netscaler.adc.nsconfig module – Configuration for system config resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.nsconfig.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for system config resource.

Parameters

Parameter

Comments

all

boolean

Use this option to do saveconfig for all partitions

Choices:

  • false

  • true

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

changedpassword

boolean

Option to list all passwords changed which would not work when downgraded to older releases. Takes config file as input, if no input specified, running configuration is considered. Command => query ns config -changedpassword / query ns config -changedpassword /nsconfig/ns.conf

Choices:

  • false

  • true

cip

string

The option to control (enable or disable) the insertion of the actual client IP address into the HTTP header request passed from the client to one, some, or all servers attached to the system.

The passed address can then be accessed through a minor modification to the server.

l If cipHeader is specified, it will be used as the client IP header.

l If it is not specified, then the value that has been set by the set ns config CLI command will be used as the client IP header.

Choices:

  • "ENABLED"

  • "DISABLED"

cipheader

string

The text that will be used as the client IP header.

config

string

configuration File to be used to find weak passwords, if not specified, running config is taken as input.

config1

string

Location of the configurations.

config2

string

Location of the configurations.

cookieversion

string

The version of the cookie inserted by system.

Choices:

  • "0"

  • "1"

crportrange

string

Port range for cache redirection services.

exclusivequotamaxclient

float

The percentage of maxClient to be given to PEs

exclusivequotaspillover

float

The percentage of max limit to be given to PEs

force

boolean

Configurations will be cleared without prompting for confirmation.

Choices:

  • false

  • true

ftpportrange

string

Port range configured for FTP services.

grantquotamaxclient

float

The percentage of shared quota to be granted at a time for maxClient

grantquotaspillover

float

The percentage of shared quota to be granted at a time for spillover

httpport

list / elements=integer

The HTTP ports on the Web server. This allows the system to perform connection off-load for any client request that has a destination port matching one of these configured ports.

ifnum

any

Interfaces of the appliances that must be bound to the NSVLAN.

ignoredevicespecific

boolean

Suppress device specific differences.

Choices:

  • false

  • true

ipaddress

any

IP address of the Citrix ADC. Commonly referred to as NSIP address. This parameter is mandatory to bring up the appliance.

level

string

Types of configurations to be cleared.

* basic: Clears all configurations except the following:

  • NSIP, default route (gateway), static routes, MIPs, and SNIPs

  • Network settings (DG, VLAN, RHI and DNS settings)

  • Cluster settings

  • HA node definitions

  • Feature and mode settings

  • nsroot password

* extended: Clears the same configurations as the ‘basic‘ option. In addition, it clears the feature and mode settings.

* full: Clears all configurations except NSIP, default route, and interface settings.

Note: When you clear the configurations through the cluster IP address, by specifying the level as ‘full‘, the cluster is deleted and all cluster nodes become standalone appliances. The ‘basic‘ and ‘extended‘ levels are propagated to the cluster nodes.

Choices:

  • "basic"

  • "extended"

  • "full"

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

maxconn

float

The maximum number of connections that will be made from the system to the web server(s) attached to it. The value entered here is applied globally to all attached servers.

maxreq

float

The maximum number of requests that the system can pass on a particular connection between the system and a server attached to it. Setting this value to 0 allows an unlimited number of requests to be passed.

netmask

any

Netmask corresponding to the IP address. This parameter is mandatory to bring up the appliance.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

nsvlan

any

VLAN (NSVLAN) for the subnet on which the IP address resides.

outtype

string

Format to display the difference in configurations.

Choices:

  • "cli"

  • "xml"

pmtumin

float

The minimum Path MTU.

pmtutimeout

float

The timeout value in minutes.

rbaconfig

string

RBA configurations and TACACS policies bound to system global will not be cleared if RBA is set to NO.This option is applicable only for BASIC level of clear configuration.Default is YES, which will clear rba configurations.

Choices:

  • "YES"

  • "NO"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

securecookie

string

enable/disable secure flag for persistence cookie

Choices:

  • "ENABLED"

  • "DISABLED"

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "unset"

tagged

any

Specifies that the interfaces will be added as 802.1q tagged interfaces. Packets sent on these interface on this VLAN will have an additional 4-byte 802.1q tag which identifies the VLAN.

To use 802.1q tagging, the switch connected to the appliance’s interfaces must also be configured for tagging.

Choices:

  • "YES"

  • "NO"

template

boolean

File that contains the commands to be compared.

Choices:

  • false

  • true

timezone

string

Name of the timezone

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

weakpassword

boolean

Option to list all weak passwords (not adhering to strong password requirements). Takes config file as input, if no input specified, running configuration is considered. Command => query ns config -weakpassword / query ns config -weakpassword /nsconfig/ns.conf

Choices:

  • false

  • true

Notes

Note

Examples

---
- name: Sample Playbook
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Sample Task | nsconfig
      delegate_to: localhost
      netscaler.adc.nsconfig:
        state: present
        ipaddress: 10.10.10.10
        netmask: 255.255.255.0

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)