in NetScaler

Ansible and Citrix ADC (sslparameter)

Automation is like the winter in Game of Thrones, its been on the horizon for quite some time, but finally, i am starting to see traction from mid-sized enterprise customers.

If you want to get started, watching the videos form Citrix Converge 2020 is a really good place to start, and of course the official channels on github.com/citrix

I’ll mainly write about the headaches i have working with automation, since the SDK is only some what complete if you have a “automate” everything approach. (so far its been good on services running through the ADC but not the ADC it self)

Changing the default sslparameter requires some custom nitro API calls. since the way SDK works is that you have a key for every object, but here – there is no key, so the SDK would fail since it would ask on something like https://<nsip>/nitro/v1/config/sslparameter/<key> and i only want to change something on https://<nsip>/nitro/v1/config/sslparameter.

First you make Ansible do a custom nitro request to https://<nsip>/nitro/v1/config/sslparameter, store that information in a “fact” with “register”, based on the output you use a “when” to check in your new custom “fact” – it looks something like this:

The above shown is build on examples from https://github.com/citrix/citrix-adc-ansible-modules

There are properly other ways of doing this, and i would love to hear about them 🙂

All i want to Christmas, is a complete SDK on Ansible, that holds every function available in the ADC.

What do you think?

Comment