Try SpotterManage SSL termination for a Rackspace Cloud Load Balancer.
| "added in version" 2.0 of ansible.builtin"
Authors: Ash Wilson (@smashwilson)
preview | supported by community
pipInstall with pip install ansible==2.9.27
Set up, reconfigure, or remove SSL termination for an existing load balancer.
- name: Enable SSL termination on a load balancer
rax_clb_ssl:
loadbalancer: the_loadbalancer
state: present
private_key: "{{ lookup('file', 'credentials/server.key' ) }}"
certificate: "{{ lookup('file', 'credentials/server.crt' ) }}"
intermediate_certificate: "{{ lookup('file', 'credentials/trust-chain.crt') }}"
secure_traffic_only: true
wait: true
- name: Disable SSL termination
rax_clb_ssl:
loadbalancer: "{{ registered_lb.balancer.id }}"
state: absent
wait: true
env:
description:
- Environment as configured in I(~/.pyrax.cfg), see U(https://github.com/rackspace/pyrax/blob/master/docs/getting_started.md#pyrax-configuration).
type: str
wait:
default: false
description:
- Wait for the balancer to be in state "running" before turning.
type: bool
state:
choices:
- present
- absent
default: present
description:
- If set to "present", SSL termination will be added to this load balancer.
- If "absent", SSL termination will be removed instead.
region:
description:
- Region to create an instance in.
type: str
api_key:
aliases:
- password
description:
- Rackspace API key, overrides I(credentials).
type: str
enabled:
default: true
description:
- If set to "false", temporarily disable SSL termination without discarding
- existing credentials.
type: bool
username:
description:
- Rackspace username, overrides I(credentials).
type: str
tenant_id:
description:
- The tenant ID used for authentication.
type: str
certificate:
description:
- The public SSL certificates as a string in PEM format.
credentials:
aliases:
- creds_file
description:
- File to find the Rackspace credentials in. Ignored if I(api_key) and I(username)
are provided.
type: path
private_key:
description:
- The private SSL key as a string in PEM format.
secure_port:
default: 443
description:
- The port to listen for secure traffic.
tenant_name:
description:
- The tenant name used for authentication.
type: str
loadbalancer:
description:
- Name or ID of the load balancer on which to manage SSL termination.
required: true
wait_timeout:
default: 300
description:
- How long before "wait" gives up, in seconds.
auth_endpoint:
description:
- The URI of the authentication service.
- If not specified will be set to U(https://identity.api.rackspacecloud.com/v2.0/)
type: str
identity_type:
default: rackspace
description:
- Authentication mechanism to use, such as rackspace or keystone.
type: str
https_redirect:
description:
- If "true", the load balancer will redirect HTTP traffic to HTTPS.
- Requires "secure_traffic_only" to be true. Incurs an implicit wait if SSL
- termination is also applied or removed.
type: bool
validate_certs:
aliases:
- verify_ssl
description:
- Whether or not to require SSL validation of API endpoints.
type: bool
secure_traffic_only:
default: false
description:
- If "true", the load balancer will *only* accept secure traffic.
type: bool
intermediate_certificate:
description:
- One or more intermediate certificate authorities as a string in PEM
- format, concatenated into a single string.