fabiog1901.cockroachdb.cc_networking_info module – List networking details for a cluster.
Note
This module is part of the fabiog1901.cockroachdb collection (version 1.0.0).
To install it, use: ansible-galaxy collection install fabiog1901.cockroachdb.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: fabiog1901.cockroachdb.cc_networking_info.
New in fabiog1901.cockroachdb 1.0.0
Synopsis
List networking details for a cluster.
A Cockroach Cloud Service Account API Key is required.
Export the key as environment variable ‘CC_KEY’ or pass it on module invokation
Requirements
The below requirements are needed on the host that executes this module.
cockroachdb-cloud-client
Parameters
Parameter |
Comments |
|---|---|
Define details for the API client |
|
The API version to use Default: |
|
The Service Account API key This value is log redacted By default it reads the env variable ‘CC_KEY’ |
|
the hostname of the API server Default: |
|
the path to the API endpoint Default: |
|
the port number, as a string, for the API server Default: |
|
http or https Choices:
|
|
whether the client should verify the server cert Choices:
|
|
The UUID or name of the cluster you want to get information for. |
|
Get an existing egress rule, either by name or id Default: |
|
Get the IP allowlist and propagation status for a cluster - If true, show clusters that have been deleted or failed to initialize. Choices:
|
|
Lists all AwsEndpointConnections for a given cluster Choices:
|
|
List all egress rules associates with a cluster Choices:
|
|
Lists all PrivateEndpointServices for a given cluster Choices:
|
Examples
- name: list networking details
fabiog1901.cockroachdb.cc_networking_info:
cluster_id: 2ea5b593-8766-4e92-aef2-caba191f0cab
show_allowlist: yes
show_aws_endpoints: yes
show_private_endpoint_services: yes
show_egress_rules: yes
api_client:
api_version: '2022-09-20'
register: out
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
Returned: always |
|
Get the IP allowlist and propagation status for a cluster. Returned if show_allowlist is true Returned: always |
|
Returned: success |
|
Returned: success |
|
Returned: success |
|
Returned: success |
|
Returned: success |
|
Connections is a list of private endpoints. Returned if show_aws_endpoints is true Returned: always |
|
GCP: The Google Cloud Platform cloud provider. AWS: The Amazon Web Services cloud provider. Allowed: GCP┃AWS Returned: success |
|
endpoint_id is the client side of the PrivateLink connection. Returned: success |
|
region_name is the cloud provider region name (i.e. us-east-1). Returned: success |
|
service_id is the server side of the PrivateLink connection. This is the same as AWSPrivateLinkEndpoint.service_id. Returned: success |
|
The statuses map to the statuses returned by the AWS API. Allowed: ENDPOINT_PENDING┃ENDPOINT_PENDING_ACCEPTANCE┃ENDPOINT_AVAILABLE┃ENDPOINT_DELETING┃ENDPOINT_DELETED┃ENDPOINT_REJECTED┃ENDPOINT_FAILED┃ENDPOINT_EXPIRED Returned: success |
|
Returned if show_allowlist is true Returned: success |
|
Network egress rule. Returned if show_egress_rules is true or egress_rule is specified. Returned: always |
|
cluster_id identifies the cluster to which this egress rule applies. Returned: success |
|
created_at is the time at which the time at which the egress rule was created. Returned: success |
|
crl_managed indicates this egress rule is managed by CockroachDB Cloud services. This field is set by the server. Returned: success |
|
description is a longer that serves to document the rules purpose. Returned: success |
|
destination is the endpoint (or subnetwork if CIDR) to which traffic is allowed. Returned: success |
|
id uniquely identifies this egress rule. Returned: success |
|
name is the name of the egress rule. Returned: success |
|
paths are the allowed URL paths. Only valid if Type=”FQDN”. Returned: success |
|
ports are the allowed ports for TCP protocol. If Empty, all ports are allowed. Returned: success |
|
state indicates the state of the egress rule. Returned: success |
|
type classifies the destination field. Valid types include: “FQDN”, “CIDR”. Returned: success |
|
Services contains a list of all cluster related services. Returned if show_private_endpoint_services is true Returned: always |
|
Returned: success |
|
availability_zone_ids are the identifiers for the availability zones that the service is available in. Returned: success |
|
service_id is the server side of the PrivateLink connection. This is the same as AWSPrivateLinkEndpoint.service_id. Returned: success |
|
service_name is the AWS service name customers use to create endpoints on their end. Returned: success |
|
GCP: The Google Cloud Platform cloud provider. AWS: The Amazon Web Services cloud provider. Allowed: GCP┃AWS Returned: success |
|
region_name is the cloud provider region name (i.e. us-east-1). Returned: success |
|
Private Endpoints: - ENDPOINT_SERVICE_STATUS_DELETE_FAILED: One note is that if the service is deleted, there is no longer a record, hence there is no “DELETED” status. Allowed: ENDPOINT_SERVICE_STATUS_CREATING┃ENDPOINT_SERVICE_STATUS_AVAILABLE┃ENDPOINT_SERVICE_STATUS_CREATE_FAILED┃ENDPOINT_SERVICE_STATUS_DELETING┃ENDPOINT_SERVICE_STATUS_DELETE_FAILED}] Returned: success |
Authors
Cockroach Labs