netscaler.adc.lbmonitor module – Configuration for monitor resource.
Note
This module is part of the netscaler.adc collection (version 2.6.0).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install netscaler.adc.
To use it in a playbook, specify: netscaler.adc.lbmonitor.
New in netscaler.adc 2.0.0
Synopsis
Configuration for monitor resource.
Parameters
Parameter |
Comments |
|---|---|
List of Acct-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. |
|
Action to perform when the response to an inline monitor (a monitor of type HTTP-INLINE) indicates that the service is down. A service monitored by an inline monitor is considered Available settings function as follows: * * * Choices:
|
|
Number of consecutive probe failures after which the appliance generates an SNMP trap called monProbeFailed. |
|
Base NITRO API path. Define only in case of an ADM service proxy call Default: |
|
Name of the application used to determine the state of the service. Applicable to monitors of type CITRIX-XML-SERVICE. |
|
Attribute to evaluate when the LDAP server responds to the query. Success or failure of the monitoring probe depends on whether the attribute exists in the response. Optional. |
|
List of Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring CER message. |
|
The base distinguished name of the LDAP service, from where the LDAP server can begin the search for the attributes in the monitoring query. Required for LDAP service monitoring. |
|
The distinguished name with which an LDAP monitor can perform the Bind operation on the LDAP server. Optional. Applicable to LDAP monitors. |
|
Custom header string to include in the monitoring probes. |
|
Name of the database to connect to during authentication. |
|
IP address of the service to which to send probes. If the parameter is set to 0, the IP address of the server to which the monitor is bound is considered the destination IP address. |
|
TCP or UDP port to which to send the probe. If the parameter is set to 0, the port number of the service to which the monitor is bound is considered the destination port. For a monitor of type USER, however, the destination port is the port number that is included in the HTTP request sent to the dispatcher. Does not apply to monitors of type PING. |
|
Time value added to the learned average response time in dynamic response time monitoring (DRTM). When a deviation is specified, the appliance learns the average response time of bound services and adds the deviation to the average. The final value is then continually adjusted to accommodate response time variations over time. Specified in milliseconds, seconds, or minutes. |
|
IP address of the dispatcher to which to send the probe. |
|
Port number on which the dispatcher listens for the monitoring probe. |
|
Domain in which the XenDesktop Desktop Delivery Controller (DDC) servers or Web Interface servers are present. Required by CITRIX-XD-DDC and CITRIX-WI-EXTENDED monitors for logging on to the DDC servers and Web Interface servers, respectively. |
|
Time duration for which to wait before probing a service that has been marked as DOWN. Expressed in milliseconds, seconds, or minutes. |
|
Expression that evaluates the database server’s response to a MYSQL-ECV or MSSQL-ECV monitoring query. Must produce a Boolean result. The result determines the state of the server. If the expression returns TRUE, the probe succeeds. For example, if you want the appliance to evaluate the error message to determine the state of the server, use the rule MYSQL.RES.ROW(10) .TEXT_ELEM(2).EQ(“MySQL”). |
|
Number of retries that must fail, out of the number specified for the Retries parameter, for a service to be marked as DOWN. For example, if the Retries parameter is set to 10 and the Failure Retries parameter is set to 6, out of the ten probes sent, at least six probes must fail if the service is to be marked as DOWN. The default value of 0 means that all the retries must fail if the service is to be marked as DOWN. |
|
Name of a file on the FTP server. The appliance monitors the FTP service by periodically checking the existence of the file on the server. Applicable to FTP-EXTENDED monitors. |
|
Filter criteria for the LDAP query. Optional. |
|
Firmware-Revision value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. |
|
Name of a newsgroup available on the NNTP service that is to be monitored. The appliance periodically generates an NNTP query for the name of the newsgroup and evaluates the response. If the newsgroup is found on the server, the service is marked as UP. If the newsgroup does not exist or if the search fails, the service is marked as DOWN. Applicable to NNTP monitors. |
|
Option to enable or disable gRPC health check service. Choices:
|
|
Option to specify gRPC service name on which gRPC health check need to be performed |
|
gRPC status codes for which to mark the service as UP. The default value is 12(health check unimplemented). If the gRPC status code 0 is received from the backend this configuration is ignored. |
|
Host-IP-Address value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. If Host-IP-Address is not specified, the appliance inserts the mapped IP (MIP) address or subnet IP (SNIP) address from which the CER request (the monitoring probe) is sent. |
|
Hostname in the FQDN format (Example: porche.cars.org). Applicable to STOREFRONT monitors. |
|
HTTP request to send to the server (for example, “HEAD /file.html”). |
|
Inband-Security-Id for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. Choices:
|
|
Time interval between two successive probes. Must be greater than the value of Response Time-out. |
|
Set of IP addresses expected in the monitoring response from the DNS server, if the record type is A or AAAA. Applicable to DNS monitors. |
|
Send the monitoring probe to the service through an IP tunnel. A destination IP address must be specified. Choices:
|
|
KCD Account used by MSSQL monitor |
|
Version number of the Citrix Advanced Access Control Logon Agent. Required by the CITRIX-AAC-LAS monitor. |
|
Bindings for lbmonitor_metric_binding resource |
|
List of binding members Default: |
|
The mode in which to configure the bindings. If mode is set to If mode is set to If mode is set to Choices:
|
|
Bindings for lbmonitor_sslcertkey_binding resource |
|
List of binding members Default: |
|
The mode in which to configure the bindings. If mode is set to If mode is set to If mode is set to Choices:
|
|
Name of the logon point that is configured for the Citrix Access Gateway Advanced Access Control software. Required if you want to monitor the associated login page or Logon Agent. Applicable to CITRIX-AAC-LAS and CITRIX-AAC-LOGINPAGE monitors. |
|
Calculate the least response times for bound services. If this parameter is not enabled, the appliance does not learn the response times of the bound services. Also used for LRTM load balancing. Choices:
|
|
The ID of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call |
|
The IP of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call |
|
The name of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call |
|
The password of the managed NetScaler instance. Define only in case of an ADM service proxy call In Settings > Administration > System Configurations > Basic Settings, if you select Prompt Credentials for Instance Login, ensure to configure username and password of a managed instance. |
|
The username of the managed NetScaler instance. Define only in case of an ADM service proxy call In Settings > Administration > System Configurations > Basic Settings, if you select Prompt Credentials for Instance Login, ensure to configure username and password of a managed instance. |
|
Maximum number of hops that the SIP request used for monitoring can traverse to reach the server. Applicable only to monitors of type SIP-UDP. |
|
Metric name in the metric table, whose setting is changed. A value zero disables the metric and it will not be used for load calculation |
|
Metric table to which to bind metrics. |
|
Threshold to be used for that metric. |
|
The weight for the specified service metric with respect to others. |
|
Name for the monitor. Must begin with an ASCII alphanumeric or underscore (_) character, and must contain only ASCII alphanumeric, underscore, hash (#), period (.), space, colon (:), at (@), equals (=), and hyphen (-) characters. CLI Users: If the name includes one or more spaces, enclose the name in double or single quotation marks (for example, “my monitor” or ‘my monitor’). |
|
Client id to be used in Connect command |
|
Version of MQTT protocol used in connect message, default is version 3.1.1 [4] |
|
Version of MSSQL server that is to be monitored. Choices:
|
|
Name of the network profile. |
|
The IP address of the NetScaler ADC appliance acting as a proxy server. Define only in case of an ADM service proxy call Choices:
|
|
The authentication token provided by a login operation. |
|
The password with which to authenticate to the NetScaler ADC node. |
|
Which protocol to use when accessing the nitro API objects. Choices:
|
|
The username with which to authenticate to the NetScaler ADC node. |
|
The ip address of the NetScaler ADC appliance where the nitro API calls will be made. The port can be specified with the colon (:). E.g. 192.168.1.1:555. |
|
Name of the service identifier that is used to connect to the Oracle database during authentication. |
|
Origin-Host value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. |
|
Origin-Realm value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. |
|
Password that is required for logging on to the RADIUS, NNTP, FTP, FTP-EXTENDED, MYSQL, MSSQL, POP3, CITRIX-AG, CITRIX-XD-DDC, CITRIX-WI-EXTENDED, CITRIX-XNC-ECV or CITRIX-XDM server. Used in conjunction with the user name specified for the User Name parameter. |
|
Product-Name value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. |
|
Domain name to resolve as part of monitoring the DNS service (for example, example.com). |
|
Type of DNS record for which to send monitoring queries. Set to Choices:
|
|
Account Session ID to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING. |
|
Account Type to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING. |
|
Called Station Id to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING. |
|
Source ip with which the packet will go out . Applicable to monitors of type RADIUS_ACCOUNTING. |
|
Authentication key (shared secret text string) for RADIUS clients and servers to exchange. Applicable to monitors of type RADIUS and RADIUS_ACCOUNTING. |
|
Calling Stations Id to be used in Account Request Packet. Applicable to monitors of type RADIUS_ACCOUNTING. |
|
NAS-Identifier to send in the Access-Request packet. Applicable to monitors of type RADIUS. |
|
Network Access Server (NAS) IP address to use as the source IP address when monitoring a RADIUS server. Applicable to monitors of type RADIUS and RADIUS_ACCOUNTING. |
|
String expected from the server for the service to be marked as UP. Applicable to TCP-ECV, HTTP-ECV, and UDP-ECV monitors. |
|
Response codes for which to mark the service as UP. For any other response code, the action performed depends on the monitor type. HTTP monitors and RADIUS monitors mark the service as DOWN, while HTTP-INLINE monitors perform the action indicated by the Action parameter. |
|
Amount of time for which the appliance must wait before it marks a probe as FAILED. Must be less than the value specified for the Interval parameter. Note: For UDP-ECV monitors for which a receive string is not configured, response timeout does not apply. For UDP-ECV monitors with no receive string, probe failure is indicated by an ICMP port unreachable error received from the service. |
|
Response time threshold, specified as a percentage of the Response Time-out parameter. If the response to a monitor probe has not arrived when the threshold is reached, the appliance generates an SNMP trap called monRespTimeoutAboveThresh. After the response time returns to a value below the threshold, the appliance generates a monRespTimeoutBelowThresh SNMP trap. For the traps to be generated, the “MONITOR-RTO-THRESHOLD” alarm must also be enabled. |
|
Maximum number of probes to send to establish the state of a service for which a monitoring probe failed. |
|
Mark a service as DOWN, instead of UP, when probe criteria are satisfied, and as UP instead of DOWN when probe criteria are not satisfied. Choices:
|
|
RTSP request to send to the server (for example, “OPTIONS *”). |
|
If The module will not save the configuration on the NetScaler ADC node if it made no changes. Choices:
|
|
String of arguments for the script. The string is copied verbatim into the request. |
|
Path and name of the script to execute. The script must be available on the Citrix ADC, in the /nsconfig/monitors/ directory. |
|
Secondary password that users might have to provide to log on to the Access Gateway server. Applicable to CITRIX-AG monitors. |
|
Use a secure SSL connection when monitoring a service. Applicable only to TCP based monitors. The secure option cannot be used with a CITRIX-AG monitor, because a CITRIX-AG monitor uses a secure connection by default. Choices:
|
|
List of arguments for the script which should be secure |
|
String to send to the service. Applicable to TCP-ECV, HTTP-ECV, and UDP-ECV monitors. |
|
The name of the service group to which the monitor is to be bound. |
|
The name of the service to which the monitor is bound. |
|
SIP method to use for the query. Applicable only to monitors of type SIP-UDP. Choices:
|
|
SIP user to be registered. Applicable only if the monitor is of type SIP-UDP and the SIP Method parameter is set to REGISTER. |
|
SIP URI string to send to the service (for example, sip:sip.test). Applicable only to monitors of type SIP-UDP. |
|
URL of the logon page. For monitors of type CITRIX-WEB-INTERFACE, to monitor a dynamic page under the site path, terminate the site path with a slash (/). Applicable to CITRIX-WEB-INTERFACE, CITRIX-WI-EXTENDED and CITRIX-XDM monitors. |
|
Community name for SNMP monitors. |
|
SNMP OID for SNMP monitors. |
|
Threshold for SNMP monitors. |
|
SNMP version to be used for SNMP monitors. Choices:
|
|
SQL query for a MYSQL-ECV or MSSQL-ECV monitor. Sent to the database server after the server authenticates the connection. |
|
SSL Profile associated with the monitor |
|
The state of the resource being configured by the module on the NetScaler ADC node. When When When When When Choices:
|
|
Store the database list populated with the responses to monitor probes. Used in database specific load balancing if MSSQL-ECV/MYSQL-ECV monitor is configured. Choices:
|
|
Enable/Disable probing for Account Service. Applicable only to Store Front monitors. For multi-tenancy configuration users my skip account service Choices:
|
|
This option will enable monitoring of services running on storefront server. Storefront services are monitored by probing to a Windows service that runs on the Storefront server and exposes details of which storefront services are running. Choices:
|
|
Store Name. For monitors of type STOREFRONT, STORENAME is an optional argument defining storefront service store name. Applicable to STOREFRONT monitors. |
|
Number of consecutive successful probes required to transition a service’s state from DOWN to UP. |
|
List of Supported-Vendor-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum eight of these AVPs are supported in a monitoring message. |
|
Probe the service by encoding the destination IP address in the IP TOS (6) bits. Choices:
|
|
The TOS ID of the specified destination IP. Applicable only when the TOS parameter is set. |
|
The monitor is bound to a transparent device such as a firewall or router. The state of a transparent device depends on the responsiveness of the services behind it. If a transparent device is being monitored, a destination IP address must be specified. The probe is sent to the specified IP address by using the MAC address of the transparent device. Choices:
|
|
Code expected when the server is under maintenance |
|
String expected from the server for the service to be marked as trofs. Applicable to HTTP-ECV/TCP-ECV monitors. |
|
Type of monitor that you want to create. Choices:
|
|
Unit of measurement for the Deviation parameter. Cannot be changed after the monitor is created. Choices:
|
|
Unit of measurement for the Down Time parameter. Cannot be changed after the monitor is created. Choices:
|
|
monitor interval units Choices:
|
|
monitor response timeout units Choices:
|
|
User name with which to probe the RADIUS, NNTP, FTP, FTP-EXTENDED, MYSQL, MSSQL, POP3, CITRIX-AG, CITRIX-XD-DDC, CITRIX-WI-EXTENDED, CITRIX-XNC or CITRIX-XDM server. |
|
If Choices:
|
|
Validate the credentials of the Xen Desktop DDC server user. Applicable to monitors of type CITRIX-XD-DDC. Choices:
|
|
Vendor-Id value for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. |
|
List of Vendor-Specific-Acct-Application-Id attribute value pairs (AVPs) to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message. |
|
List of Vendor-Specific-Auth-Application-Id attribute value pairs (AVPs) for the Capabilities-Exchange-Request (CER) message to use for monitoring Diameter servers. A maximum of eight of these AVPs are supported in a monitoring message. The specified value is combined with the value of vendorSpecificVendorId to obtain the Vendor-Specific-Application-Id AVP in the CER monitoring message. |
|
Vendor-Id to use in the Vendor-Specific-Application-Id grouped attribute-value pair (AVP) in the monitoring CER message. To specify Auth-Application-Id or Acct-Application-Id in Vendor-Specific-Application-Id, use vendorSpecificAuthApplicationIds or vendorSpecificAcctApplicationIds, respectively. Only one Vendor-Id is supported for all the Vendor-Specific-Application-Id AVPs in a CER monitoring message. |
Notes
Note
For more information on using Ansible to manage NetScaler ADC Network devices see https://www.ansible.com/integrations/networks/citrixadc.
Examples
---
- name: Sample Playbook
hosts: localhost
gather_facts: false
tasks:
- name: Sample Task | lbmonitor
delegate_to: localhost
netscaler.adc.lbmonitor:
state: present
monitorname: ldns-dns
type: LDNS-DNS
query: .
querytype: Address
deviation: '0'
interval: 6
resptimeout: 3
downtime: 20
- name: Sample Task | lbmonitor | 2
delegate_to: localhost
netscaler.adc.lbmonitor:
state: present
monitorname: stasecure
type: CITRIX-STA-SERVICE
deviation: '0'
interval: 2
units3: MIN
resptimeout: 4
downtime: 5
- name: Sample Task | lbmonitor | 3
delegate_to: localhost
tags: test
netscaler.adc.lbmonitor:
state: present
monitorname: test-monitor1
type: TCP
interval: 15
retries: 20
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Indicates if any change is made by the module Returned: always Sample: |
|
Dictionary of before and after changes Returned: always Sample: |
|
List of differences between the actual configured object and the configuration specified in the module Returned: when changed Sample: |
|
Indicates if the module failed or not Returned: always Sample: |
|
list of logged messages by the module Returned: always Sample: |