netscaler.adc.nsparam module – Configuration for Citrix ADC parameters resource.

Note

This module is part of the netscaler.adc collection (version 2.6.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.nsparam.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for Citrix ADC parameters resource.

Parameters

Parameter

Comments

advancedanalyticsstats

string

Disable/Enable advanace analytics stats

Choices:

  • "ENABLED"

  • "DISABLED"

aftpallowrandomsourceport

string

Allow the FTP server to come from a random source port for active FTP data connections

Choices:

  • "ENABLED"

  • "DISABLED"

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

cip

string

Enable or disable the insertion of the actual client IP address into the HTTP header request passed from the client to one, some, or all servers attached to the system. The passed address can then be accessed through a minor modification to the server.

* If the CIP header is specified, it will be used as the client IP header.

* If the CIP header is not specified, the value that has been set will be used as the client IP header.

Choices:

  • "ENABLED"

  • "DISABLED"

cipheader

string

Text that will be used as the client IP address header.

cookieversion

string

Version of the cookie inserted by the system.

Choices:

  • "0"

  • "1"

crportrange

string

Port range for cache redirection services.

exclusivequotamaxclient

float

Percentage of maxClient threshold to be divided equally among PEs.

exclusivequotaspillover

float

Percentage of spillover threshold to be divided equally among PEs.

ftpportrange

string

Minimum and maximum port (port range) that FTP services are allowed to use.

grantquotamaxclient

float

Percentage of shared pool value granted to PE once PE exhausts the local exclusive quota. Where shared pool is the remaining maxclient quota after distribution of exclusive quota to PEs.

Example: In a 2 PE NetScaler system if configured maxclient is 100 and exclusive quota is 80 percent then each PE will get 40 as local exclusive quota and 20 will be in shared pool. If configured grantQuota is 20 percent, then after exhausting its local exclusive quota PE borrows from shared pool in chunks of 4 i.e. 20 percent of 20.

grantquotaspillover

float

Percentage of shared pool value granted to PE once PE exhausts the local exclusive quota. Where shared pool is the remaining spillover quota after distribution of exclusive quota to PEs.

Example: In a 2 PE NetScaler system if configured spillover is 100 and exclusive quota is 80 percent then each PE will get 40 as local exclusive quota and 20 will be in shared pool. If configured grantQuota is 20 percent, then after exhausting its local exclusive quota PE borrows from shared pool in chunks of 4 i.e. 20 percent of 20.

httpport

list / elements=integer

HTTP ports on the web server. This allows the system to perform connection off-load for any client request that has a destination port matching one of these configured ports.

icaports

list / elements=integer

The ICA ports on the Web server. This allows the system to perform connection off-load for any client request that has a destination port matching one of these configured ports.

internaluserlogin

string

Enables/disables the internal user from logging in to the appliance. Before disabling internal user login, you must have key-based authentication set up on the appliance. The file name for the key pair must be “ns_comm_key”.

Choices:

  • "ENABLED"

  • "DISABLED"

ipttl

float

Set the IP Time to Live (TTL) and Hop Limit value for all outgoing packets from Citrix ADC.

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

maxconn

float

Maximum number of connections that will be made from the appliance to the web server(s) attached to it. The value entered here is applied globally to all attached servers.

maxreq

float

Maximum number of requests that the system can pass on a particular connection between the appliance and a server attached to it. Setting this value to 0 allows an unlimited number of requests to be passed. This value is overridden by the maximum number of requests configured on the individual service.

mgmthttpport

integer

This allow the configuration of management HTTP port.

mgmthttpsport

integer

This allows the configuration of management HTTPS port.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

pmtumin

float

Minimum path MTU value that Citrix ADC will process in the ICMP fragmentation needed message. If the ICMP message contains a value less than this value, then this value is used instead.

pmtutimeout

float

Interval, in minutes, for flushing the PMTU entries.

proxyprotocol

string

Disable/Enable v1 or v2 proxy protocol header for client info insertion

Choices:

  • "ENABLED"

  • "DISABLED"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

securecookie

string

Enable or disable secure flag for persistence cookie.

Choices:

  • "ENABLED"

  • "DISABLED"

secureicaports

list / elements=integer

The Secure ICA ports on the Web server. This allows the system to perform connection off-load for any

client request that has a destination port matching one of these configured ports.

servicepathingressvlan

float

VLAN on which the subscriber traffic arrives on the appliance.

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "unset"

tcpcip

string

Enable or disable the insertion of the client TCP/IP header in TCP payload passed from the client to one, some, or all servers attached to the system. The passed address can then be accessed through a minor modification to the server.

Choices:

  • "ENABLED"

  • "DISABLED"

timezone

string

Time zone for the Citrix ADC. Name of the time zone should be specified as argument.

useproxyport

string

Enable/Disable use_proxy_port setting

Choices:

  • "ENABLED"

  • "DISABLED"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

Examples

---
- name: Sample nsparam playbook
  hosts: demo_netscalers
  gather_facts: false
  tasks:
    - name: Configure nsparam
      delegate_to: localhost
      netscaler.adc.nsparam:
        state: present
        cookieversion: '1'

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)

  • Shiva Shankar Vaddepally (@shivashankar-vaddepally)