fadcos_load_balance_persistence – configure load balance persistence in Fortinet’s FortiADC¶
New in version 1.1.0.
Parameters¶
- action - Type of action to perform on the object. type: str required: true
- name - config load-balance persistence name type: str required: false
- type - Specify the Radius attribute type.type: str required: false
- timeout - Specify the timeout (in seconds) for an inactive persistence session table entry. (Range: 1-86400).type: int required: false default: 300
- ipv4_maskbits - Specify the number of bits in a IPv4 subnet mask to specify a network segment that should follow the persistence rule. (Range: 1-32).type: str required: false default: 32
- ipv6_maskbits - Specify the number of bits in a IPv6 subnet mask to specify a network segment that should follow the persistence rule. (Range: 1-128).type: str required: false default: 128
- match_across_virtual_servers - If enabled, clients will continue to access the same backend server through different virtual servers for the duration of a session.type: str required: false default: disable
- keyword - Specify the HTTP header value, URL paramter or cookie name which is depended on the radius attribute type.type: str required: false
- sess_kw_type - Specify the cookie which is generated from the server.type: str required: false default: auto
- cookie_domain - Specifies the domain attribute of the cookie.type: str required: false default:
- cookie_httponly - Enable/disable to add the "HTTPOnly" flag to cookies.type: str required: false default: disable
- cookie_secure - Enable/disable to add the Secure flag to cookies.type: str required: false default: disable
- cookie_samesite - Add a SameSite attribute to prevent the browser from sending cookies along with cross-site requests, to mitigate the risk of cross-origin information leakage.type: str required: false default: nothing
- cookie_custom_attr - Enable/disable to specify custom attributes.type: str required: false default: disable
- cookie_custom_attr_val - The cookie-custom-attr-value option appears if cookie-custom-attr is enabled.type: str required: false
- match_across_servers - An option for radius-attribute and source-address persistence methods.type: str required: false default: disable
- override_connection_limit - An option for radius-attribute only.type: str required: false default: disable
- radius_attribute_relation - Specify the relation when multiple radius attributes are configured.type: str required: false default: AND
- iso8583_bitmap_relation - Specify the relation among the bitmap type be AND/OR.type: str required: false default: OR
- keyvalue_relation - Specify the relation of keyvalue be AND/OR if iso8583_bitmap_relation is OR.type: str required: false default: AND
- names - load-balance persistence name listtype: list required: false
- vdom - VDOM name if enabled.type: str required: true(if VDOM is enabled)
Examples¶
- name:
hosts: all
vars:
connection: httpapi
gather_facts: false
tasks:
- name: create
fadcos_load_balance_persistence:
action: add
name: test1
type: source-address
timeout: 300
ipv4_maskbits: '32'
ipv6_maskbits: '128'
match_across_virtual_servers: disable
- name: create
fadcos_load_balance_persistence:
action: add
name: test2
type: consistent-hash-ip
- name: create
fadcos_load_balance_persistence:
action: add
name: test3
type: hash-source-address-port
- name: create
fadcos_load_balance_persistence:
action: add
name: test4
type: hash-http-header
keyword: keyword
- name: create
fadcos_load_balance_persistence:
action: add
name: test5
type: hash-http-request
keyword: keyword
- name: create
fadcos_load_balance_persistence:
action: add
name: test6
type: hash-cookie
keyword: keyword
- name: create
fadcos_load_balance_persistence:
action: add
name: test7
type: persistent-cookie
keyword: keyword
timeout: 300
- name: create
fadcos_load_balance_persistence:
action: add
name: test8
type: passive-cookie
keyword: keyword
timeout: 300
sess_kw_type: auto
- name: create
fadcos_load_balance_persistence:
action: add
name: test9
type: insert-cookie
keyword: keyword
timeout: 300
cookie_domain: ""
cookie_httponly: disable
cookie_secure: disable
cookie_samesite: nothing
cookie_custom_attr: disable
- name: create
fadcos_load_balance_persistence:
action: add
name: test10
type: rewrite-cookie
keyword: keyword
- name: create
fadcos_load_balance_persistence:
action: add
name: test11
type: embedded-cookie
keyword: keyword
- name: create
fadcos_load_balance_persistence:
action: add
name: test12
type: radius-attribute
timeout: 400
match_across_servers: enable
override_connection_limit: enable
radius_attribute_relation: OR
- name: create
fadcos_load_balance_persistence:
action: add
name: test13
type: ssl-session-id
timeout: 400
- name: create
fadcos_load_balance_persistence:
action: add
name: test14
type: sip-call-id
timeout: 400
- name: create
fadcos_load_balance_persistence:
action: add
name: test15
type: rdp-cookie
- name: create
fadcos_load_balance_persistence:
action: add
name: test16
type: iso8583-bitmap
timeout: 400
iso8583_bitmap_relation: OR
keyvalue_relation: AND
- name: get
fadcos_load_balance_persistence:
action: get
- name: delete
fadcos_load_balance_persistence:
action: remove
names:
- test1
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- 200 - OK: Request returns successful.
- 400 - Bad Request: Request cannot be processed by the API.
- 401 - Not Authorized: Request without successful login session.
- 403 - Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
- 404 - Resource Not Found: Unable to find the specified resource.
- 405 - Method Not Allowed: Specified HTTP method is not allowed for this resource.
- 413 - Request Entity Too Large: Request cannot be processed due to large entity.
- 424 - Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, or invalid attribute value.
- 429 - Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
- 500 - Internal Server Error: Internal error when processing the request.
For errorcode please check FortiADC API errorcode at : https://fndn.fortinet.net/index.php?/fortiapi/981-fortiadc/
Authors¶
- Wayne Chou
Hint
If you notice any issues in this documentation, you can create a pull request to improve it at: https://github.com/fortinet-ansible-dev/ansible-galaxy-fortiadc-sphinxdoc/pulls