netscaler.adc.lbparameter module – Configuration for LB parameter resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.lbparameter.

New in netscaler.adc 2.0.0

Synopsis

• Configuration for LB parameter resource.

Parameters

Parameter	Comments
allowboundsvcremoval any	This is used, to enable/disable the option of svc/svcgroup removal, if it is bound to one or more vserver. If it is enabled, the svc/svcgroup can be removed, even if it bound to vservers. If disabled, an error will be thrown, when the user tries to remove a svc/svcgroup without unbinding from its vservers. Choices: "ENABLED" "DISABLED"
api_path string	Base NITRO API path. Define only in case of an ADM service proxy call Default: "nitro/v1/config"
computedadccookieattribute any	ComputedADCCookieAttribute accepts ns variable as input in form of string starting with $ (to understand how to configure ns variable, please check man add ns variable). policies can be configured to modify this variable for every transaction and the final value of the variable after policy evaluation will be appended as attribute to Citrix ADC cookie (for example: LB cookie persistence , GSLB sitepersistence, CS cookie persistence, LB group cookie persistence). Only one of ComputedADCCookieAttribute, LiteralADCCookieAttribute can be set. Sample usage - add ns variable lbvar -type TEXT(100) -scope Transaction add ns assignment lbassign -variable $lbvar -set “\\”;SameSite=Strict\\”” add rewrite policy lbpol <valid policy expression> lbassign bind rewrite global lbpol 100 next -type RES_OVERRIDE set lb param -ComputedADCCookieAttribute “$lbvar” For incoming client request, if above policy evaluates TRUE, then SameSite=Strict will be appended to ADC generated cookie
consolidatedlconn any	To find the service with the fewest connections, the virtual server uses the consolidated connection statistics from all the packet engines. The NO setting allows consideration of only the number of connections on the packet engine that received the new connection. Choices: "YES" "NO"
cookiepassphrase any	Use this parameter to specify the passphrase used to generate secured persistence cookie value. It specifies the passphrase with a maximum of 31 characters.
dbsttl any	Specify the TTL for DNS record for domain based service. The default value of ttl is 0 which indicates to use the TTL received in DNS response for monitors
dropmqttjumbomessage any	When this option is enabled, MQTT messages of length greater than 64k will be dropped and the client/server connections will be reset. Choices: "YES" "NO"
httponlycookieflag any	Include the HttpOnly attribute in persistence cookies. The HttpOnly attribute limits the scope of a cookie to HTTP requests and helps mitigate the risk of cross-site scripting attacks. Choices: "ENABLED" "DISABLED"
lbhashalgorithm any	This option dictates the hashing algorithm used for hash based LB methods (URLHASH, DOMAINHASH, SOURCEIPHASH, DESTINATIONIPHASH, SRCIPDESTIPHASH, SRCIPSRCPORTHASH, TOKEN, USER_TOKEN, CALLIDHASH). Choices: "DEFAULT" "PRAC" "JARH"
lbhashfingers any	This option is used to specify the number of fingers to be used in PRAC and JARH algorithms for hash based LB methods. Increasing the number of fingers might give better distribution of traffic at the expense of additional memory
literaladccookieattribute any	String configured as LiteralADCCookieAttribute will be appended as attribute for Citrix ADC cookie (for example: LB cookie persistence , GSLB site persistence, CS cookie persistence, LB group cookie persistence). Sample usage - set lb parameter -LiteralADCCookieAttribute “;SameSite=None”
managed_netscaler_instance_id string added in netscaler.adc 2.6.0	The ID of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call
managed_netscaler_instance_ip string added in netscaler.adc 2.6.0	The IP of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call
managed_netscaler_instance_name string added in netscaler.adc 2.6.0	The name of the managed NetScaler instance to which NetScaler Console has to configure as a proxy server. Define only in case of an ADM service proxy call
managed_netscaler_instance_password string added in netscaler.adc 2.6.0	The password of the managed NetScaler instance. Define only in case of an ADM service proxy call In Settings > Administration > System Configurations > Basic Settings, if you select Prompt Credentials for Instance Login, ensure to configure username and password of a managed instance.
managed_netscaler_instance_username string added in netscaler.adc 2.6.0	The username of the managed NetScaler instance. Define only in case of an ADM service proxy call In Settings > Administration > System Configurations > Basic Settings, if you select Prompt Credentials for Instance Login, ensure to configure username and password of a managed instance.
maxpipelinenat any	Maximum number of concurrent requests to allow on a single client connection, which is identified by the <clientip:port>-<vserver ip:port> tuple. This parameter is applicable to ANY service type and all UDP service types (except DNS) and only when “svrTimeout” is set to zero. A value of 0 (zero) applies no limit to the number of concurrent requests allowed on a single client connection
monitorconnectionclose any	Close monitoring connections by sending the service a connection termination message with the specified bit set. Choices: "RESET" "FIN"
monitorskipmaxclient any	When a monitor initiates a connection to a service, do not check to determine whether the number of connections to the service has reached the limit specified by the service’s Max Clients setting. Enables monitoring to continue even if the service has reached its connection limit. Choices: "ENABLED" "DISABLED"
netscaler_console_as_proxy_server boolean added in netscaler.adc 2.6.0	The IP address of the NetScaler ADC appliance acting as a proxy server. Define only in case of an ADM service proxy call Choices: false ← (default) true
nitro_auth_token string	The authentication token provided by a login operation.
nitro_pass string	The password with which to authenticate to the NetScaler ADC node.
nitro_protocol string	Which protocol to use when accessing the nitro API objects. Choices: "http" "https" ← (default)
nitro_user string	The username with which to authenticate to the NetScaler ADC node.
nsip string / required	The ip address of the NetScaler ADC appliance where the nitro API calls will be made. The port can be specified with the colon (:). E.g. 192.168.1.1:555.
preferdirectroute any	Perform route lookup for traffic received by the Citrix ADC, and forward the traffic according to configured routes. Do not set this parameter if you want a wildcard virtual server to direct packets received by the appliance to an intermediary device, such as a firewall, even if their destination is directly connected to the appliance. Route lookup is performed after the packets have been processed and returned by the intermediary device. Choices: "YES" "NO"
retainservicestate any	This option is used to retain the original state of service or servicegroup member when an enable server command is issued. Choices: "ON" "OFF"
save_config boolean	If true the module will save the configuration on the NetScaler ADC node if it makes any changes. The module will not save the configuration on the NetScaler ADC node if it made no changes. Choices: false ← (default) true
startuprrfactor any	Number of requests, per service, for which to apply the round robin load balancing method before switching to the configured load balancing method, thus allowing services to ramp up gradually to full load. Until the specified number of requests is distributed, the Citrix ADC is said to be implementing the slow start mode (or startup round robin). Implemented for a virtual server when one of the following is true: * The virtual server is newly created. * One or more services are newly bound to the virtual server. * One or more services bound to the virtual server are enabled. * The load balancing method is changed. This parameter applies to all the load balancing virtual servers configured on the Citrix ADC, except for those virtual servers for which the virtual server-level slow start parameters (New Service Startup Request Rate and Increment Interval) are configured. If the global slow start parameter and the slow start parameters for a given virtual server are not set, the appliance implements a default slow start for the virtual server, as follows: * For a newly configured virtual server, the appliance implements slow start for the first 100 requests received by the virtual server. * For an existing virtual server, if one or more services are newly bound or newly enabled, or if the load balancing method is changed, the appliance dynamically computes the number of requests for which to implement startup round robin. It obtains this number by multiplying the request rate by the number of bound services (it includes services that are marked as DOWN). For example, if the current request rate is 20 requests/s and ten services are bound to the virtual server, the appliance performs startup round robin for 200 requests. Not applicable to a virtual server for which a hash based load balancing method is configured.
state string	The state of the resource being configured by the module on the NetScaler ADC node. When present, the resource will be added/updated configured according to the module’s parameters. When unset, the resource will be unset on the NetScaler ADC node. Choices: "present" ← (default) "unset"
storemqttclientidandusername any	This option allows to store the MQTT clientid and username in transactional logs Choices: "YES" "NO"
undefaction any	Action to perform when policy evaluation creates an UNDEF condition. Available settings function as follows: * NOLBACTION - Does not consider LB action in making LB decision. * RESET - Reset the request and notify the user, so that the user can resend the request. * DROP - Drop the request without sending a response to the user.
useencryptedpersistencecookie any	Encode persistence cookie values using SHA2 hash. Choices: "ENABLED" "DISABLED"
useportforhashlb any	Include the port number of the service when creating a hash for hash based load balancing methods. With the NO setting, only the IP address of the service is considered when creating a hash. Choices: "YES" "NO"
usesecuredpersistencecookie any	Encode persistence cookie values using SHA2 hash. Choices: "ENABLED" "DISABLED"
validate_certs boolean	If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. Choices: false true ← (default)
vserverspecificmac any	Allow a MAC-mode virtual server to accept traffic returned by an intermediary device, such as a firewall, to which the traffic was previously forwarded by another MAC-mode virtual server. The second virtual server can then distribute that traffic across the destination server farm. Also useful when load balancing Branch Repeater appliances. Note: The second virtual server can also send the traffic to another set of intermediary devices, such as another set of firewalls. If necessary, you can configure multiple MAC-mode virtual servers to pass traffic successively through multiple sets of intermediary devices. Choices: "ENABLED" "DISABLED"

Notes

Note

• For more information on using Ansible to manage NetScaler ADC Network devices see https://www.ansible.com/integrations/networks/citrixadc.

Examples

---
- name: Sample Task
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Sample playbook
      delegate_to: localhost
      netscaler.adc.lbparameter:
        # nsip: 10.0.0.1 # This can also be given via NETSCALER_NSIP environment variable
        # nitro_user: nitrouser # This can also be given via NETSCALER_NITRO_USER environment variable
        # nitro_pass: verysecretpassword # This can also be given via NETSCALER_NITRO_PASS environment variable
        # nitro_protocol: https # This can also be given via NETSCALER_NITRO_PROTOCOL environment variable
        # validate_certs: false # This can also be given via NETSCALER_VALIDATE_CERTS environment variable
        # save_config: false # This can also be given via NETSCALER_SAVE_CONFIG environment variable
        state: present
        allowboundsvcremoval: DISABLED

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
changed boolean	Indicates if any change is made by the module Returned: always Sample: true
diff dictionary	Dictionary of before and after changes Returned: always Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}
diff_list list / elements=string	List of differences between the actual configured object and the configuration specified in the module Returned: when changed Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]
failed boolean	Indicates if the module failed or not Returned: always Sample: false
loglines list / elements=string	list of logged messages by the module Returned: always Sample: ["message 1", "message 2"]

Authors

• Sumanth Lingappa (@sumanth-lingappa)

Collection links

• Issue Tracker
• Repository (Sources)