Ansible Deployment of Virtual Server With Profiles
We are in the process of planning a migration to a new set of virtual BigIPs. To help expedite the process, we have decided to leverage Ansible to help deploy and maintain configurations moving forward. We ran into a snag today when attempting to deploy profiles with virtual servers. We want to apply a client SSL profile to port 443 virtual servers but not to port 80 virtual servers. We are using a "with_items" loop to create multiple viral servers without duplicating the task inside of the playbook.
Any ideas on how to achieve this without having to duplicate the task over and over because of the client SSL profile? A portion of our configuration is below:
bigip_virtual_server:
state: present
partition: "{{ partition }}"
name: "{{ item.name }}"
port: "{{ item.port }}"
destination: "{{ item.destination }}"
description: "vs 1"
pool: "vs1_pool"
profiles:
- tcp-wan-optimized
- http
- wan-optimized-compression
- vs1_client_ssl
provider:
server: "{{ server }}"
user: "{{ username }}"
password: "{{ password }}"
validate_certs: "{{ validate_certs }}"
with_items:
- { name: "server_port_80",
port: 80,
destination: IP,
}
- { name: "server_port_443,
port: 443,
destination: IP,
}