netscaler.adc.nsip module – Configuration for ip resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.nsip.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for ip resource.

Parameters

Parameter

Comments

advertiseondefaultpartition

any

Advertise VIPs from Shared VLAN on Default Partition.

Choices:

  • "ENABLED"

  • "DISABLED"

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

arp

any

Respond to ARP requests for this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

arpowner

any

The arp owner in a Cluster for this IP address. It can vary from 0 to 31.

arpresponse

any

Respond to ARP requests for a Virtual IP (VIP) address on the basis of the states of the virtual servers associated with that VIP. Available settings function as follows:

* NONE - The Citrix ADC responds to any ARP request for the VIP address, irrespective of the states of the virtual servers associated with the address.

* ONE VSERVER - The Citrix ADC responds to any ARP request for the VIP address if at least one of the associated virtual servers is in UP state.

* ALL VSERVER - The Citrix ADC responds to any ARP request for the VIP address if all of the associated virtual servers are in UP state.

Choices:

  • "NONE"

  • "ONE_VSERVER"

  • "ALL_VSERVERS"

bgp

string

Use this option to enable or disable BGP on this IP address for the entity.

Choices:

  • "ENABLED"

  • "DISABLED"

decrementttl

any

Decrement TTL by 1 when ENABLED.This setting is applicable only for UDP traffic.

Choices:

  • "ENABLED"

  • "DISABLED"

dynamicrouting

any

Allow dynamic routing on this IP address. Specific to Subnet IP (SNIP) address.

Choices:

  • "ENABLED"

  • "DISABLED"

ftp

any

Allow File Transfer Protocol (FTP) access to this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

gui

any

Allow graphical user interface (GUI) access to this IP address.

Choices:

  • "ENABLED"

  • "SECUREONLY"

  • "DISABLED"

hostroute

any

Option to push the VIP to ZebOS routing table for Kernel route redistribution through dynamic routing protocols

Choices:

  • "ENABLED"

  • "DISABLED"

hostrtgw

any

IP address of the gateway of the route for this VIP address.

icmp

any

Respond to ICMP requests for this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

icmpresponse

any

Respond to ICMP requests for a Virtual IP (VIP) address on the basis of the states of the virtual servers associated with that VIP. Available settings function as follows:

* NONE - The Citrix ADC responds to any ICMP request for the VIP address, irrespective of the states of the virtual servers associated with the address.

* ONE VSERVER - The Citrix ADC responds to any ICMP request for the VIP address if at least one of the associated virtual servers is in UP state.

* ALL VSERVER - The Citrix ADC responds to any ICMP request for the VIP address if all of the associated virtual servers are in UP state.

* VSVR_CNTRLD - The behavior depends on the ICMP VSERVER RESPONSE setting on all the associated virtual servers.

The following settings can be made for the ICMP VSERVER RESPONSE parameter on a virtual server:

* If you set ICMP VSERVER RESPONSE to PASSIVE on all virtual servers, Citrix ADC always responds.

* If you set ICMP VSERVER RESPONSE to ACTIVE on all virtual servers, Citrix ADC responds if even one virtual server is UP.

* When you set ICMP VSERVER RESPONSE to ACTIVE on some and PASSIVE on others, Citrix ADC responds if even one virtual server set to ACTIVE is UP.

Choices:

  • "NONE"

  • "ONE_VSERVER"

  • "ALL_VSERVERS"

  • "VSVR_CNTRLD"

ipaddress

any

IPv4 address to create on the Citrix ADC. Cannot be changed after the IP address is created.

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

metric

any

Integer value to add to or subtract from the cost of the route advertised for the VIP address.

mgmtaccess

any

Allow access to management applications on this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

mptcpadvertise

any

If enabled, this IP will be advertised by Citrix ADC to MPTCP enabled clients as part of ADD_ADDR option.

Choices:

  • "YES"

  • "NO"

netmask

any

Subnet mask associated with the IP address.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

networkroute

any

Option to push the SNIP subnet to ZebOS routing table for Kernel route redistribution through dynamic routing protocol.

Choices:

  • "ENABLED"

  • "DISABLED"

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

ospf

string

Use this option to enable or disable OSPF on this IP address for the entity.

Choices:

  • "ENABLED"

  • "DISABLED"

ospfarea

any

ID of the area in which the type1 link-state advertisements (LSAs) are to be advertised for this virtual IP (VIP) address by the OSPF protocol running on the Citrix ADC. When this parameter is not set, the VIP is advertised on all areas.

ospflsatype

any

Type of LSAs to be used by the OSPF protocol, running on the Citrix ADC, for advertising the route for this VIP address.

Choices:

  • "TYPE1"

  • "TYPE5"

ownerdownresponse

any

in cluster system, if the owner node is down, whether should it respond to icmp/arp

Choices:

  • "YES"

  • "NO"

ownernode

float

The owner node in a Cluster for this IP address. Owner node can vary from 0 to 31. If ownernode is not specified then the IP is treated as Striped IP.

restrictaccess

any

Block access to nonmanagement applications on this IP. This option is applicable for MIPs, SNIPs, and NSIP, and is disabled by default. Nonmanagement applications can run on the underlying Citrix ADC Free BSD operating system.

Choices:

  • "ENABLED"

  • "DISABLED"

rip

string

Use this option to enable or disable RIP on this IP address for the entity.

Choices:

  • "ENABLED"

  • "DISABLED"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

snmp

any

Allow Simple Network Management Protocol (SNMP) access to this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

ssh

any

Allow secure shell (SSH) access to this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When absent, the resource will be deleted from the NetScaler ADC node.

When enabled, the resource will be enabled on the NetScaler ADC node.

When disabled, the resource will be disabled on the NetScaler ADC node.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "absent"

  • "enabled"

  • "disabled"

  • "unset"

tag

any

Tag value for the network/host route associated with this IP.

td

any

Integer value that uniquely identifies the traffic domain in which you want to configure the entity. If you do not specify an ID, the entity becomes part of the default traffic domain, which has an ID of 0. TD id 4095 is used reserved for LSN use

telnet

any

Allow Telnet access to this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

type

string

Type of the IP address to create on the Citrix ADC. Cannot be changed after the IP address is created. The following are the different types of Citrix ADC owned IP addresses:

* A Subnet IP (SNIP) address is used by the Citrix ADC to communicate with the servers. The Citrix ADC also uses the subnet IP address when generating its own packets, such as packets related to dynamic routing protocols, or to send monitor probes to check the health of the servers.

* A Virtual IP (VIP) address is the IP address associated with a virtual server. It is the IP address to which clients connect. An appliance managing a wide range of traffic may have many VIPs configured. Some of the attributes of the VIP address are customized to meet the requirements of the virtual server.

* A GSLB site IP (GSLBIP) address is associated with a GSLB site. It is not mandatory to specify a GSLBIP address when you initially configure the Citrix ADC. A GSLBIP address is used only when you create a GSLB site.

* A Cluster IP (CLIP) address is the management address of the cluster. All cluster configurations must be performed by accessing the cluster through this IP address.

Choices:

  • "SNIP"

  • "VIP"

  • "NSIP"

  • "HostIP"

  • "GSLBsiteIP"

  • "CLIP"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

vrid

any

A positive integer that uniquely identifies a VMAC address for binding to this VIP address. This binding is used to set up Citrix ADCs in an active-active configuration using VRRP.

vserver

any

Use this option to set (enable or disable) the virtual server attribute for this IP address.

Choices:

  • "ENABLED"

  • "DISABLED"

vserverrhilevel

any

Advertise the route for the Virtual IP (VIP) address on the basis of the state of the virtual servers associated with that VIP.

* NONE - Advertise the route for the VIP address, regardless of the state of the virtual servers associated with the address.

* ONE VSERVER - Advertise the route for the VIP address if at least one of the associated virtual servers is in UP state.

* ALL VSERVER - Advertise the route for the VIP address if all of the associated virtual servers are in UP state.

* VSVR_CNTRLD - Advertise the route for the VIP address according to the RHIstate (RHI STATE) parameter setting on all the associated virtual servers of the VIP address along with their states.

When Vserver RHI Level (RHI) parameter is set to VSVR_CNTRLD, the following are different RHI behaviors for the VIP address on the basis of RHIstate (RHI STATE) settings on the virtual servers associated with the VIP address:

* If you set RHI STATE to PASSIVE on all virtual servers, the Citrix ADC always advertises the route for the VIP address.

* If you set RHI STATE to ACTIVE on all virtual servers, the Citrix ADC advertises the route for the VIP address if at least one of the associated virtual servers is in UP state.

*If you set RHI STATE to ACTIVE on some and PASSIVE on others, the Citrix ADC advertises the route for the VIP address if at least one of the associated virtual servers, whose RHI STATE set to ACTIVE, is in UP state.

Choices:

  • "ONE_VSERVER"

  • "ALL_VSERVERS"

  • "NONE"

  • "VSVR_CNTRLD"

Notes

Note

Examples

---
- name: Sample Playbook
  hosts: localhost
  gather_facts: false
  tasks:
    - name: Sample Task | nsip
      delegate_to: localhost
      netscaler.adc.nsip:
        state: present
        ipaddress: 1.1.1.1
        netmask: 255.255.255.192
        type: VIP
    - name: Sample Task | nsip | 2
      delegate_to: localhost
      netscaler.adc.nsip:
        state: present
        ipaddress: 192.188.1.1
        netmask: 255.255.255.0
        vserver: DISABLED
        dynamicrouting: ENABLED
    - name: Sample Task | nsip | 3
      delegate_to: localhost
      netscaler.adc.nsip:
        state: present
        ipaddress: 192.179.1.1
        netmask: 255.255.255.255
        type: VIP
        arp: DISABLED
        snmp: DISABLED
        hostroute: ENABLED
        hostrtgw: 0.0.0.0
    - name: Sample Task | nsip | 4
      delegate_to: localhost
      netscaler.adc.nsip:
        state: present
        ipaddress: 192.188.1.2
        netmask: 255.255.0.0
        vserver: DISABLED

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)