Try SpotterManages F5 BIG-IP GTM FirePass monitors
| "added in version" 1.0.0 of f5networks.f5_modules"
Authors: Tim Rupp (@caphrim007), Wojciech Wypior (@wojtek0806)
Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0
collections:
- name: f5networks.f5_modules
version: 1.28.0Manages F5 BIG-IP GTM (now BIG-IP DNS) FirePass monitors.
- name: Create a GTM FirePass monitor
bigip_gtm_monitor_firepass:
name: my_monitor
ip: 1.1.1.1
port: 80
state: present
provider:
user: admin
password: secret
server: lb.mydomain.com
delegate_to: localhost
- name: Remove FirePass Monitor
bigip_gtm_monitor_firepass:
name: my_monitor
state: absent
provider:
user: admin
password: secret
server: lb.mydomain.com
delegate_to: localhost
- name: Add FirePass monitor for all addresses, port 514
bigip_gtm_monitor_firepass:
name: my_monitor
port: 514
provider:
user: admin
password: secret
server: lb.mydomain.com
delegate_to: localhost
ip:
description:
- IP address part of the IP/port definition. If this parameter is not provided when
creating a new monitor, the default value is '*'.
- If this value is an IP address, a C(port) number must be specified.
type: str
name:
description:
- Monitor name.
required: true
type: str
port:
description:
- Port address part of the IP/port definition. If this parameter is not provided when
creating a new monitor, the default value is '*'. Note that if specifying an IP
address, a value between 1 and 65535 must be specified.
type: str
state:
choices:
- present
- absent
default: present
description:
- When C(present), ensures the monitor exists.
- When C(absent), ensures the monitor is removed.
type: str
parent:
default: /Common/firepass_gtm
description:
- The parent template of this monitor template. Once this value has been set, it cannot
be changed. By default, this value is the C(tcp) parent on the C(Common) partition.
type: str
timeout:
description:
- The number of seconds in which the node or service must respond to the monitor request.
If the target responds within the set time period, it is considered up. If the target
does not respond within the set time period, it is considered down. You can change
this to any number, however, it should be 3 times the interval number of seconds
plus 1 second.
- If this parameter is not provided when creating a new monitor, the default value
is 90.
type: int
interval:
description:
- The interval specifying how frequently the monitor instance of this template runs.
- If this parameter is not provided when creating a new monitor, then the default
value is 30.
- This value B(must) be less than the C(timeout) value.
type: int
provider:
description:
- A dict object containing connection details.
suboptions:
auth_provider:
description:
- Configures the auth provider for to obtain authentication tokens from the remote
device.
- This option is really used when working with BIG-IQ devices.
type: str
no_f5_teem:
default: false
description:
- If C(yes), TEEM telemetry data is not sent to F5.
- You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF).
- Previously used variable C(F5_TEEM) is deprecated as its name was confusing.
type: bool
password:
aliases:
- pass
- pwd
description:
- The password for the user account used to connect to the BIG-IP or the BIG-IQ.
- You may omit this option by setting the environment variable C(F5_PASSWORD).
required: true
type: str
server:
description:
- The BIG-IP host or the BIG-IQ host.
- You may omit this option by setting the environment variable C(F5_SERVER).
required: true
type: str
server_port:
default: 443
description:
- The BIG-IP server port.
- You may omit this option by setting the environment variable C(F5_SERVER_PORT).
type: int
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- rest
default: rest
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
user:
description:
- The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative
privileges on the device.
- You may omit this option by setting the environment variable C(F5_USER).
required: true
type: str
validate_certs:
default: true
description:
- If C(no), SSL certificates are not validated. Use this only on personally controlled
sites using self-signed certificates.
- You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS).
type: bool
type: dict
version_added: 1.0.0
version_added_collection: f5networks.f5_modules
partition:
default: Common
description:
- Device partition to manage resources on.
type: str
cipher_list:
description:
- Specifies the list of ciphers for this monitor.
- The items in the cipher list are separated with the colon C(:) symbol.
- When creating a new monitor, if this parameter is not specified, the default list
is C(HIGH:!ADH).
type: str
probe_timeout:
description:
- Specifies the number of seconds after which the system times out the probe request
to the system.
- When creating a new monitor, if this parameter is not provided, the default value
is C(5).
type: int
target_password:
description:
- Specifies the password, if the monitored target requires authentication.
type: str
target_username:
description:
- Specifies the user name, if the monitored target requires authentication.
type: str
update_password:
choices:
- always
- on_create
default: always
description:
- C(always) updates passwords if the C(target_password) is specified.
- C(on_create) only sets the password for newly created monitors.
type: str
max_load_average:
description:
- Specifies the number the monitor uses to mark the Secure Access Manager system up
or down.
- The system compares the Max Load Average setting against a one-minute average of
the Secure Access Manager system load.
- When the Secure Access Manager system-load average falls within the specified Max
Load Average, the monitor marks the Secure Access Manager system up.
- When the average exceeds the setting, the monitor marks the system down.
- When creating a new monitor, if this parameter is not specified, the default is
C(12).
type: int
concurrency_limit:
description:
- Specifies the maximum percentage of licensed connections currently in use under
which the monitor marks the Secure Access Manager system up.
- As an example, a setting of 95 percent means that the monitor marks the Secure Access
Manager system up until 95 percent of licensed connections are in use.
- When the number of in-use licensed connections exceeds 95 percent, the monitor marks
the Secure Access Manager system down.
- When creating a new monitor, if this parameter is not specified, the default is
C(95).
type: int
ignore_down_response:
description:
- Specifies the monitor allows more than one probe attempt per interval.
- When C(true), specifies the monitor ignores down responses for the duration of the
monitor timeout. Once the monitor timeout is reached without the system receiving
an up response, the system marks the object down.
- When C(no), specifies the monitor immediately marks an object down when it receives
a down response.
- When creating a new monitor, if this parameter is not provided, the default value
is C(false).
type: bool
cipher_list: description: The new value for the cipher list. returned: changed sample: +3DES:+kEDH type: str concurrency_limit: description: The new value for the concurrency limit. returned: changed sample: 95 type: int ignore_down_response: description: Whether to ignore the down response or not. returned: changed sample: true type: bool interval: description: The new interval in which to run the monitor check. returned: changed sample: 2 type: int ip: description: The new IP of IP/port definition. returned: changed sample: 10.12.13.14 type: str max_load_average: description: The new value for the max load average. returned: changed sample: 12 type: int parent: description: New parent template of the monitor. returned: changed sample: firepass_gtm type: str port: description: The new port the monitor checks the resource on. returned: changed sample: 8080 type: str probe_timeout: description: The new timeout in which the system will timeout the monitor probe. returned: changed sample: 10 type: int timeout: description: The new timeout in which the remote system must respond to the monitor. returned: changed sample: 10 type: int