f5networks / f5networks.f5_modules / 1.28.0 / module / bigip_data_group Manage data groups on a BIG-IP | "added in version" 1.0.0 of f5networks.f5_modules" Authors: Tim Rupp (@caphrim007), Wojciech Wypior (@wojtek0806), Greg Crosby (@crosbygw)f5networks.f5_modules.bigip_data_group (1.28.0) — module
Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0
collections: - name: f5networks.f5_modules version: 1.28.0
Allows for managing data groups on a BIG-IP. Data groups provide a way to store collections of values on a BIG-IP for later use in things such as LTM rules, iRules, and ASM policies.
- name: Create a data group of addresses bigip_data_group: name: foo internal: true records: - key: 0.0.0.0/32 value: External_NAT - key: 10.10.10.10 value: No_NAT type: address provider: password: secret server: lb.mydomain.com user: admin delegate_to: localhost
- name: Create a data group of strings bigip_data_group: name: foo internal: true records: - key: caddy value: "" - key: cafeteria value: "" - key: cactus value: "" type: string provider: password: secret server: lb.mydomain.com user: admin delegate_to: localhost
- name: Create a data group of IP addresses from a file bigip_data_group: name: foo records_src: /path/to/dg-file type: address provider: password: secret server: lb.mydomain.com user: admin delegate_to: localhost
- name: Update an existing internal data group of strings bigip_data_group: name: foo internal: true records: - key: caddy value: "" - key: cafeteria value: "" - key: cactus value: "" provider: password: secret server: lb.mydomain.com user: admin delegate_to: localhost
- name: Show the data format expected for records_content - address 1 copy: dest: /path/to/addresses.txt content: | network 10.0.0.0 prefixlen 8 := "Network1", network 172.16.0.0 prefixlen 12 := "Network2", network 192.168.0.0 prefixlen 16 := "Network3", network 2402:9400:1000:0:: prefixlen 64 := "Network4", host 192.168.20.1 := "Host1", host 172.16.1.1 := "Host2", host 172.16.1.1 := "Host3", host 2001:0db8:85a3:0000:0000:8a2e:0370:7334 := "Host4", host 2001:0db8:85a3:0000:0000:8a2e:0370:7334 := "Host5"
- name: Show the data format expected for records_content - address 2 copy: dest: /path/to/addresses.txt content: | 10.0.0.0/8 := "Network1", 172.16.0.0/12 := "Network2", 192.168.0.0/16 := "Network3", 2402:9400:1000:0::/64 := "Network4", 192.168.20.1 := "Host1", 172.16.1.1 := "Host2", 172.16.1.1/32 := "Host3", 2001:0db8:85a3:0000:0000:8a2e:0370:7334 := "Host4", 2001:0db8:85a3:0000:0000:8a2e:0370:7334/128 := "Host5"
- name: Show the data format expected for records_content - string copy: dest: /path/to/strings.txt content: | a := alpha, b := bravo, c := charlie, x := x-ray, y := yankee, z := zulu,
- name: Show the data format expected for records_content - integer copy: dest: /path/to/integers.txt content: | 1 := bar, 2 := baz, 3, 4,
name: description: - Specifies the name of the data group. required: true type: str type: choices: - address - addr - ip - string - integer - int default: string description: - The type of records in this data group. - This parameter is important because it causes the BIG-IP to store your data in different ways to optimize access to it. For example, it would be wrong to specify a list of records containing IP addresses, but label them as a C(string) type. - This value cannot be changed once the data group is created. type: str state: choices: - present - absent default: present description: - When C(state) is C(present), ensures the data group exists. - When C(state) is C(absent), ensures the data group is removed. - The use of state in this module refers to the entire data group, not its members. type: str records: description: - Specifies the records you want to add to a data group. - If you have a large number of records, we recommend you use C(records_src) instead of typing all those records here. - The technical limit of either the number of records, or the total size of all records. Varies with the size of the total resources on your system; in particular, RAM. - When C(internal) is C(false), at least one record must be specified in either C(records) or C(records_src). - 'When C(type) is: C(ip), C(address), C(addr) if the addresses use a non-default route domain, they must be explicit about it, meaning they must contain a route domain notation C(%) e.g. 10.10.1.1%11. This is true regardless if the data group resides in a partition or not.' elements: raw suboptions: key: description: - The key describing the record in the data group. - The key will be used for validation of the C(type) parameter to this module. required: true type: str value: description: - The value of the key describing the record in the data group. type: raw type: list internal: default: false description: - The type of this data group. - You should only consider setting this value in cases where you know exactly what you are doing, B(or), you are working with a pre-existing internal data group. - Be aware that if you deliberately force this parameter to C(true), and you have a either a large number of records or a large total records size, this large amount of data will be reflected in your BIG-IP configuration. This can lead to B(long) system configuration load times due to parsing and verifying the large configuration. - When this parameter is C(true), there is a limit for uploads of either 4 megabytes or 65,000 records, whichever is more restrictive. - This value cannot be changed once the data group is created. type: bool provider: description: - A dict object containing connection details. suboptions: auth_provider: description: - Configures the auth provider for to obtain authentication tokens from the remote device. - This option is really used when working with BIG-IQ devices. type: str no_f5_teem: default: false description: - If C(yes), TEEM telemetry data is not sent to F5. - You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF). - Previously used variable C(F5_TEEM) is deprecated as its name was confusing. type: bool password: aliases: - pass - pwd description: - The password for the user account used to connect to the BIG-IP or the BIG-IQ. - You may omit this option by setting the environment variable C(F5_PASSWORD). required: true type: str server: description: - The BIG-IP host or the BIG-IQ host. - You may omit this option by setting the environment variable C(F5_SERVER). required: true type: str server_port: default: 443 description: - The BIG-IP server port. - You may omit this option by setting the environment variable C(F5_SERVER_PORT). type: int timeout: description: - Specifies the timeout in seconds for communicating with the network device for either connecting or sending commands. If the timeout is exceeded before the operation is completed, the module will error. type: int transport: choices: - rest default: rest description: - Configures the transport connection to use when connecting to the remote device. type: str user: description: - The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative privileges on the device. - You may omit this option by setting the environment variable C(F5_USER). required: true type: str validate_certs: default: true description: - If C(no), SSL certificates are not validated. Use this only on personally controlled sites using self-signed certificates. - You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS). type: bool type: dict version_added: 1.0.0 version_added_collection: f5networks.f5_modules partition: default: Common description: - Device partition to manage resources on. type: str separator: default: := description: - When specifying C(records_src), this is the string of characters that will be used to break apart entries in the C(records_src) into key/value pairs. - By default, the value of this parameter is C(:=). - This value cannot be changed once it is set. - This parameter is only relevant when C(internal) is C(false). It will be ignored otherwise. type: str description: description: - The description of the data group. type: str records_src: description: - Path to a file with records in it. - The file should be well-formed. This means it includes records, one per line, that resemble the following format "key separator value". For example, C(foo := bar). - BIG-IP is strict about this format, but this module is a bit more lax. It will allow you to include arbitrary amounts (including none) of empty space on either side of the separator. For an illustration of this, see the Examples section. - Record keys are limited in length to no more than 65520 characters. - Values of record keys are limited in length to no more than 65520 characters. - The total number of records you can have in your BIG-IP is limited by the memory of the BIG-IP itself. - The format of this content is slightly different depending on whether you specify a C(type) of C(address), C(integer), or C(string). See the examples section for examples of the different types of payload formats that are expected in your data group file. - When C(internal) is C(false), at least one record must be specified in either C(records) or C(records_src). type: path external_file_name: description: - When creating a new data group, this specifies the file name you want to give an external data group file on the BIG-IP. - This parameter is ignored when C(internal) is C(true). - This parameter can be used to select an existing data group file to use with an existing external data group. - If this value is not provided, it will be given the value specified in C(name) and, therefore, match the name of the data group. - This value may only contain letters, numbers, underscores, dashes, or a period. type: str delete_data_group_file: default: false description: - When C(true), ensures the remote data group file is deleted. - This parameter is only relevant when C(state) is C(absent) and C(internal) is C(false). type: bool