflow_key='service', + resource=item, + ) + service_steps.append(step) + + service_lbmonitor_binding_steps = [] + for item in resources['service_lbmonitor_bindings']: + step = functools.partial( + generate_step, + workflow_key='service_lbmonitor_binding', + resource=item, + ) + service_lbmonitor_binding_steps.append(step) + + service_lbmonitor_binding_list_full_step = functools.partial( + generate_bindings_list_step, + workflow_key='service_lbmonitor_binding', + resource=copy.deepcopy(resources['service_lbmonitor_bindings']) + ) + + resource=copy.deepcopy(resources['service_lbmonitor_bindings'][:-1]) + + service_lbmonitor_binding_list_reduced_step = functools.partial( + generate_bindings_list_step, + workflow_key='service_lbmonitor_binding', + resource=resource, + ) + + + servicegroup_steps = [] + for item in resources['servicegroups']: + step = functools.partial( + generate_step, + workflow_key='servicegroup', + resource=item, + ) + servicegroup_steps.append(step) + + servicegroup_lbmonitor_binding_steps = [] + for item in resources['servicegroup_lbmonitor_bindings']: + step = functools.partial( + generate_step, + workflow_key='servicegroup_lbmonitor_binding', + resource=item, + ) + servicegroup_lbmonitor_binding_steps.append(step) + + servicegroup_lbmonitor_binding_list_full_step = functools.partial( + generate_bindings_list_step, + workflow_key='servicegroup_lbmonitor_binding', + resource=copy.deepcopy(resources['servicegroup_lbmonitor_bindings']) + ) + + servicegroup_lbmonitor_binding_list_reduced_step = functools.partial( + generate_bindings_list_step, + workflow_key='servicegroup_lbmonitor_binding', + resource=copy.deepcopy(resources['servicegroup_lbmonitor_bindings'][:-1]) + ) + + + # Clean up before starting the full cycle tests + playbook.append(lbmonitor_step(state='absent', check_mode='no')) + + # Standalone full cycle + full_cycle(playbook, lbmonitor_step, cycle='present') + full_cycle(playbook, lbmonitor_modified_step, cycle='present') + full_cycle(playbook, lbmonitor_modified_step, cycle='absent') + + # Recreate for subsequent prerequisites + playbook.append(lbmonitor_step(state='present', check_mode='no')) + + # Rest of prerequisites + playbook.append(service_steps[0](state='present', check_mode='no')) + playbook.append(service_steps[1](state='present', check_mode='no')) + + playbook.append(servicegroup_steps[0](state='present', check_mode='no')) + playbook.append(servicegroup_steps[1](state='present', check_mode='no')) + + # Full cycle standalone service to monitor bindings + full_cycle(playbook, service_lbmonitor_binding_steps[0], cycle='present') + full_cycle(playbook, service_lbmonitor_binding_steps[1], cycle='present') + full_cycle(playbook, service_lbmonitor_binding_steps[0], cycle='absent') + full_cycle(playbook, service_lbmonitor_binding_steps[1], cycle='absent') + + # Full cycle standalone servicegroup to monitor bindings + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[0], cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[1], cycle='present') + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[0], cycle='absent') + full_cycle(playbook, servicegroup_lbmonitor_binding_steps[1], cycle='absent') + + # Full cycle service to monitor binding lists + #full_cycle(playbook, service_lbmonitor_binding_list_full_step, cycle='present') + #full_cycle(playbook, service_lbmonitor_binding_list_reduced_step, cycle='present') + #full_cycle(playbook, service_lbmonitor_binding_list_full_step, cycle='present') + #full_cycle(playbook, service_lbmonitor_binding_list_full_step, cycle='absent') + + + # Full cycle servicegroup to monitor binding lists + #full_cycle(playbook, servicegroup_lbmonitor_binding_list_full_step, cycle='present') + #full_cycle(playbook, servicegroup_lbmonitor_binding_list_reduced_step, cycle='present') + #full_cycle(playbook, servicegroup_lbmonitor_binding_list_full_step, cycle='present') + #full_cycle(playbook, servicegroup_lbmonitor_binding_list_full_step, cycle='absent') + + # Clean up prerequisites + playbook.append(lbmonitor_step(state='absent', check_mode='no')) + + playbook.append(service_steps[0](state='absent', check_mode='no')) + playbook.append(service_steps[1](state='absent', check_mode='no')) + + playbook.append(servicegroup_steps[0](state='absent', check_mode='no')) + playbook.append(servicegroup_steps[1](state='absent', check_mode='no')) + + save_test(args, 'lbmonitor', playbook) + +def generate_lbprofile(args): + playbook = [] + + resources = { + 'lbprofile': { + 'lbprofilename': 'my-lb-profile', + 'dbslb': 'DISABLED', + } + } + lbprofile_step = functools.partial( + generate_step, + workflow_key='lbprofile', + resource = copy.deepcopy(resources['lbprofile']), + ) + + resource = copy.deepcopy(resources['lbprofile']) + resource['dbslb'] = 'ENABLED' + + lbprofile_modified_step = functools.partial( + generate_step, + workflow_key='lbprofile', + resource=resource, + ) + + # Clean up + playbook.append(lbprofile_step(state='absent', check_mode='no')) + + full_cycle(playbook, lbprofile_step, cycle='present') + full_cycle(playbook, lbprofile_modified_step, cycle='present') + full_cycle(playbook, lbprofile_modified_step, cycle='absent') + + save_test(args, 'lbprofile', playbook) + +def generate_lbroute(args): + playbook = [] + resources = { + 'lbvservers': [ + od([ + ('name', 'lbroute-gw-lbvserver'), + ('servicetype', 'ANY'), + ('lbmethod', 'ROUNDROBIN'), + ('persistencetype', 'SOURCEIP'), + ]), + od([ + ('name', 'lbroute-gw-lbvserver-alt'), + ('servicetype', 'ANY'), + ('lbmethod', 'ROUNDROBIN'), + ('persistencetype', 'SOURCEIP'), + ]), + ], + 'lbroutes': [ + od([ + ('network', '193.168.1.0'), + ('netmask', '255.255.255.0'), + ('gatewayname', 'lbroute-gw-lbvserver'), + ]), + od([ + ('network', '193.168.1.0'), + ('netmask', '255.255.255.0'), + ('gatewayname', 'lbroute-gw-lbvserver-alt'), + ]), + ], + } + lbvserver_steps = [] + for lbvserver in resources['lbvservers']: + lbvserver_steps.append( + functools.partial( + generate_step, + workflow_key='lbvserver', + resource=lbvserver, + ) + ) + + lbroute_steps = [] + + for lbroute in resources['lbroutes']: + lbroute_steps.append( + functools.partial( + generate_step, + workflow_key='lbroute', + resource=lbroute, + ) + ) + + # Prereqsite create + playbook.append(lbvserver_steps[0](state='present', check_mode='no')) + playbook.append(lbvserver_steps[1](state='present', check_mode='no')) + + # Sanitize + playbook.append(lbroute_steps[0](state='absent', check_mode='no')) + + full_cycle(playbook, lbroute_steps[0], cycle='present') + full_cycle(playbook, lbroute_steps[1], cycle='present') + full_cycle(playbook, lbroute_steps[1], cycle='absent') + + # Prereqsite delete + playbook.append(lbvserver_steps[0](state='absent', check_mode='no')) + playbook.append(lbvserver_steps[1](state='absent', check_mode='no')) + + + + save_test(args, 'lbroute', playbook) + +def generate_all(args): + generate_monitor(args) + generate_lbprofile(args) + generate_lbroute(args) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/lbgroup.py b/utils/source/generate_integration_tests/nitro_resource_tests/lbgroup.py new file mode 100644 index 000000000..6514dc970 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/lbgroup.py @@ -0,0 +1,112 @@ +from . import * + +def generate_all(args): + playbook = [] + resource= { + 'lbgroup': { + 'name': 'mylbgroup', + 'timeout': 150, + }, + 'lbvserver': [ + { + 'name': 'resource-lb-vserver-1', + 'servicetype': 'HTTP', + 'ipv46': '10.60.44.22', + 'port': '8080', + }, + { + 'name': 'resource-lb-vserver-2', + 'servicetype': 'HTTP', + 'ipv46': '10.60.44.23', + 'port': '8080', + }, + ], + 'lbgroup_lbvserver_binding': [ + { + 'name': 'mylbgroup', + 'vservername': 'resource-lb-vserver-1' + }, + { + 'name': 'mylbgroup', + 'vservername': 'resource-lb-vserver-2' + } + ], + } + + lbgroup_step = functools.partial( + generate_step, + workflow_key='lbgroup', + resource=resource['lbgroup'] + ) + + lbvserver_step_1 = functools.partial( + generate_step, + workflow_key='lbvserver', + resource=resource['lbvserver'][0], + ) + + lbvserver_step_2 = functools.partial( + generate_step, + workflow_key='lbvserver', + resource=resource['lbvserver'][1], + ) + + lbgroup_binding_step = functools.partial( + generate_step, + workflow_key='lbgroup_lbvserver_binding ', + resource=copy.deepcopy(resource['lbgroup_lbvserver_binding'][0]) + ) + + full_bindings_list = copy.deepcopy(resource['lbgroup_lbvserver_binding']) + full_bindings_list_short = copy.deepcopy(resource['lbgroup_lbvserver_binding'])[:-1] + + full_bindings_list_step = functools.partial( + generate_bindings_list_step, + workflow_key='lbgroup_lbvserver_binding ', + resource=full_bindings_list, + ) + + full_bindings_list_short_step = functools.partial( + generate_bindings_list_step, + workflow_key='lbgroup_lbvserver_binding ', + resource=full_bindings_list_short, + ) + + + # Prerequisite create + playbook.append(lbvserver_step_1(state='present', check_mode='no', step_name='Create prerequisite lb vserver')) + playbook.append(lbvserver_step_2(state='present', check_mode='no', step_name='Create prerequisite lb vserver')) + + # Cleanup possible remnants + playbook.append(lbgroup_step(state='absent', check_mode='no')) + + + # Full cycles for lbgroup and standalone bindings + full_cycle(playbook, lbgroup_step, cycle='present') + full_cycle(playbook, lbgroup_binding_step, cycle='present') + + full_cycle(playbook, lbgroup_binding_step, cycle='absent') + full_cycle(playbook, lbgroup_step, cycle='absent') + + # Full cycle for bindings lists + playbook.append(lbgroup_step(state='present', check_mode='no')) + + full_cycle(playbook, full_bindings_list_step, cycle='present') + full_cycle(playbook, full_bindings_list_short_step, cycle='present') + full_cycle(playbook, full_bindings_list_step, cycle='present') + full_cycle(playbook, full_bindings_list_step, cycle='absent') + + playbook.append(lbgroup_step(state='absent', check_mode='no')) + + # Check binding not erroring when parent is already removed + playbook.append(lbgroup_step(state='present', check_mode='no')) + playbook.append(lbgroup_binding_step(state='present', check_mode='no')) + playbook.append(lbgroup_step(state='absent', check_mode='no')) + playbook.append(lbgroup_binding_step(state='absent', check_mode='no')) + playbook.append(copy.deepcopy(ASSERT_RESULT_NOT_CHANGED_STEP)) + + # Prerequisite delete + playbook.append(lbvserver_step_1(state='absent', check_mode='no', step_name='Clean up prerequisite lb vserver')) + playbook.append(lbvserver_step_2(state='absent', check_mode='no', step_name='Clean up prerequisite lb vserver')) + + save_test(args, 'lbgroup', playbook) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/lbmetrictable.py b/utils/source/generate_integration_tests/nitro_resource_tests/lbmetrictable.py new file mode 100644 index 000000000..9f5c47843 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/lbmetrictable.py @@ -0,0 +1,47 @@ +from . import * + +def generate_all(args): + playbook = [] + resource= { + 'lbmetrictable': { + 'metrictable': 'integration_test_metric_table', + }, + 'lbmetrictable_metric_binding_1': { + 'metrictable': 'integration_test_metric_table', + 'metric': 'currentconn', + 'Snmpoid': '1.3.6.1.4.1.3375.1.1.1.2.10.0', + }, + 'lbmetrictable_metric_binding_2': { + 'metrictable': 'integration_test_metric_table', + 'metric': 'cpu', + 'Snmpoid': '1.3.6.1.4.1.5951.4.1.1.41.1.0', + } + } + lbmetrictable_step = functools.partial( + generate_step, + workflow_key='lbmetrictable', + resource=resource['lbmetrictable'] + ) + + metric_1_step = functools.partial( + generate_step, + workflow_key='lbmetrictable_metric_binding', + resource=resource['lbmetrictable_metric_binding_1'] + ) + + metric_2_step = functools.partial( + generate_step, + workflow_key='lbmetrictable_metric_binding', + resource=resource['lbmetrictable_metric_binding_2'] + ) + + full_cycle(playbook, lbmetrictable_step, cycle='present') + full_cycle(playbook, metric_1_step, cycle='present') + full_cycle(playbook, metric_2_step, cycle='present') + + full_cycle(playbook, metric_1_step, cycle='absent') + full_cycle(playbook, metric_2_step, cycle='absent') + + full_cycle(playbook, lbmetrictable_step, cycle='absent') + + save_test(args, 'lbmetrictable', playbook) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/lbvserver.py b/utils/source/generate_integration_tests/nitro_resource_tests/lbvserver.py new file mode 100644 index 000000000..bcb57a39b --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/lbvserver.py @@ -0,0 +1,247 @@ +from . import * + +resources = { + 'lbvservers': [ + { + 'name': 'resource-lb-vserver-1', + 'servicetype': 'HTTP', + 'ipv46': '10.60.44.22', + 'port': '8080', + }, + { + 'name': 'resource-lb-vserver-2', + 'servicetype': 'HTTP', + 'ipv46': '10.60.44.23', + 'port': '8080', + }, + ], +} + +lbvserver_step = functools.partial( + generate_step, + workflow_key='lbvserver', + resource=copy.deepcopy(resources['lbvservers'][0]) +) + +lbvserver_modified_resource = copy.deepcopy(resources['lbvservers'][0]) +lbvserver_modified_resource['port'] = '9090' +lbvserver_modified_step = functools.partial( + generate_step, + workflow_key='lbvserver', + resource=lbvserver_modified_resource +) +def generate_spilloverpolicy_bindings(args): + playbook = [] + local_resources = { + 'spilloverpolicies': [ + od([ + ('name', 'spillover-policy-1'), + ('rule', 'SYS.VSERVER("vserver").RESPTIME.GT(100)'), + ('action', 'spillover'), + ]), + od([ + ('name', 'spillover-policy-2'), + ('rule', 'SYS.VSERVER("vserver").THROUGHPUT.LT(100)'), + ('action', 'spillover'), + ]) + ], + + 'lbvserver_spilloverpolicy_bindings': [ + od([ + ('name', resources['lbvservers'][0]['name']), + ('bindpoint', 'REQUEST'), + ('policyname', 'spillover-policy-1'), + ('priority', 100), + ]), + od([ + ('name', resources['lbvservers'][0]['name']), + ('bindpoint', 'REQUEST'), + ('policyname', 'spillover-policy-2'), + ('priority', 101), + ]), + ] + } + + spilloverpolicy_steps = [] + for policy in local_resources['spilloverpolicies']: + step = functools.partial( + generate_step, + workflow_key='spilloverpolicy', + resource=copy.deepcopy(policy) + ) + spilloverpolicy_steps.append(step) + + single_binding_step = functools.partial( + generate_step, + workflow_key='lbvserver_spilloverpolicy_binding', + resource=copy.deepcopy(local_resources['lbvserver_spilloverpolicy_bindings'][0]) + ) + + bindings_list_all_bindings_step = functools.partial( + generate_bindings_list_step, + workflow_key='lbvserver_spilloverpolicy_binding', + resource=copy.deepcopy(local_resources['lbvserver_spilloverpolicy_bindings']) + ) + + resource = copy.deepcopy(local_resources['lbvserver_spilloverpolicy_bindings'][:-1]) + bindings_list_one_binding_step = functools.partial( + generate_bindings_list_step, + workflow_key='lbvserver_spilloverpolicy_binding', + resource=resource, + ) + + # Prerequisites create for spillover policy bindings + playbook.append(lbvserver_step(state='present', check_mode='no')) + playbook.append(spilloverpolicy_steps[0](state='present', check_mode='no')) + playbook.append(spilloverpolicy_steps[1](state='present', check_mode='no')) + + + # Single binding + playbook.append(single_binding_step(state='present', check_mode='no')) + playbook.append(single_binding_step(state='absent', check_mode='no')) + + # Bindings list + playbook.append(bindings_list_all_bindings_step(state='present', check_mode='no')) + playbook.append(bindings_list_one_binding_step(state='present', check_mode='no')) + playbook.append(bindings_list_all_bindings_step(state='present', check_mode='no')) + playbook.append(bindings_list_all_bindings_step(state='absent', check_mode='no')) + + # Check for missing bound object + playbook.append(lbvserver_step(state='absent', check_mode='no')) + playbook.append(bindings_list_all_bindings_step(state='absent', check_mode='no')) + + + # Prerequisites delete for spillover policy bindings + playbook.append(lbvserver_step(state='absent', check_mode='no')) + playbook.append(spilloverpolicy_steps[0](state='absent', check_mode='no')) + playbook.append(spilloverpolicy_steps[1](state='absent', check_mode='no')) + + + save_test(args, 'lbvserver_spilloverpolicy_bindings', playbook) + +def generate_service_bindings(args): + playbook = [] + local_resources = { + 'services': [ + { + 'name': 'service-http-1', + 'servicetype': 'HTTP', + 'ip': '10.78.0.1', + 'port': '80', + }, + { + 'name': 'service-http-2', + 'servicetype': 'HTTP', + 'ip': '10.78.0.2', + 'port': '80', + }, + ], + 'lbvserver_service_bindings': [ + { + 'name': 'resource-lb-vserver-1', + 'servicename': 'service-http-1', + }, + { + 'name': 'resource-lb-vserver-1', + 'servicename': 'service-http-2', + }, + ], + } + service_steps = [] + for service in local_resources['services']: + + step = functools.partial( + generate_step, + workflow_key='service', + resource=copy.deepcopy(service) + ) + service_steps.append(step) + + single_binding_step = functools.partial( + generate_step, + workflow_key='lbvserver_service_binding', + resource=copy.deepcopy(local_resources['lbvserver_service_bindings'][0]) + ) + + resource = copy.deepcopy(local_resources['lbvserver_service_bindings']) + + all_bindings_step = functools.partial( + generate_bindings_list_step, + workflow_key='lbvserver_service_binding', + resource=resource, + ) + + resource = copy.deepcopy(local_resources['lbvserver_service_bindings'][:-1]) + all_bindings_fewer_step = functools.partial( + generate_bindings_list_step, + workflow_key='lbvserver_service_binding', + resource=resource, + ) + + + # Prerequisites create for service bindings + playbook.append(lbvserver_step(state='present', check_mode='no')) + playbook.append(service_steps[0](state='present', check_mode='no')) + playbook.append(service_steps[1](state='present', check_mode='no')) + + # Single binding + full_cycle(playbook, single_binding_step, cycle='present') + full_cycle(playbook, single_binding_step, cycle='absent') + + # Bindings list + full_cycle(playbook, all_bindings_step, cycle='present') + full_cycle(playbook, all_bindings_fewer_step, cycle='present') + full_cycle(playbook, all_bindings_step, cycle='present') + full_cycle(playbook, all_bindings_step, cycle='absent') + + # Prerequisites delete for service bindings + playbook.append(lbvserver_step(state='absent', check_mode='no')) + playbook.append(service_steps[0](state='absent', check_mode='no')) + playbook.append(service_steps[1](state='present', check_mode='no')) + + save_test(args, 'lbvserver_service_bindings', playbook) + +def generate_analyticsprofile_bindings(args): + playbook = [] + local_resources = { + 'lbvserver_analyticsprofile_binding': { + 'name': resources['lbvservers'][0]['name'], + 'analyticsprofile': 'ns_analytics_default_http_profile' + } + } + + lbvserver_analyticsprofile_binding_step = functools.partial( + generate_step, + workflow_key='lbvserver_analyticsprofile_binding', + resource=local_resources['lbvserver_analyticsprofile_binding'], + ) + # Prerequisites create for service bindings + playbook.append(lbvserver_step(state='present', check_mode='no')) + + full_cycle(playbook, lbvserver_analyticsprofile_binding_step, cycle='present') + full_cycle(playbook, lbvserver_analyticsprofile_binding_step, cycle='absent') + + # Prerequisites delete for service bindings + playbook.append(lbvserver_step(state='absent', check_mode='no')) + + save_test(args, 'lbvserver_analyticsprofile_bindings', playbook) + +def generate_all(args): + playbook = [] + + + # Sanitize before full cycle tests + playbook.append(lbvserver_step(state='absent', check_mode='no')) + + # Full cycle present, update and delete + full_cycle(playbook, lbvserver_step, cycle='present') + full_cycle(playbook, lbvserver_modified_step, cycle='present') + full_cycle(playbook, lbvserver_modified_step, cycle='absent') + + + save_test(args, 'lbvserver', playbook) + + # Bindings + generate_service_bindings(args) + generate_spilloverpolicy_bindings(args) + generate_analyticsprofile_bindings(args) diff --git a/utils/source/generate_integration_tests/nitro_resource_tests/spillover.py b/utils/source/generate_integration_tests/nitro_resource_tests/spillover.py new file mode 100644 index 000000000..20d66cd76 --- /dev/null +++ b/utils/source/generate_integration_tests/nitro_resource_tests/spillover.py @@ -0,0 +1,36 @@ +from . import * + +def generate_all(args): + playbook = [] + resources = { + 'spilloverpolicy': { + 'name': 'myspilloverpolicy', + 'rule': 'SYS.VSERVER("vserver").RESPTIME.GT(100)', + 'action': 'spillover', + 'comment': 'original comment', + }, + } + + policy_step = functools.partial( + generate_step, + workflow_key='spilloverpolicy', + resource=copy.deepcopy(resources['spilloverpolicy']) + ) + + resource = copy.deepcopy(resources['spilloverpolicy']) + resource['comment'] = 'new comment' + policy_modified_step = functools.partial( + generate_step, + workflow_key='spilloverpolicy', + resource=resource, + ) + + # Make sure starting state is clear + playbook.append(policy_step(state='absent', check_mode='no')) + + # Full cycles for lbgroup and standalone bindings + full_cycle(playbook, policy_step, cycle='present') + full_cycle(playbook, policy_modified_step, cycle='present') + full_cycle(playbook, policy_modified_step, cycle='absent') + + save_test(args, 'spilloverpolicy', playbook) diff --git a/utils/source/nitro_resource_utils/generate_workflows.py b/utils/source/nitro_resource_utils/generate_workflows.py new file mode 100644 index 000000000..08cf9fed3 --- /dev/null +++ b/utils/source/nitro_resource_utils/generate_workflows.py @@ -0,0 +1,443 @@ +import os +import json +import argparse +import pyaml +from collections import OrderedDict as od + +HERE = os.path.dirname(os.path.abspath(os.path.realpath(__file__))) + + +def create_basic_section_workflows(args, workflows): + workflows['server'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'server'), + ('primary_id_attribute', 'name'), + ('resource_missing_errorcode', '258'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'server')), + ]) + + workflows['service'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'service'), + ('primary_id_attribute', 'name'), + ('resource_missing_errorcode', '344'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'service')), + ]) + + workflows['servicegroup'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'servicegroup'), + ('primary_id_attribute', 'servicegroupname'), + ('resource_missing_errorcode', '258'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'servicegroup')), + ]) + + workflows['service_lbmonitor_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'service_lbmonitor_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'service_lbmonitor_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'service_lbmonitor_binding')[0]), + ]) + + workflows['servicegroup_lbmonitor_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'servicegroup_lbmonitor_binding'), + ('bound_resource_missing_errorcode', '351'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'servicegroup_lbmonitor_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'servicegroup_lbmonitor_binding')[0]), + ]) + +def create_lb_section_workflows(args, workflows): + + workflows['lbgroup'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'lbgroup'), + ('primary_id_attribute', 'name'), + ('resource_missing_errorcode', '258'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'lbgroup')), + ]) + + workflows['lbgroup_lbvserver_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbgroup_lbvserver_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbgroup_lbvserver_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbgroup_lbvserver_binding')[0]), + ]) + + workflows['lbvserver'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'lbvserver'), + ('primary_id_attribute', 'name'), + ('resource_missing_errorcode', '258'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'lbvserver')), + ]) + + workflows['lbvserver_analyticsprofile_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_analyticsprofile_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_analyticsprofile_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_analyticsprofile_binding')[0]), + ]) + + workflows['lbvserver_appflowpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_appflowpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_appflowpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_appflowpolicy_binding')[0]), + ]) + + workflows['lbvserver_appfwpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_appfwpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_appfwpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_appfwpolicy_binding')[0]), + ]) + + workflows['lbvserver_appqoepolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_appqoepolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_appqoepolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_appqoepolicy_binding')[0]), + ]) + + workflows['lbvserver_auditnslogpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_auditnslogpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_auditnslogpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_auditnslogpolicy_binding')[0]), + ]) + + workflows['lbvserver_auditsyslogpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_auditsyslogpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_auditsyslogpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_auditsyslogpolicy_binding')[0]), + ]) + + workflows['lbvserver_authorizationpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_authorizationpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_authorizationpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_authorizationpolicy_binding')[0]), + ]) + + workflows['lbvserver_cachepolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_cachepolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_cachepolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_cachepolicy_binding')[0]), + ]) + + workflows['lbvserver_capolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_capolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_capolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_capolicy_binding')[0]), + ]) + + workflows['lbvserver_cmppolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_cmppolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_cmppolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_cmppolicy_binding')[0]), + ]) + + workflows['lbvserver_csvserver_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_csvserver_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_csvserver_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_csvserver_binding')[0]), + ]) + + workflows['lbvserver_dnspolicy64_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_dnspolicy64_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_dnspolicy64_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_dnspolicy64_binding')[0]), + ]) + + workflows['lbvserver_feopolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_feopolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_feopolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_feopolicy_binding')[0]), + ]) + + workflows['lbvserver_filterpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_filterpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_filterpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_filterpolicy_binding')[0]), + ]) + + workflows['lbvserver_pqpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_pqpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_pqpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_pqpolicy_binding')[0]), + ]) + + workflows['lbvserver_responderpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_responderpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_responderpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_responderpolicy_binding')[0]), + ]) + + workflows['lbvserver_rewritepolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_rewritepolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_rewritepolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_rewritepolicy_binding')[0]), + ]) + + workflows['lbvserver_scpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_scpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_scpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_scpolicy_binding')[0]), + ]) + + workflows['lbvserver_servicegroupmember_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_servicegroupmember_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_servicegroupmember_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_servicegroupmember_binding')[0]), + ]) + + workflows['lbvserver_servicegroup_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_servicegroup_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_servicegroup_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_servicegroup_binding')[0]), + ]) + + workflows['lbvserver_service_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_service_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_service_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_service_binding')[0]), + ]) + + workflows['lbvserver_spilloverpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_spilloverpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_spilloverpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_spilloverpolicy_binding')[0]), + ]) + + workflows['lbvserver_transformpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_transformpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_transformpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_transformpolicy_binding')[0]), + ]) + + workflows['lbvserver_contentinspectionpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_contentinspectionpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_contentinspectionpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_contentinspectionpolicy_binding')[0]), + ]) + + workflows['lbvserver_videooptimizationdetectionpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_videooptimizationdetectionpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_videooptimizationdetectionpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_videooptimizationdetectionpolicy_binding')[0]), + ]) + + workflows['lbvserver_videooptimizationpacingpolicy_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbvserver_videooptimizationpacingpolicy_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbvserver_videooptimizationpacingpolicy_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbvserver_videooptimizationpacingpolicy_binding')[0]), + ]) + + + workflows['lbmetrictable'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'lbmetrictable'), + ('primary_id_attribute', 'metrictable'), + ('resource_missing_errorcode', '258'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'lbmetrictable')), + ]) + + workflows['lbmetrictable_metric_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbmetrictable_metric_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbmetrictable_metric_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbmetrictable_metric_binding')[0]), + ]) + + workflows['lbmonitor'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'lbmonitor'), + ('primary_id_attribute', 'monitorname'), + ('resource_missing_errorcode', '258'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'lbmonitor')), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbmonitor')[0]), + ]) + + workflows['lbmonitor_metric_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbmonitor_metric_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbmonitor_metric_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbmonitor_metric_binding')[0]), + ]) + + workflows['lbmonitor_sslcertkey_binding'] = od([ + ('lifecycle', 'binding'), + ('endpoint', 'lbmonitor_sslcertkey_binding'), + ('bound_resource_missing_errorcode', '258'), + ('primary_id_attribute', _get_bindig_id_attributes(args, 'lbmonitor_sslcertkey_binding')[1]), + ('delete_id_attributes', _get_bindig_id_attributes(args, 'lbmonitor_sslcertkey_binding')[0]), + ]) + + workflows['lbprofile'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'lbprofile'), + ('primary_id_attribute', 'lbprofilename'), + ('resource_missing_errorcode', '3574'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'lbprofile')), + ]) + + workflows['lbroute'] = od([ + ('lifecycle', 'non_updateable_object'), + ('endpoint', 'lbroute'), + ('primary_id_attribute', 'network'), + ('resource_missing_errorcode', '258'), + ('delete_id_attributes', _filter_delete_id_attributes(args, 'lbroute', ['network'])), + ]) + + workflows['lbroute6'] = od([ + ('lifecycle', 'non_updateable_object'), + ('endpoint', 'lbroute6'), + ('primary_id_attribute', 'network'), + ('resource_missing_errorcode', '258'), + ('delete_id_attributes', _filter_delete_id_attributes(args, 'lbroute6', ['network'])), + ]) + + +def create_spillover_section_workflows(args, workflows): + workflows['spilloverpolicy'] = od([ + ('lifecycle', 'object'), + ('endpoint', 'spilloverpolicy'), + ('primary_id_attribute', 'name'), + ('resource_missing_errorcode', '2054'), + ('allow_recreate', 'true'), + ('non_updateable_attributes', _get_non_updateable_attributes(args, 'spilloverpolicy')), + ]) + +def get_workflows(args): + workflows = od() + + create_basic_section_workflows(args, workflows) + create_lb_section_workflows(args, workflows) + + create_spillover_section_workflows(args, workflows) + + return { 'workflow': workflows } + +def _filter_delete_id_attributes(args, nitro_object, exclude_attributes): + # This for objects where we cannot find the primary id by the is_get_id attribute + # So we define it explicitly + delete_ids = _get_bindig_id_attributes(args, nitro_object, primary_required=False)[0] + for excluded in exclude_attributes: + if excluded not in delete_ids: + raise Exception('Missing excluded attribute "%s"' % excluded) + delete_ids.remove(excluded) + return delete_ids + +def _get_non_updateable_attributes(args, nitro_object): + + for item in os.listdir(args.nitro_api_defines): + item_path = os.path.join(args.nitro_api_defines, item) + if item == '%s.json' % nitro_object: + with open(item_path, 'r') as fh: + json_data = json.load(fh) + non_updateables = [] + for option in json_data: + if not option['is_updateable']: + non_updateables.append(option['option_name']) + return non_updateables + else: + raise Exception('Cannot find json source for %s' % nitro_object) + +def _get_bindig_id_attributes(args, nitro_object, primary_required=True): + + for item in os.listdir(args.nitro_api_defines): + item_path = os.path.join(args.nitro_api_defines, item) + if item == '%s.json' % nitro_object: + with open(item_path, 'r') as fh: + json_data = json.load(fh) + delete_ids = [] + primary_ids = [] + for option in json_data: + if option['is_get_id']: + primary_ids.append(option['option_name']) + if option['is_delete_id'] and not option['is_get_id']: + delete_ids.append(option['option_name']) + if len(primary_ids) != 1: + if primary_required: + raise Exception('Found inappropriate primary ids %s' % primary_ids) + else: + return delete_ids, None + + # Fallthrough + return delete_ids, primary_ids[0] + + else: + raise Exception('Cannot find json source for %s' % nitro_object) + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument('--nitro-api-defines', required=True) + parser.add_argument('--output', required=True) + + args = parser.parse_args() + workflows = get_workflows(args) + with open(args.output, 'w') as fh: + pyaml.dump(workflows, fh, vspacing=[1,1]) + +if __name__ == '__main__': + main() diff --git a/utils/source/nitro_resource_utils/workflows.yaml b/utils/source/nitro_resource_utils/workflows.yaml new file mode 100644 index 000000000..fce4d0d86 --- /dev/null +++ b/utils/source/nitro_resource_utils/workflows.yaml @@ -0,0 +1,438 @@ +workflow: + + server: + lifecycle: object + endpoint: server + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - domain + - state + - ipv6address + - td + - querytype + - delay + - graceful + - Internal + - newname + + service: + lifecycle: object + endpoint: service + primary_id_attribute: name + resource_missing_errorcode: 344 + allow_recreate: true + non_updateable_attributes: + - ip + - servername + - servicetype + - port + - cleartextport + - cachetype + - state + - td + - riseapbrstatsmsgcode + - delay + - graceful + - all + - Internal + - newname + + servicegroup: + lifecycle: object + endpoint: servicegroup + primary_id_attribute: servicegroupname + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - servicetype + - cachetype + - td + - state + - autoscale + - memberport + - riseapbrstatsmsgcode + - delay + - graceful + - includemembers + - newname + + service_lbmonitor_binding: + lifecycle: binding + endpoint: service_lbmonitor_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - monitor_name + + servicegroup_lbmonitor_binding: + lifecycle: binding + endpoint: servicegroup_lbmonitor_binding + bound_resource_missing_errorcode: 351 + primary_id_attribute: servicegroupname + delete_id_attributes: + - monitor_name + - port + + lbgroup: + lifecycle: object + endpoint: lbgroup + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - newname + + lbgroup_lbvserver_binding: + lifecycle: binding + endpoint: lbgroup_lbvserver_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - vservername + + lbvserver: + lifecycle: object + endpoint: lbvserver + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - servicetype + - port + - range + - state + - td + - redirurlflags + - newname + + lbvserver_analyticsprofile_binding: + lifecycle: binding + endpoint: lbvserver_analyticsprofile_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - analyticsprofile + + lbvserver_appflowpolicy_binding: + lifecycle: binding + endpoint: lbvserver_appflowpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_appfwpolicy_binding: + lifecycle: binding + endpoint: lbvserver_appfwpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_appqoepolicy_binding: + lifecycle: binding + endpoint: lbvserver_appqoepolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_auditnslogpolicy_binding: + lifecycle: binding + endpoint: lbvserver_auditnslogpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_auditsyslogpolicy_binding: + lifecycle: binding + endpoint: lbvserver_auditsyslogpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_authorizationpolicy_binding: + lifecycle: binding + endpoint: lbvserver_authorizationpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_cachepolicy_binding: + lifecycle: binding + endpoint: lbvserver_cachepolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_capolicy_binding: + lifecycle: binding + endpoint: lbvserver_capolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_cmppolicy_binding: + lifecycle: binding + endpoint: lbvserver_cmppolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_csvserver_binding: + lifecycle: binding + endpoint: lbvserver_csvserver_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: [] + + lbvserver_dnspolicy64_binding: + lifecycle: binding + endpoint: lbvserver_dnspolicy64_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_feopolicy_binding: + lifecycle: binding + endpoint: lbvserver_feopolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_filterpolicy_binding: + lifecycle: binding + endpoint: lbvserver_filterpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_pqpolicy_binding: + lifecycle: binding + endpoint: lbvserver_pqpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_responderpolicy_binding: + lifecycle: binding + endpoint: lbvserver_responderpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_rewritepolicy_binding: + lifecycle: binding + endpoint: lbvserver_rewritepolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_scpolicy_binding: + lifecycle: binding + endpoint: lbvserver_scpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_servicegroupmember_binding: + lifecycle: binding + endpoint: lbvserver_servicegroupmember_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: [] + + lbvserver_servicegroup_binding: + lifecycle: binding + endpoint: lbvserver_servicegroup_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - servicegroupname + - servicename + + lbvserver_service_binding: + lifecycle: binding + endpoint: lbvserver_service_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - servicename + - servicegroupname + + lbvserver_spilloverpolicy_binding: + lifecycle: binding + endpoint: lbvserver_spilloverpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - bindpoint + - priority + + lbvserver_transformpolicy_binding: + lifecycle: binding + endpoint: lbvserver_transformpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_contentinspectionpolicy_binding: + lifecycle: binding + endpoint: lbvserver_contentinspectionpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_videooptimizationdetectionpolicy_binding: + lifecycle: binding + endpoint: lbvserver_videooptimizationdetectionpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_videooptimizationpacingpolicy_binding: + lifecycle: binding + endpoint: lbvserver_videooptimizationpacingpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbmetrictable: + lifecycle: object + endpoint: lbmetrictable + primary_id_attribute: metrictable + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: [] + + lbmetrictable_metric_binding: + lifecycle: binding + endpoint: lbmetrictable_metric_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: metrictable + delete_id_attributes: + - metric + + lbmonitor: + lifecycle: object + endpoint: lbmonitor + primary_id_attribute: monitorname + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - servicename + - servicegroupname + delete_id_attributes: + - type + - respcode + + lbmonitor_metric_binding: + lifecycle: binding + endpoint: lbmonitor_metric_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: monitorname + delete_id_attributes: + - metric + + lbmonitor_sslcertkey_binding: + lifecycle: binding + endpoint: lbmonitor_sslcertkey_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: monitorname + delete_id_attributes: + - certkeyname + - ca + + lbprofile: + lifecycle: object + endpoint: lbprofile + primary_id_attribute: lbprofilename + resource_missing_errorcode: 3574 + allow_recreate: true + non_updateable_attributes: [] + + lbroute: + lifecycle: non_updateable_object + endpoint: lbroute + primary_id_attribute: network + resource_missing_errorcode: 258 + delete_id_attributes: + - netmask + - td + + lbroute6: + lifecycle: non_updateable_object + endpoint: lbroute6 + primary_id_attribute: network + resource_missing_errorcode: 258 + delete_id_attributes: + - td + + spilloverpolicy: + lifecycle: object + endpoint: spilloverpolicy + primary_id_attribute: name + resource_missing_errorcode: 2054 + allow_recreate: true + non_updateable_attributes: + - newname From 748ddde93057fe0e9f53d824ac37c5167f0ddd2f Mon Sep 17 00:00:00 2001 From: George Nikolopoulos Date: Thu, 19 Dec 2019 17:38:09 +0200 Subject: [PATCH 3/5] Add nitro resource samples --- samples/nitro_resource/object.yaml | 20 + .../nitro_resource/object_with_bindings.yaml | 53 +++ .../object_with_bindings_list.yaml | 75 +++ samples/nitro_resource/workflows.yaml | 437 ++++++++++++++++++ 4 files changed, 585 insertions(+) create mode 100644 samples/nitro_resource/object.yaml create mode 100644 samples/nitro_resource/object_with_bindings.yaml create mode 100644 samples/nitro_resource/object_with_bindings_list.yaml create mode 100644 samples/nitro_resource/workflows.yaml diff --git a/samples/nitro_resource/object.yaml b/samples/nitro_resource/object.yaml new file mode 100644 index 000000000..c999906c6 --- /dev/null +++ b/samples/nitro_resource/object.yaml @@ -0,0 +1,20 @@ +- hosts: citrix_adc + + gather_facts: False + vars_files: + - workflows.yaml + + tasks: + - name: Setup nitro resource lb group + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: present + + workflow: "{{ workflow.lbgroup }}" + + resource: + name: mylbgroup + timeout: 150 diff --git a/samples/nitro_resource/object_with_bindings.yaml b/samples/nitro_resource/object_with_bindings.yaml new file mode 100644 index 000000000..2c29f8730 --- /dev/null +++ b/samples/nitro_resource/object_with_bindings.yaml @@ -0,0 +1,53 @@ +- hosts: citrix_adc + + gather_facts: False + vars_files: + - workflows.yaml + vars: + state: present + + tasks: + + - name: Setup lb group + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: "{{ workflow.lbgroup }}" + + resource: + name: mylbgroup + timeout: 150 + + - name: Setup lb vserver + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: "{{ workflow.lbvserver }}" + + resource: + name: resource-lb-vserver + servicetype: HTTP + ipv46: 10.60.44.22 + port: 8080 + + - name: Setup lbgroup lbvserver binding + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: "{{ workflow.lbgroup_lbvserver_binding }}" + + resource: + name: mylbgroup + vservername: resource-lb-vserver diff --git a/samples/nitro_resource/object_with_bindings_list.yaml b/samples/nitro_resource/object_with_bindings_list.yaml new file mode 100644 index 000000000..d6f660509 --- /dev/null +++ b/samples/nitro_resource/object_with_bindings_list.yaml @@ -0,0 +1,75 @@ +- hosts: citrix_adc + + gather_facts: False + vars_files: + - workflows.yaml + + vars: + state: present + + tasks: + + - name: Setup lb group + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: "{{ workflow.lbgroup }}" + + resource: + name: mylbgroup + timeout: 150 + + - name: Setup lb vserver + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: "{{ workflow.lbvserver }}" + + resource: + name: resource-lb-vserver-1 + servicetype: HTTP + ipv46: 10.60.44.23 + port: 8080 + + - name: Setup additional lb vserver + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: "{{ workflow.lbvserver }}" + + resource: + name: resource-lb-vserver-2 + servicetype: HTTP + ipv46: 10.60.44.24 + port: 8080 + + - name: Setup lbgroup lbvserver binding + delegate_to: localhost + citrix_adc_nitro_resource: + nsip: "{{ nsip }}" + nitro_user: "{{ nitro_user }}" + nitro_pass: "{{ nitro_pass }}" + state: "{{ state }}" + + workflow: + lifecycle: bindings_list + binding_workflow: "{{ workflow.lbgroup_lbvserver_binding }}" + + resource: + bindings_list: + - name: mylbgroup + vservername: resource-lb-vserver-1 + - name: mylbgroup + vservername: resource-lb-vserver-2 diff --git a/samples/nitro_resource/workflows.yaml b/samples/nitro_resource/workflows.yaml new file mode 100644 index 000000000..8960d440d --- /dev/null +++ b/samples/nitro_resource/workflows.yaml @@ -0,0 +1,437 @@ +workflow: + + server: + lifecycle: object + endpoint: server + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - domain + - state + - ipv6address + - td + - querytype + - delay + - graceful + - Internal + - newname + + service: + lifecycle: object + endpoint: service + primary_id_attribute: name + resource_missing_errorcode: 344 + allow_recreate: true + non_updateable_attributes: + - ip + - servername + - servicetype + - port + - cleartextport + - cachetype + - state + - td + - riseapbrstatsmsgcode + - delay + - graceful + - all + - Internal + - newname + + servicegroup: + lifecycle: object + endpoint: servicegroup + primary_id_attribute: servicegroupname + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - servicetype + - cachetype + - td + - state + - autoscale + - memberport + - riseapbrstatsmsgcode + - delay + - graceful + - includemembers + - newname + + service_lbmonitor_binding: + lifecycle: binding + endpoint: service_lbmonitor_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - monitor_name + + servicegroup_lbmonitor_binding: + lifecycle: binding + endpoint: servicegroup_lbmonitor_binding + bound_resource_missing_errorcode: 351 + primary_id_attribute: servicegroupname + delete_id_attributes: + - monitor_name + - port + + lbgroup: + lifecycle: object + endpoint: lbgroup + primary_id_attribute: name + resource_missing_errorcode: 258 + non_updateable_attributes: + - newname + + lbgroup_lbvserver_binding: + lifecycle: binding + endpoint: lbgroup_lbvserver_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - vservername + + lbvserver: + lifecycle: object + endpoint: lbvserver + primary_id_attribute: name + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - servicetype + - port + - range + - state + - td + - redirurlflags + - newname + + lbvserver_analyticsprofile_binding: + lifecycle: binding + endpoint: lbvserver_analyticsprofile_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - analyticsprofile + + lbvserver_appflowpolicy_binding: + lifecycle: binding + endpoint: lbvserver_appflowpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_appfwpolicy_binding: + lifecycle: binding + endpoint: lbvserver_appfwpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_appqoepolicy_binding: + lifecycle: binding + endpoint: lbvserver_appqoepolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_auditnslogpolicy_binding: + lifecycle: binding + endpoint: lbvserver_auditnslogpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_auditsyslogpolicy_binding: + lifecycle: binding + endpoint: lbvserver_auditsyslogpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_authorizationpolicy_binding: + lifecycle: binding + endpoint: lbvserver_authorizationpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_cachepolicy_binding: + lifecycle: binding + endpoint: lbvserver_cachepolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_capolicy_binding: + lifecycle: binding + endpoint: lbvserver_capolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_cmppolicy_binding: + lifecycle: binding + endpoint: lbvserver_cmppolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_csvserver_binding: + lifecycle: binding + endpoint: lbvserver_csvserver_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: [] + + lbvserver_dnspolicy64_binding: + lifecycle: binding + endpoint: lbvserver_dnspolicy64_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_feopolicy_binding: + lifecycle: binding + endpoint: lbvserver_feopolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_filterpolicy_binding: + lifecycle: binding + endpoint: lbvserver_filterpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_pqpolicy_binding: + lifecycle: binding + endpoint: lbvserver_pqpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_responderpolicy_binding: + lifecycle: binding + endpoint: lbvserver_responderpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_rewritepolicy_binding: + lifecycle: binding + endpoint: lbvserver_rewritepolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_scpolicy_binding: + lifecycle: binding + endpoint: lbvserver_scpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_servicegroupmember_binding: + lifecycle: binding + endpoint: lbvserver_servicegroupmember_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: [] + + lbvserver_servicegroup_binding: + lifecycle: binding + endpoint: lbvserver_servicegroup_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - servicegroupname + - servicename + + lbvserver_service_binding: + lifecycle: binding + endpoint: lbvserver_service_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - servicename + - servicegroupname + + lbvserver_spilloverpolicy_binding: + lifecycle: binding + endpoint: lbvserver_spilloverpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - bindpoint + - priority + + lbvserver_transformpolicy_binding: + lifecycle: binding + endpoint: lbvserver_transformpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_contentinspectionpolicy_binding: + lifecycle: binding + endpoint: lbvserver_contentinspectionpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_videooptimizationdetectionpolicy_binding: + lifecycle: binding + endpoint: lbvserver_videooptimizationdetectionpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbvserver_videooptimizationpacingpolicy_binding: + lifecycle: binding + endpoint: lbvserver_videooptimizationpacingpolicy_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: name + delete_id_attributes: + - policyname + - priority + - bindpoint + + lbmetrictable: + lifecycle: object + endpoint: lbmetrictable + primary_id_attribute: metrictable + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: [] + + lbmetrictable_metric_binding: + lifecycle: binding + endpoint: lbmetrictable_metric_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: metrictable + delete_id_attributes: + - metric + + lbmonitor: + lifecycle: object + endpoint: lbmonitor + primary_id_attribute: monitorname + resource_missing_errorcode: 258 + allow_recreate: true + non_updateable_attributes: + - servicename + - servicegroupname + delete_id_attributes: + - type + - respcode + + lbmonitor_metric_binding: + lifecycle: binding + endpoint: lbmonitor_metric_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: monitorname + delete_id_attributes: + - metric + + lbmonitor_sslcertkey_binding: + lifecycle: binding + endpoint: lbmonitor_sslcertkey_binding + bound_resource_missing_errorcode: 258 + primary_id_attribute: monitorname + delete_id_attributes: + - certkeyname + - ca + + lbprofile: + lifecycle: object + endpoint: lbprofile + primary_id_attribute: lbprofilename + resource_missing_errorcode: 3574 + allow_recreate: true + non_updateable_attributes: [] + + lbroute: + lifecycle: non_updateable_object + endpoint: lbroute + primary_id_attribute: network + resource_missing_errorcode: 258 + delete_id_attributes: + - netmask + - td + + lbroute6: + lifecycle: non_updateable_object + endpoint: lbroute6 + primary_id_attribute: network + resource_missing_errorcode: 258 + delete_id_attributes: + - td + + spilloverpolicy: + lifecycle: object + endpoint: spilloverpolicy + primary_id_attribute: name + resource_missing_errorcode: 2054 + allow_recreate: true + non_updateable_attributes: + - newname From 33837f7228ed70bd76b9043977b471be181293bd Mon Sep 17 00:00:00 2001 From: George Nikolopoulos Date: Thu, 19 Dec 2019 17:40:38 +0200 Subject: [PATCH 4/5] Update servicegroup module documentation --- ansible-modules/citrix_adc_servicegroup.py | 114 ++++++++++++++---- documentation_fragments/netscaler.py | 2 +- .../basic/citrix_adc_servicegroup.template | 12 +- 3 files changed, 101 insertions(+), 27 deletions(-) diff --git a/ansible-modules/citrix_adc_servicegroup.py b/ansible-modules/citrix_adc_servicegroup.py index 15fc92e27..c2b1a466a 100644 --- a/ansible-modules/citrix_adc_servicegroup.py +++ b/ansible-modules/citrix_adc_servicegroup.py @@ -37,6 +37,7 @@ (-) characters. Can be changed after the name is created. - "Minimum length = 1" type: str + servicetype: choices: - 'HTTP' @@ -84,6 +85,7 @@ description: - "Protocol used to exchange data with the service." type: str + cachetype: choices: - 'TRANSPARENT' @@ -92,6 +94,7 @@ description: - "Cache type supported by the cache server." type: str + td: description: - >- @@ -100,12 +103,14 @@ - "Minimum value = C(0)" - "Maximum value = C(4094)" type: str + maxclient: description: - "Maximum number of simultaneous open connections for the service group." - "Minimum value = C(0)" - "Maximum value = C(4294967294)" type: str + maxreq: description: - "Maximum number of requests that can be sent on a persistent connection to the service group." @@ -113,11 +118,13 @@ - "Minimum value = C(0)" - "Maximum value = C(65535)" type: str + cacheable: description: - "Use the transparent cache redirection virtual server to forward the request to the cache server." - "Note: Do not set this parameter if you set the Cache Type." type: bool + cip: choices: - 'enabled' @@ -125,6 +132,7 @@ description: - "Insert the Client IP header in requests forwarded to the service." type: str + cipheader: description: - >- @@ -133,6 +141,7 @@ IP Header parameter or the value set by the set ns config command is used as client's IP header name. - "Minimum length = 1" type: str + usip: description: - >- @@ -140,14 +149,17 @@ setting, which is the default, a mapped IP (MIP) address or subnet IP (SNIP) address is used as the IP address to initiate server side connections. type: bool + pathmonitor: description: - "Path monitoring for clustering." type: bool + pathmonitorindv: description: - "Individual Path monitoring decisions." type: bool + useproxyport: description: - >- @@ -155,6 +167,7 @@ the client-side connection port is used as the source port for the server-side connection. - "Note: This parameter is available only when the Use Source IP (USIP) parameter is set to YES." type: bool + healthmonitor: description: - "Monitor the health of this service. Available settings function as follows:" @@ -163,48 +176,58 @@ NO - Do not send probes to check the health of the service. With the NO option, the appliance shows service as UP at all times. type: bool + sc: description: - "State of the SureConnect feature for the service group." type: bool + sp: description: - "Enable surge protection for the service group." type: bool + rtspsessionidremap: description: - "Enable RTSP session ID mapping for the service group." type: bool + clttimeout: description: - "Time, in seconds, after which to terminate an idle client connection." - "Minimum value = C(0)" - "Maximum value = C(31536000)" type: int + svrtimeout: description: - "Time, in seconds, after which to terminate an idle server connection." - "Minimum value = C(0)" - "Maximum value = C(31536000)" type: int + cka: description: - "Enable client keep-alive for the service group." type: bool + tcpb: description: - "Enable TCP buffering for the service group." type: bool + cmp: description: - "Enable compression for the specified service." type: bool + maxbandwidth: description: - "Maximum bandwidth, in Kbps, allocated for all the services in the service group." - "Minimum value = C(0)" - "Maximum value = C(4294967287)" type: str + monthreshold: description: - >- @@ -213,6 +236,7 @@ - "Minimum value = C(0)" - "Maximum value = C(65535)" type: str + downstateflush: choices: - 'enabled' @@ -222,22 +246,26 @@ Flush all active transactions associated with all the services in the service group whose state from UP to DOWN. Do not enable this option for applications that must complete their transactions. type: str + tcpprofilename: description: - "Name of the TCP profile that contains TCP configuration settings for the service group." - "Minimum length = 1" - "Maximum length = 127" type: str + httpprofilename: description: - "Name of the HTTP profile that contains HTTP configuration settings for the service group." - "Minimum length = 1" - "Maximum length = 127" type: str + comment: description: - "Any information about the service group." type: str + appflowlog: choices: - 'enabled' @@ -245,12 +273,14 @@ description: - "Enable logging of AppFlow information for the specified service group." type: str + netprofile: description: - "Network profile for the service group." - "Minimum length = 1" - "Maximum length = 127" type: str + autoscale: choices: - 'DISABLED' @@ -261,16 +291,19 @@ description: - "Auto scale option for a servicegroup." type: str + memberport: description: - "member port." type: int + autodisablegraceful: description: - >- Indicates graceful shutdown of the service. System will wait for all outstanding connections to this to be closed before disabling the service. type: bool + autodisabledelay: description: - >- @@ -280,6 +313,7 @@ will not be sent to the service. Instead, they will be load balanced among other available services. the delay time expires, no new requests or connections will be sent to the service. type: str + monconnectionclose: choices: - 'RESET' @@ -289,17 +323,20 @@ Close monitoring connections by sending the service a connection termination message with the bit set. type: str + servername: description: - "Name of the server to which to bind the service group." - "Minimum length = 1" type: str + port: description: - "Server port number." - "Range 1 - 65535" - "* in CLI is represented as 65535 in NITRO API" type: int + weight: description: - >- @@ -309,14 +346,17 @@ - "Minimum value = C(1)" - "Maximum value = C(100)" type: str + customserverid: description: - "The identifier for this IP:Port pair. Used when the persistency type is set to Custom Server ID." type: str + serverid: description: - "The identifier for the service. This is used when the persistency type is set to Custom Server ID." type: str + hashid: description: - >- @@ -324,32 +364,38 @@ based load balancing methods. - "Minimum value = C(1)" type: str + nameserver: description: - >- Specify the nameserver to which the query for bound domain needs to be sent. If not specified, use global nameserver. type: str + dbsttl: description: - >- Specify the TTL for DNS record for domain based service.The default value of ttl is 0 which indicates use the TTL received in DNS response for monitors. type: str + monitor_name_svc: description: - "Name of the monitor bound to the service group. Used to assign a weight to the monitor." - "Minimum length = 1" type: str + dup_weight: description: - "weight of the monitor that is bound to servicegroup." - "Minimum value = C(1)" type: str + riseapbrstatsmsgcode: description: - "The code indicating the rise apbr status." type: int + delay: description: - >- @@ -358,10 +404,12 @@ Requests from new clients are load balanced among other available services. After the delay time no requests are sent to the service, and the service is marked as unavailable (OUT OF SERVICE). type: str + graceful: description: - "Wait for all existing connections to the service to terminate before shutting down the service." type: bool + includemembers: description: - >- @@ -369,7 +417,10 @@ service group name is provided in the command. In that case, the details displayed for each service are identical to the details displayed when a service group name is provided, except that bound are not displayed. - type: booldisabled: + type: bool + + + disabled: description: - When set to C(true) the server state will be set to C(disabled). - When set to C(false) the server state will be set to C(enabled). @@ -392,7 +443,7 @@ - Any bindings defined in the attributes list that also exist on the target Citrix ADC will be removed. - Existing bindings that are not on the attributes list remain unaffected. - If mode is C(dsapi): - - The desired state api will be used to bind/unbind members. + - The desired state API will be used to bind/unbind members. - As far as selection is concerned it is identical to the C(exact) method. - In this mode a result of C(changed=true) will always be reported. - The reason is in order to capitalize on the speed of the desired state API we do not read the existing members from the servicegroup. @@ -410,12 +461,14 @@ ip: description: - "IP Address." - type: strport: + type: str + port: description: - "Server port number." - "Range 1 - 65535" - "* in CLI is represented as 65535 in NITRO API" - type: intweight: + type: int + weight: description: - >- Weight to assign to the servers in the service group. Specifies the capacity of the servers relative @@ -423,34 +476,41 @@ of requests sent to the service. - "Minimum value = C(1)" - "Maximum value = C(100)" - type: strservername: + type: str + servername: description: - "Name of the server to which to bind the service group." - "Minimum length = 1" - type: strcustomserverid: + type: str + customserverid: description: - "The identifier for this IP:Port pair. Used when the persistency type is set to Custom Server ID." - type: strserverid: + type: str + serverid: description: - "The identifier for the service. This is used when the persistency type is set to Custom Server ID." - type: strstate: + type: str + state: choices: - 'enabled' - 'disabled' description: - "Initial state of the service group." - type: strhashid: + type: str + hashid: description: - >- The hash identifier for the service. This must be unique for each service. This parameter is used by based load balancing methods. - "Minimum value = C(1)" - type: strnameserver: + type: str + nameserver: description: - >- Specify the nameserver to which the query for bound domain needs to be sent. If not specified, use global nameserver. - type: strdbsttl: + type: str + dbsttl: description: - >- Specify the TTL for DNS record for domain based service.The default value of ttl is 0 which indicates @@ -484,13 +544,15 @@ monitor_name: description: - "Monitor name." - type: strmonstate: + type: str + monstate: choices: - 'enabled' - 'disabled' description: - "Monitor state." - type: strweight: + type: str + weight: description: - >- Weight to assign to the servers in the service group. Specifies the capacity of the servers relative @@ -498,40 +560,48 @@ of requests sent to the service. - "Minimum value = C(1)" - "Maximum value = C(100)" - type: strpassive: + type: str + passive: description: - >- Indicates if load monitor is passive. A passive load monitor does not remove service from LB decision threshold is breached. - type: boolport: + type: bool + port: description: - "Port number of the service. Each service must have a unique port number." - "Range 1 - 65535" - "* in CLI is represented as 65535 in NITRO API" - type: intcustomserverid: + type: int + customserverid: description: - >- Unique service identifier. Used when the persistency type for the virtual server is set to Custom ID. - type: strserverid: + type: str + serverid: description: - "The identifier for the service. This is used when the persistency type is set to Custom Server ID." - type: strstate: + type: str + state: choices: - 'enabled' - 'disabled' description: - "Initial state of the service after binding." - type: strhashid: + type: str + hashid: description: - "Unique numerical identifier used by hash based load balancing methods to identify a service." - "Minimum value = C(1)" - type: strnameserver: + type: str + nameserver: description: - >- Specify the nameserver to which the query for bound domain needs to be sent. If not specified, use global nameserver. - type: strdbsttl: + type: str + dbsttl: description: - >- Specify the TTL for DNS record for domain based service.The default value of ttl is 0 which indicates @@ -1651,4 +1721,4 @@ def main(): if __name__ == '__main__': - main() \ No newline at end of file + main() diff --git a/documentation_fragments/netscaler.py b/documentation_fragments/netscaler.py index a663c2321..259d46905 100644 --- a/documentation_fragments/netscaler.py +++ b/documentation_fragments/netscaler.py @@ -56,7 +56,7 @@ class ModuleDocFragment(object): mas_proxy_call: description: - If true the underlying NITRO API calls made by the module will be proxied through a MAS node to the target Netscaler instance. - - When true you must also define the following options: I(nitro_auth_token), I(instance_ip). + - "When true you must also define the following options: I(nitro_auth_token), I(instance_ip)." type: bool default: false version_added: "2.6.0" diff --git a/utils/source/templates/basic/citrix_adc_servicegroup.template b/utils/source/templates/basic/citrix_adc_servicegroup.template index f83f050ab..388afa669 100644 --- a/utils/source/templates/basic/citrix_adc_servicegroup.template +++ b/utils/source/templates/basic/citrix_adc_servicegroup.template @@ -36,8 +36,8 @@ options: - >-#{% for line_item in line %} {{ line_item }}#{% endfor %}#{% else %} - {{ line }}#{% endif %}#{% endfor %}#{% if item.type is defined %} - type: {{ item.type }}#{% endif -%} -#{% endfor -%} + type: {{ item.type }}#{% endif %} +#{% endfor %} disabled: description: @@ -77,7 +77,9 @@ options: attributes: type: list suboptions: - #{% for item in servicemembers.doc_list %}{{ item.option_name }}:#{% if item.choices is defined %} + #{%- for item in servicemembers.doc_list %} + {{ item.option_name }}: + #{%- if item.choices is defined %} choices:#{% for choice in item.choices %} - '{{ choice }}'#{% endfor %}#{% endif %} description:#{% for line in item.description %}#{% if line is not string %} @@ -110,7 +112,9 @@ options: attributes: type: list suboptions: - #{% for item in monitor_bindings.doc_list %}{{ item.option_name }}:#{% if item.choices is defined %} + #{%- for item in monitor_bindings.doc_list %} + {{ item.option_name }}: + #{%- if item.choices is defined %} choices:#{% for choice in item.choices %} - '{{ choice }}'#{% endfor %}#{% endif %} description:#{% for line in item.description %}#{% if line is not string %} From 8c9dbc9d3dd507c961b3da369929cce9d23ac250 Mon Sep 17 00:00:00 2001 From: George Nikolopoulos Date: Thu, 19 Dec 2019 17:40:55 +0200 Subject: [PATCH 5/5] Update README --- README.md | 87 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 52 insertions(+), 35 deletions(-) diff --git a/README.md b/README.md index b051ae281..8e9e3a663 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,31 @@ This repository provides [Ansible](https://www.ansible.com) modules for configu The code here should be considered alpha quality and may be broken at times due to experiments and refactoring. Tagged releases should be stable. The most stable version will be availble with Ansible automatically. +## Table of contents + +* [Module renaming](#module-renaming) +* [Documentation](#documentation) +* [List of implemented modules](#list-of-implemented-modules) + - [`citrix_adc_nitro_resource` workflows list](#citrix_adc_nitro_resource-workflows-list) +* [Pre-requisites](#pre-requisites) +* [Installation](#installation) + - [Using `virtualenv` (recommended)](#using-virtualenv-recommended) + - [Global install](#global-install) +* [Usage](#usage) + - [Citrix ADM proxied calls](#citrix-adm-proxied-calls) +* [Citrix ADC connection plugin](#citrix-adc-connection-plugin) + - [Installation](#installation) + - [Usage](#usage-1) + - [Citrix ADC and standard Ansible modules in a single playbook](#citrix-adc-and-standard-ansible-modules-in-a-single-playbook) +* [What if there is no module for your configuration?](#what-if-there-is-no-module-for-your-configuration) + - [Use the citrix\_adc\_nitro\_request module](#use-the-citrix_adc_nitro_request-module) + - [Use the citrix\_adc\_nitro\_resource module.](#use-the-citrix_adc_nitro_resource-module) + - [Use the connection plugin with the `shell` Ansible module](#use-the-connection-plugin-with-the-shell-ansible-module) +* [Directory structure](#directory-structure) +* [LICENSE](#license) +* [COPYRIGHT](#copyright) + + ## Module renaming Note that as of this [commit](https://github.com/citrix/netscaler-ansible-modules/commit/b53935432646741d9af27d9617480517a28aa86d) @@ -21,7 +46,9 @@ module names will differ depending on where they were installed from. ## Documentation -Documentation is hosted at [readthedocs](http://netscaler-ansible.readthedocs.io/). +Extended documentation is hosted at [readthedocs](http://netscaler-ansible.readthedocs.io/). + +## List of implemented modules Currently the following modules are implemented @@ -49,6 +76,7 @@ Currently the following modules are implemented * citrix\_adc\_lb\_monitor - Manage load balancing monitors * citrix\_adc\_lb\_vserver - Manage load balancing vserver configuration * citrix\_adc\_nitro\_request - Issue Nitro API requests to a Netscaler instance +* citrix\_adc\_nitro\_resource - Create, update, delete resources on Citrix ADC * citrix\_adc\_save\_config - Save Netscaler configuration * citrix\_adc\_server - Manage server configuration * citrix\_adc\_service - Manage service configuration in Netscaler @@ -66,6 +94,14 @@ Currently the following modules are implemented * citrix\_adm\_stylebook - Create or delete Citrix ADM stylebooks * citrix\_adm\_tenant\_facts - Retrieve facts about Citrix ADM tenants +### `citrix_adc_nitro_resource` workflows list + +The following NITRO API endpoints have their workflow dictionaries available +for use with the `citrix_adc_nitro_resource` module. + +The workflows yaml file can be found [here](utils/source/nitro_resource_utils/workflows.yaml). + +lbvserver\_spilloverpolicy\_binding, lbvserver\_pqpolicy\_binding, lbgroup\_lbvserver\_binding, lbvserver\_auditnslogpolicy\_binding, lbroute6, lbvserver\_filterpolicy\_binding, lbvserver\_dnspolicy64\_binding, lbvserver\_responderpolicy\_binding, lbmetrictable, lbvserver\_cmppolicy\_binding, lbvserver\_cachepolicy\_binding, lbvserver\_servicegroup\_binding, spilloverpolicy, servicegroup, lbvserver\_videooptimizationdetectionpolicy\_binding, lbmetrictable\_metric\_binding, lbvserver\_servicegroupmember\_binding, service, lbvserver\_transformpolicy\_binding, lbvserver\_auditsyslogpolicy\_binding, lbmonitor\_sslcertkey\_binding, lbvserver\_appqoepolicy\_binding, lbvserver\_authorizationpolicy\_binding, server, lbvserver\_service\_binding, lbgroup, lbvserver\_contentinspectionpolicy\_binding, lbvserver\_appflowpolicy\_binding, lbroute, lbvserver\_feopolicy\_binding, lbvserver\_rewritepolicy\_binding, lbvserver\_csvserver\_binding, lbmonitor, lbvserver\_appfwpolicy\_binding, service\_lbmonitor\_binding, lbvserver\_scpolicy\_binding, servicegroup\_lbmonitor\_binding, lbvserver, lbmonitor\_metric\_binding, lbvserver\_videooptimizationpacingpolicy\_binding, lbvserver\_capolicy\_binding, lbprofile, lbvserver\_analyticsprofile\_binding ## Pre-requisites @@ -92,18 +128,6 @@ If the ansible installation is on a dirctory that requires root access, the inst If the isntallation script fails and you know where ansible is located on your system you can do a manual installation. Just copy the contents of the ansible-modules directory to the extras module directory and the netscaler.py file to the module_utils directory of ansible. -### Backport for Ansible 2.4.x - -The modules are developed against the latest development version of ansible. - -Some changes made by the core ansible developers caused the modules to lose backwards portability to ansible 2.4. - -If you need the latest version of the modules present in this repository and are restricted to using ansible 2.4 you can use -the backport branch [backport_2.4](https://github.com/citrix/netscaler-ansible-modules/tree/backport_2.4) which -contains the fixes needed for the modules to run under ansible 2.4 while also containing the latest changes. - -This branch will be kept up to date with the master branch. - ## Usage All modules are intended to be run on the ansible control machine or a jumpserver with access to the Citrix NetScaler appliance. @@ -115,9 +139,9 @@ Detailed documentation for each module can be found in the htmldoc directory. Documentation regarding the Citrix NetScaler appliance configuration in general can be found at the following link, http://docs.citrix.com/en-us/netscaler/11-1.html -### MAS proxied calls +### Citrix ADM proxied calls -There is also the ability to proxy module NITRO calls through a MAS to a target Netscaler. +There is also the ability to proxy module NITRO calls through a Citrix ADM to a target ADC. In order to do that you need a NITRO Python SDK that has the MAS proxy calls capability and also follow these 2 steps. @@ -178,33 +202,26 @@ and provides the resulting NITRO API response in a well defined return value. You can find examples of using the module in this [folder](samples/nitro_request) -### Use the roles leveraging citrix\_adc\_nitro\_request module +### Use the citrix\_adc\_nitro\_resource module. -Using the citrix\_adc\_nitro\_request module is quite barebones as all workflow -must be handled by the user. +The `citrix_adc_nitro_resource` module can be used to create, update and delete +NITRO objects. -A step up in functionality are the roles that leverage this module to provide -a more complex workflow that resembles that of a fully fledged module. +It has the same base parameters as the other modules for connecting to the ADC. -Roles invoke the citrix\_adc\_nitro\_request module multiple times and -also have logic programmed into them to apply the correct operation -under the current configuration state. +Its most important attributes are the `workflow` parameter which determines +the execution of the module with respect to how the NITRO object will be created, updated +or deleted and the `resource` parameter which contains the actual attributes +for the NITRO resource. -Using a role to create a configuration entity is different from calling -the generic citrix\_adc\_nitro\_request module, since the role will -search for the configuration item and if it exists it will compare it -to the configuration input. +The workflows dictionaries published so far can be found [here](utils/source/nitro_resource_utils/workflows.yaml). -Depending on the processing result it will either create, update, recreate, delete or simply -do a noop for the configuration passed. It will also populate an output variable -that will contain information for the processing that took place and the user -can test these values to see what actually happened. +Examples can be found in this [folder](samples/nitro_resource). -Additionally roles provide a `dry_run` option during which no actual change is made -but the output variables are populated just as in a normal run. This is useful to verify -that given a configuration the operations performed will be what the user expects. +Extended documentation can be found [here](https://netscaler-ansible.readthedocs.io/en/latest/generic_modules/nitro_resource.html). -Examples can be found in this [folder](samples/recipes) +If an endpoint cannot be found in the existing workflows file please open an issue +so that we can investigate if this endpoint is covered by the existing workflows and publish its dictionary. ### Use the connection plugin with the `shell` Ansible module