search

F5Networks / f5-ansible

Imperative Ansible modules for F5 BIG-IP products
GNU General Public License v3.0
376 stars 229 forks source link

bigip_virtual_server - Add support for mask for forwarding virtual servers #671

Closed dashwood8691 closed 6 years ago

dashwood8691 commented 6 years ago
ISSUE TYPE
COMPONENT NAME

bigip_virtual_server

ANSIBLE VERSION
ansible 2.6.0
  config file = /root/ansible/labs/ansible.cfg
  configured module search path = [u'/root/ansible/labs/library']
  ansible python module location = /usr/lib/python2.7/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 2.7.5 (default, Aug  4 2017, 00:39:18) [GCC 4.8.5 20150623 (Red Hat 4.8.5-16)]
PYTHON VERSION
Python 2.7.5
BIGIP VERSION
Sys::Version
Main Package
  Product     BIG-IP
  Version     12.1.3
  Build       0.0.378
  Edition     Final
  Date        Mon Nov 27 16:41:03 PST 2017
LIBRARY VERSIONS
bigsuds==1.0.6
f5-sdk==3.0.11
CONFIGURATION
OS / ENVIRONMENT

CentOS Linux release 7.4.1708 (Core)

SUMMARY

bigip_virtual_server currently does not provide 'mask' parameter. 'destination' attribute does not support CIDR format like 'source' either, so I am unable to configure destination like 10.10.11.0/24.

When configured, TMUI shows: Destination Address/Mask: 10.10.11.0/24

TMSH shows: destination 10.10.11.0:any mask 255.255.255.0

STEPS TO REPRODUCE

The new feature could be used like:

    - name: Create virtual servers
      bigip_virtual_server:
        name: vs_performanceL4
        destination: 10.10.11.0
        port: 0
        mask: 255.255.255.0     <---
        pool: pl_http
        profiles: { name:fastL4 }
        source: 10.0.2.0/24
        snat: snatpool
        enabled_vlans: external
        provider:
          server: "{{ ansible_host }}"
          user: "{{ self_device.user }}"
          password: "{{ self_device.password }}"
          validate_certs: "{{ self_device.validate_certs }}"
EXPECTED RESULTS

The playbook above would result in:

ltm virtual vs_peformanceL4 {
    destination 10.10.11.0:any
    mask 255.255.255.0
    pool pl_http
    profiles {
        fastL4 { }
    }
    source 10.0.2.0/24
    translate-address disabled
    translate-port disabled
    vlans {
        external
    }
    vlans-enabled
    vs-index 20
}
ACTUAL RESULTS

'mask' attribute is not available currently.

caphrim007 commented 6 years ago

seems to be (in a round-about way) a dupe of #650. we're working on it