:source: fwebos_ha.py
:orphan:
.. fwebos_ha.py:
fwebos_ha.py -- Config FortiWeb HA options
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.. versionadded:: 1.0.1
.. contents::
:local:
:depth: 1
Synopsis
--------
Config FortiWeb HA options
Requirements
------------
The below requirements are needed on the host that executes this module.
- ansible>=2.11
FortiWeb Version Compatibility
------------------------------
.. raw:: html
|
v7.0.x |
v7.2.x |
v7.4.x |
v7.6.x |
| fwebos_ha.py |
yes |
yes |
yes |
yes |
Parameters
----------
.. raw:: html
- body Possible parameters to go in the body for the request required: True
- mode mode type:string choice:
active-passive,
active-active-standard,
active-active-high-volume,
standalone,
- group-id group id, range 0-63 type:integer
maximum:63
minimum:0
- group-name group name type:string
maxLength:19
- priority priority value, range 0-9 type:integer
maximum:9
minimum:0
- override master HA unit overriding type:string choice:
enable,
disable,
- network-type The network on which heartbeat and sync are based type:string choice:
flat,
udp-tunnel,
- tunnel-local Local IPv4 address for HA tunnel type:string
maxLength:15
- tunnel-peer Peers IPv4 address for HA tunnel type:string
maxLength:15
- hbdev heartbeat interfaces type:string
- hbdev-backup backup heartbeat interfaces type:string
- boot-time boot time for Heartbeat, rang 1-100 (s) type:integer
maximum:100
minimum:1
- hb-interval heartbeat interval, range 1-20 (100ms) type:integer
maximum:20
minimum:1
- hb-lost-threshold heartbeat threshold for failed, range 1-60 type:integer
maximum:60
minimum:1
- arps gratuitous ARP or neighbour solicitation, range 1-16 type:integer
maximum:16
minimum:1
- arp-interval ARP/NS interval, range 1-20 type:integer
maximum:20
minimum:1
- monitor interfaces to monitor type:string
- key 16 hex number for HA type:string
format:password
- lacp-ha-slave enable/disable type:string choice:
enable,
disable,
- ha-mgmt-status enable/disable manager port type:string choice:
enable,
disable,
- ha-mgmt-interface manager port interface type:string
- session-pickup enable/disable session sync type:string choice:
enable,
disable,
- session-sync-dev session sync interfaces type:string
- session-sync-broadcast enable/disable session sync broadcast type:string choice:
enable,
disable,
- session-warm-up session warm-up time, range 5-120(s) type:integer
maximum:120
minimum:5
- schedule schedule type:string choice:
ip,
round-robin,
leastconnection,
- weight-1 weight for No.1 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-2 weight for No.2 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-3 weight for No.3 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-4 weight for No.4 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-5 weight for No.5 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-6 weight for No.6 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-7 weight for No.7 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- weight-8 weight for No.8 unit in Source IP schedule, range 0-255 type:integer
maximum:255
minimum:0
- link-failed-signal enable/disable link failed signal type:string choice:
enable,
disable,
- l7-persistence-sync enable/disable persistence sync type:string choice:
enable,
disable,
- eip-addr The Elastic IP address type:string
format:ipv4
- eip-aid The allocation ID of the Elastic IP address(Required for EC2-VPC) type:string
maxLength:63
- ha-eth-type HA heartbeat packet Ethertype (4-digit hex), range 0x8890-0x889F type:string
maxLength:5
- hc-eth-type Tuple session HA heartbeat packet Ethertype (4-digit hex), range 0x8890-0x889F type:string
maxLength:5
- l2ep-eth-type Telnet session HA heartbeat packet Ethertype (4-digit hex), range 0x8890-0x889F type:string
maxLength:5
- server-policy-hlck HA AA server policy health check type:string choice:
enable,
disable,
- encryption enable/disable heartbeat message encryption type:string choice:
enable,
disable,
- sdn-connector sdn connector for AP mode type:string
- lb-name Azure load balancer resource name in the front of the FortiWeb instances type:string
maxLength:63
- lb-ocid OCI LoadBalancer ID at the front of the FortiWeb instances type:string
maxLength:127
- lb-gcp GCP LoadBalancer ID at the front of the FortiWeb instances type:string
maxLength:63
- mkey If present, objects will be filtered on property with this name type:string
- vdom Specify the Virtual Domain(s) from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned. The URL parameter is one of: vdom=root (Single VDOM) vdom=vdom1,vdom2 (Multiple VDOMs) vdom=* (All VDOMs) type:array
- move_flag If supported, a flag can be specified. When *move_flag* is set, extra parameters (*move_mkey*, *sub_mkey*) must be provided. __*Note:*__ If this parameter is provided when not supported, the action will be ignored and an “invalid request” error will be returned. type:string
- sub_mkey specific resource to be moved type:string
- move_mkey specific resource to be moved before or after type:string
Examples
--------
.. code-block:: yaml+jinja
- name:
hosts: all
vars:
connection: httpapi
gather_facts: false
tasks:
- name: edit ha
vars:
ansible_command_timeout: 90
fwebos_ha:
action: edit
mode: active-passive
group_id: 9
group_name: tttt
priority: 5
override: disable
network_type: flat
tunnel_local:
tunnel_peer:
hbdev: port2
hbdev_backup: port3
boot_time: 30
hb_interval: 3
hb_lost_threshold: 3
arps: 10
arp_interval: 3
monitor: port1 port8
lacp_ha_slave: enable
ha_mgmt_status: disable
ha_mgmt_interface:
session_pickup: disable
session_sync_dev:
session_sync_broadcast: disable
session_warm_up: 10
schedule: ip
weight_1: 40
weight_2: 40
weight_3: 40
weight_4: 40
weight_5: 40
weight_6: 40
weight_7: 40
weight_8: 40
link_failed_signal: disable
l7_persistence_sync: disable
eip_addr: 0.0.0.0
eip_aid:
ha_eth_type: 8890
hc_eth_type: 8892
l2ep_eth_type: 8893
server_policy_hlck: disable
multi_cluster: disable
multi_cluster_group: primary
multi_cluster_switch_by: nodes_availability
multi_cluster_move_primary_cluster: disable
encryption: disable
cluster_arp: enable
sdn_connector:
lb_name:
lb_ocid:
- name: edit ha
vars:
ansible_command_timeout: 90
fwebos_ha:
action: edit
mode: standalone
- name: edit ha
vars:
ansible_command_timeout: 90
fwebos_ha:
action: edit
mode: active-active-standard
group_id: 9
group_name: tttt
priority: 5
override: disable
network_type: flat
tunnel_local:
tunnel_peer:
hbdev: port2
hbdev_backup: port3
boot_time: 30
hb_interval: 3
hb_lost_threshold: 3
monitor: port1 port8
lacp_ha_slave: enable
ha_mgmt_status: disable
ha_mgmt_interface:
session_pickup: disable
session_sync_dev:
session_sync_broadcast: disable
session_warm_up: 10
schedule: ip
link_failed_signal: disable
l7_persistence_sync: disable
eip_addr: 0.0.0.0
eip_aid:
server_policy_hlck: disable
multi_cluster: disable
multi_cluster_group: primary
multi_cluster_switch_by: nodes_availability
multi_cluster_move_primary_cluster: disable
encryption: disable
cluster_arp: enable
Return Values
-------------
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
.. raw:: html
- 200 : OK: Request returns successful
- 400 : Bad Request: Request cannot be processed by the API
- 401 : Not Authorized: Request without successful login session
- 403 : Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
- 404 : Resource Not Found: Unable to find the specified resource.
- 405 : Method Not Allowed: Specified HTTP method is not allowed for this resource.
- 413 : Request Entity Too Large: Request cannot be processed due to large entity
- 424 : Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, invalid attribute value
- 429 : Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
- 500 : Internal Server Error: Internal error when processing the request
For errorcode please check FortiWeb API errorcode at : https://documenter.getpostman.com/view/11233300/TVetbkaK#887b9eb4-7c13-4338-a8db-16cc117f0119
Status
------
- This module is not guaranteed to have a backwards compatible interface.
Authors
-------
- Jie Li
- Brad Zhang
.. hint::
If you notice any issues in this documentation, you can create a pull request to improve it.