avi_serviceenginegroup - Module for setup of ServiceEngineGroup Avi RESTful Object¶

New in version 2.4.

Synopsis
- Requirements
Parameters
Notes
Examples
Return Values
Status
Maintenance
- Author

Synopsis ¶

This module is used to configure ServiceEngineGroup object
more examples at https://github.com/avinetworks/devops

Requirements ¶

The below requirements are needed on the host that executes this module.

avisdk

Parameters ¶

Parameter	Choices/Defaults	Comments
active_standby bool	Choices: no yes	Service engines in active/standby mode for ha failover. Default value when not specified in API or module is interpreted by Avi Controller as False.
advertise_backend_networks bool	Choices: no yes	Advertise reach-ability of backend server networks via adc through bgp for default gateway feature. Default value when not specified in API or module is interpreted by Avi Controller as False.
aggressive_failure_detection bool	Choices: no yes	Enable aggressive failover configuration for ha. Default value when not specified in API or module is interpreted by Avi Controller as False.
algo		In compact placement, virtual services are placed on existing ses until max_vs_per_se limit is reached. Enum options - PLACEMENT_ALGO_PACKED, PLACEMENT_ALGO_DISTRIBUTED. Default value when not specified in API or module is interpreted by Avi Controller as PLACEMENT_ALGO_PACKED.
allow_burst bool (added in 2.5)	Choices: no yes	Allow ses to be created using burst license. Field introduced in 17.2.5.
api_context (added in 2.5)		Avi API context that includes current session ID and CSRF Token. This allows user to perform single login and re-use the session.
api_version	Default: 16.4.4	Avi API version of to use for Avi API and objects.
archive_shm_limit		Amount of se memory in gb until which shared memory is collected in core archive. Field introduced in 17.1.3. Default value when not specified in API or module is interpreted by Avi Controller as 8. Units(GB).
async_ssl bool (added in 2.4)	Choices: no yes	Ssl handshakes will be handled by dedicated ssl threads. Default value when not specified in API or module is interpreted by Avi Controller as False.
async_ssl_threads (added in 2.4)		Number of async ssl threads per se_dp. Allowed values are 1-16. Default value when not specified in API or module is interpreted by Avi Controller as 1.
auto_rebalance bool	Choices: no yes	If set, virtual services will be automatically migrated when load on an se is less than minimum or more than maximum thresholds. Only alerts are generated when the auto_rebalance is not set. Default value when not specified in API or module is interpreted by Avi Controller as False.
auto_rebalance_capacity_per_se (added in 2.5)		Capacities of se for auto rebalance for each criteria. Field introduced in 17.2.4.
auto_rebalance_criteria (added in 2.5)		Set of criteria for se auto rebalance. Enum options - SE_AUTO_REBALANCE_CPU, SE_AUTO_REBALANCE_PPS, SE_AUTO_REBALANCE_MBPS, SE_AUTO_REBALANCE_OPEN_CONNS, SE_AUTO_REBALANCE_CPS. Field introduced in 17.2.3.
auto_rebalance_interval		Frequency of rebalance, if 'auto rebalance' is enabled. Default value when not specified in API or module is interpreted by Avi Controller as 300. Units(SEC).
auto_redistribute_active_standby_load bool	Choices: no yes	Redistribution of virtual services from the takeover se to the replacement se can cause momentary traffic loss. If the auto-redistribute load option is left in its default off state, any desired rebalancing requires calls to rest api. Default value when not specified in API or module is interpreted by Avi Controller as False.
avi_api_patch_op (added in 2.5)	Choices: add replace delete	Patch operation to use when using avi_api_update_method as patch.
avi_api_update_method (added in 2.5)	Choices: put ← patch	Default method for object update is HTTP PUT. Setting to patch will override that behavior to use HTTP PATCH.
avi_credentials (added in 2.5)		Avi Credentials dictionary which can be used in lieu of enumerating Avi Controller login details.
buffer_se		Excess service engine capacity provisioned for ha failover. Default value when not specified in API or module is interpreted by Avi Controller as 1.
cloud_ref		It is a reference to an object of type cloud.
connection_memory_percentage		Percentage of memory for connection state. This will come at the expense of memory used for http in-memory cache. Allowed values are 10-90. Default value when not specified in API or module is interpreted by Avi Controller as 50. Units(PERCENT).
controller	Default:	IP address or hostname of the controller. The default value is the environment variable `AVI_CONTROLLER`.
cpu_reserve bool	Choices: no yes	Boolean flag to set cpu_reserve. Default value when not specified in API or module is interpreted by Avi Controller as False.
cpu_socket_affinity bool	Choices: no yes	Allocate all the cpu cores for the service engine virtual machines on the same cpu socket. Applicable only for vcenter cloud. Default value when not specified in API or module is interpreted by Avi Controller as False.
custom_securitygroups_data		Custom security groups to be associated with data vnics for se instances in openstack and aws clouds. Field introduced in 17.1.3.
custom_securitygroups_mgmt		Custom security groups to be associated with management vnic for se instances in openstack and aws clouds. Field introduced in 17.1.3.
custom_tag		Custom tag will be used to create the tags for se instance in aws. Note this is not the same as the prefix for se name.
dedicated_dispatcher_core bool	Choices: no yes	Dedicate the core that handles packet receive/transmit from the network to just the dispatching function. Don't use it for tcp/ip and ssl functions. Default value when not specified in API or module is interpreted by Avi Controller as False.
description		User defined description for the object.
disable_csum_offloads bool (added in 2.5)	Choices: no yes	Stop using tcp/udp and ip checksum offload features of nics. Field introduced in 17.1.14, 17.2.5. Default value when not specified in API or module is interpreted by Avi Controller as False.
disable_gro bool (added in 2.5)	Choices: no yes	Disable generic receive offload (gro) in dpdk poll-mode driver packet receive path. Gro is on by default on nics that do not support lro (large receive offload) or do not gain performance boost from lro. Field introduced in 17.2.5. Default value when not specified in API or module is interpreted by Avi Controller as True.
disable_tso bool (added in 2.5)	Choices: no yes	Disable tcp segmentation offload (tso) in dpdk poll-mode driver packet transmit path. Tso is on by default on nics that support it. Field introduced in 17.2.5. Default value when not specified in API or module is interpreted by Avi Controller as True.
disk_per_se		Amount of disk space for each of the service engine virtual machines. Default value when not specified in API or module is interpreted by Avi Controller as 10. Units(GB).
distribute_load_active_standby bool	Choices: no yes	Use both the active and standby service engines for virtual service placement in the legacy active standby ha mode. Default value when not specified in API or module is interpreted by Avi Controller as False.
enable_hsm_priming bool (added in 2.6)	Choices: no yes	(this is a beta feature). Enable hsm key priming. If enabled, key handles on the hsm will be synced to se before processing client connections. Field introduced in 17.2.7. Default value when not specified in API or module is interpreted by Avi Controller as False.
enable_routing bool	Choices: no yes	Enable routing for this serviceenginegroup . Default value when not specified in API or module is interpreted by Avi Controller as False.
enable_vip_on_all_interfaces bool	Choices: no yes	Enable vip on all interfaces of se. Field introduced in 17.1.1. Default value when not specified in API or module is interpreted by Avi Controller as True.
enable_vmac bool	Choices: no yes	Use virtual mac address for interfaces on which floating interface ips are placed. Default value when not specified in API or module is interpreted by Avi Controller as False.
extra_config_multiplier		Multiplier for extra config to support large vs/pool config. Default value when not specified in API or module is interpreted by Avi Controller as 0.0.
extra_shared_config_memory		Extra config memory to support large geo db configuration. Field introduced in 17.1.1. Default value when not specified in API or module is interpreted by Avi Controller as 0. Units(MB).
floating_intf_ip		If serviceenginegroup is configured for legacy 1+1 active standby ha mode, floating ip's will be advertised only by the active se in the pair. Virtual services in this group must be disabled/enabled for any changes to the floating ip's to take effect. Only active se hosting vs tagged with active standby se 1 tag will advertise this floating ip when manual load distribution is enabled.
floating_intf_ip_se_2		If serviceenginegroup is configured for legacy 1+1 active standby ha mode, floating ip's will be advertised only by the active se in the pair. Virtual services in this group must be disabled/enabled for any changes to the floating ip's to take effect. Only active se hosting vs tagged with active standby se 2 tag will advertise this floating ip when manual load distribution is enabled.
flow_table_new_syn_max_entries (added in 2.5)		Maximum number of flow table entries that have not completed tcp three-way handshake yet. Field introduced in 17.2.5. Default value when not specified in API or module is interpreted by Avi Controller as 0.
ha_mode		High availability mode for all the virtual services using this service engine group. Enum options - HA_MODE_SHARED_PAIR, HA_MODE_SHARED, HA_MODE_LEGACY_ACTIVE_STANDBY. Default value when not specified in API or module is interpreted by Avi Controller as HA_MODE_SHARED.
hardwaresecuritymodulegroup_ref		It is a reference to an object of type hardwaresecuritymodulegroup.
hm_on_standby bool	Choices: no yes	Enable active health monitoring from the standby se for all placed virtual services. Default value when not specified in API or module is interpreted by Avi Controller as True.
host_attribute_key		Key of a (key, value) pair identifying a label for a set of nodes usually in container clouds. Needs to be specified together with host_attribute_value. Ses can be configured differently including ha modes across different se groups. May also be used for isolation between different classes of virtualservices. Virtualservices' se group may be specified via annotations/labels. A openshift/kubernetes namespace maybe annotated with a matching se group label as openshift.io/node-selector apptype=prod. When multiple se groups are used in a cloud with host attributes specified,just a single se group can exist as a match-all se group without a host_attribute_key.
host_attribute_value		Value of a (key, value) pair identifying a label for a set of nodes usually in container clouds. Needs to be specified together with host_attribute_key.
host_gateway_monitor bool (added in 2.5)	Choices: no yes	Enable the host gateway monitor when service engine is deployed as docker container. Disabled by default. Field introduced in 17.2.4. Default value when not specified in API or module is interpreted by Avi Controller as False.
hypervisor		Override default hypervisor. Enum options - DEFAULT, VMWARE_ESX, KVM, VMWARE_VSAN, XEN.
ignore_rtt_threshold (added in 2.5)		Ignore rtt samples if it is above threshold. Field introduced in 17.1.6,17.2.2. Default value when not specified in API or module is interpreted by Avi Controller as 5000. Units(MILLISECONDS).
ingress_access_data (added in 2.5)		Program se security group ingress rules to allow vip data access from remote cidr type. Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC. Field introduced in 17.1.5. Default value when not specified in API or module is interpreted by Avi Controller as SG_INGRESS_ACCESS_ALL.
ingress_access_mgmt (added in 2.5)		Program se security group ingress rules to allow ssh/icmp management access from remote cidr type. Enum options - SG_INGRESS_ACCESS_NONE, SG_INGRESS_ACCESS_ALL, SG_INGRESS_ACCESS_VPC. Field introduced in 17.1.5. Default value when not specified in API or module is interpreted by Avi Controller as SG_INGRESS_ACCESS_ALL.
instance_flavor		Instance/flavor type for se instance.
iptables		Iptable rules.
least_load_core_selection bool	Choices: no yes	Select core with least load for new flow. Default value when not specified in API or module is interpreted by Avi Controller as True.
license_tier (added in 2.5)		Specifies the license tier which would be used. This field by default inherits the value from cloud. Enum options - ENTERPRISE_16, ENTERPRISE_18. Field introduced in 17.2.5.
license_type (added in 2.5)		If no license type is specified then default license enforcement for the cloud type is chosen. Enum options - LIC_BACKEND_SERVERS, LIC_SOCKETS, LIC_CORES, LIC_HOSTS, LIC_SE_BANDWIDTH. Field introduced in 17.2.5.
log_disksz		Maximum disk capacity (in mb) to be allocated to an se. This is exclusively used for debug and log data. Default value when not specified in API or module is interpreted by Avi Controller as 10000. Units(MB).
max_cpu_usage		When cpu usage on an se exceeds this threshold, virtual services hosted on this se may be rebalanced to other ses to reduce load. A new se may be created as part of this process. Allowed values are 40-90. Default value when not specified in API or module is interpreted by Avi Controller as 80. Units(PERCENT).
max_scaleout_per_vs		Maximum number of active service engines for the virtual service. Allowed values are 1-64. Default value when not specified in API or module is interpreted by Avi Controller as 4.
max_se		Maximum number of services engines in this group. Allowed values are 0-1000. Default value when not specified in API or module is interpreted by Avi Controller as 10.
max_vs_per_se		Maximum number of virtual services that can be placed on a single service engine. East west virtual services are excluded from this limit. Allowed values are 1-1000. Default value when not specified in API or module is interpreted by Avi Controller as 10.
mem_reserve bool	Choices: no yes	Boolean flag to set mem_reserve. Default value when not specified in API or module is interpreted by Avi Controller as True.
memory_per_se		Amount of memory for each of the service engine virtual machines. Default value when not specified in API or module is interpreted by Avi Controller as 2048.
mgmt_network_ref		Management network to use for avi service engines. It is a reference to an object of type network.
mgmt_subnet		Management subnet to use for avi service engines.
min_cpu_usage		When cpu usage on an se falls below the minimum threshold, virtual services hosted on the se may be consolidated onto other underutilized ses. After consolidation, unused service engines may then be eligible for deletion. Allowed values are 20-60. Default value when not specified in API or module is interpreted by Avi Controller as 30. Units(PERCENT).
min_scaleout_per_vs		Minimum number of active service engines for the virtual service. Allowed values are 1-64. Default value when not specified in API or module is interpreted by Avi Controller as 1.
name required		Name of the object.
non_significant_log_throttle		This setting limits the number of non-significant logs generated per second per core on this se. Default is 100 logs per second. Set it to zero (0) to disable throttling. Field introduced in 17.1.3. Default value when not specified in API or module is interpreted by Avi Controller as 100. Units(PER_SECOND).
num_flow_cores_sum_changes_to_ignore		Number of changes in num flow cores sum to ignore. Default value when not specified in API or module is interpreted by Avi Controller as 8.
openstack_availability_zone		Field deprecated in 17.1.1.
openstack_availability_zones		Field introduced in 17.1.1.
openstack_mgmt_network_name		Avi management network name.
openstack_mgmt_network_uuid		Management network uuid.
os_reserved_memory		Amount of extra memory to be reserved for use by the operating system on a service engine. Default value when not specified in API or module is interpreted by Avi Controller as 0.
password	Default:	Password of Avi user in Avi controller. The default value is the environment variable `AVI_PASSWORD`.
per_app bool	Choices: no yes	Per-app se mode is designed for deploying dedicated load balancers per app (vs). In this mode, each se is limited to a max of 2 vss. Vcpus in per-app ses count towards licensing usage at 25% rate. Default value when not specified in API or module is interpreted by Avi Controller as False.
placement_mode		If placement mode is 'auto', virtual services are automatically placed on service engines. Enum options - PLACEMENT_MODE_AUTO. Default value when not specified in API or module is interpreted by Avi Controller as PLACEMENT_MODE_AUTO.
realtime_se_metrics		Enable or disable real time se metrics.
se_bandwidth_type (added in 2.5)		Select the se bandwidth for the bandwidth license. Enum options - SE_BANDWIDTH_UNLIMITED, SE_BANDWIDTH_25M, SE_BANDWIDTH_200M, SE_BANDWIDTH_1000M, SE_BANDWIDTH_10000M. Field introduced in 17.2.5.
se_deprovision_delay		Duration to preserve unused service engine virtual machines before deleting them. If traffic to a virtual service were to spike up abruptly, this se would still be available to be utilized again rather than creating a new se. If this value is set to 0, controller will never delete any ses and administrator has to manually cleanup unused ses. Allowed values are 0-525600. Default value when not specified in API or module is interpreted by Avi Controller as 120. Units(MIN).
se_dos_profile		Dosthresholdprofile settings for serviceenginegroup.
se_ipc_udp_port (added in 2.4)		Udp port for se_dp ipc in docker bridge mode. Field introduced in 17.1.2. Default value when not specified in API or module is interpreted by Avi Controller as 1500.
se_name_prefix		Prefix to use for virtual machine name of service engines. Default value when not specified in API or module is interpreted by Avi Controller as Avi.
se_probe_port (added in 2.5)		Tcp port on se where echo service will be run. Field introduced in 17.2.2. Default value when not specified in API or module is interpreted by Avi Controller as 7.
se_remote_punt_udp_port (added in 2.4)		Udp port for punted packets in docker bridge mode. Field introduced in 17.1.2. Default value when not specified in API or module is interpreted by Avi Controller as 1501.
se_sb_dedicated_core bool (added in 2.5)	Choices: no yes	Sideband traffic will be handled by a dedicated core. Field introduced in 16.5.2, 17.1.9, 17.2.3. Default value when not specified in API or module is interpreted by Avi Controller as False.
se_sb_threads (added in 2.5)		Number of sideband threads per se. Allowed values are 1-128. Field introduced in 16.5.2, 17.1.9, 17.2.3. Default value when not specified in API or module is interpreted by Avi Controller as 1.
se_thread_multiplier		Multiplier for se threads based on vcpu. Allowed values are 1-10. Default value when not specified in API or module is interpreted by Avi Controller as 1.
se_tunnel_mode		Determines if dsr from secondary se is active or not 0 automatically determine based on hypervisor type. 1 disable dsr unconditionally. ~[0,1] enable dsr unconditionally. Field introduced in 17.1.1. Default value when not specified in API or module is interpreted by Avi Controller as 0.
se_tunnel_udp_port		Udp port for tunneled packets from secondary to primary se in docker bridge mode. Field introduced in 17.1.3. Default value when not specified in API or module is interpreted by Avi Controller as 1550.
se_udp_encap_ipc (added in 2.4)		Determines if se-se ipc messages are encapsulated in an udp header 0 automatically determine based on hypervisor type. 1 use udp encap unconditionally. ~[0,1] don't use udp encap. Field introduced in 17.1.2. Default value when not specified in API or module is interpreted by Avi Controller as 0.
se_vs_hb_max_pkts_in_batch		Maximum number of aggregated vs heartbeat packets to send in a batch. Allowed values are 1-256. Field introduced in 17.1.1. Default value when not specified in API or module is interpreted by Avi Controller as 8.
se_vs_hb_max_vs_in_pkt		Maximum number of virtualservices for which heartbeat messages are aggregated in one packet. Allowed values are 1-1024. Field introduced in 17.1.1. Default value when not specified in API or module is interpreted by Avi Controller as 256.
service_ip_subnets		Subnets assigned to the se group. Required for vs group placement. Field introduced in 17.1.1.
significant_log_throttle		This setting limits the number of significant logs generated per second per core on this se. Default is 100 logs per second. Set it to zero (0) to disable throttling. Field introduced in 17.1.3. Default value when not specified in API or module is interpreted by Avi Controller as 100. Units(PER_SECOND).
state	Choices: absent present ←	The state that should be applied on the entity.
tenant	Default: admin	Name of tenant used for all Avi API calls and context of object.
tenant_ref		It is a reference to an object of type tenant.
tenant_uuid	Default:	UUID of tenant used for all Avi API calls and context of object.
udf_log_throttle		This setting limits the number of udf logs generated per second per core on this se. Udf logs are generated due to the configured client log filters or the rules with logging enabled. Default is 100 logs per second. Set it to zero (0) to disable throttling. Field introduced in 17.1.3. Default value when not specified in API or module is interpreted by Avi Controller as 100. Units(PER_SECOND).
url		Avi controller URL of the object.
username	Default:	Username used for accessing Avi controller. The default value is the environment variable `AVI_USERNAME`.
uuid		Unique object identifier of the object.
vcenter_clusters		Vcenterclusters settings for serviceenginegroup.
vcenter_datastore_mode		Enum options - vcenter_datastore_any, vcenter_datastore_local, vcenter_datastore_shared. Default value when not specified in API or module is interpreted by Avi Controller as VCENTER_DATASTORE_ANY.
vcenter_datastores		List of vcenterdatastore.
vcenter_datastores_include bool	Choices: no yes	Boolean flag to set vcenter_datastores_include. Default value when not specified in API or module is interpreted by Avi Controller as False.
vcenter_folder		Folder to place all the service engine virtual machines in vcenter. Default value when not specified in API or module is interpreted by Avi Controller as AviSeFolder.
vcenter_hosts		Vcenterhosts settings for serviceenginegroup.
vcpus_per_se		Number of vcpus for each of the service engine virtual machines. Default value when not specified in API or module is interpreted by Avi Controller as 1.
vs_host_redundancy bool	Choices: no yes	Ensure primary and secondary service engines are deployed on different physical hosts. Default value when not specified in API or module is interpreted by Avi Controller as True.
vs_scalein_timeout		Time to wait for the scaled in se to drain existing flows before marking the scalein done. Default value when not specified in API or module is interpreted by Avi Controller as 30. Units(SEC).
vs_scalein_timeout_for_upgrade		During se upgrade, time to wait for the scaled-in se to drain existing flows before marking the scalein done. Default value when not specified in API or module is interpreted by Avi Controller as 30. Units(SEC).
vs_scaleout_timeout		Time to wait for the scaled out se to become ready before marking the scaleout done. Default value when not specified in API or module is interpreted by Avi Controller as 30. Units(SEC).
vss_placement (added in 2.5)		If set, virtual services will be placed on only a subset of the cores of an se. Field introduced in 17.2.5.
waf_mempool bool (added in 2.5)	Choices: no yes	Enable memory pool for waf. Field introduced in 17.2.3. Default value when not specified in API or module is interpreted by Avi Controller as True.
waf_mempool_size (added in 2.5)		Memory pool size used for waf. Field introduced in 17.2.3. Default value when not specified in API or module is interpreted by Avi Controller as 64. Units(KB).

Notes ¶

Note

For more information on using Ansible to manage Avi Network devices see https://www.ansible.com/ansible-avi-networks.

Examples ¶

- name: Example to create ServiceEngineGroup object
  avi_serviceenginegroup:
    controller: 10.10.25.42
    username: admin
    password: something
    state: present
    name: sample_serviceenginegroup

Return Values ¶

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
obj dict	success, changed	ServiceEngineGroup (api/serviceenginegroup) object

Status ¶

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance ¶

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author ¶

Gaurav Rastogi (grastogi@avinetworks.com)

Hint

If you notice any issues in this documentation you can edit this document to improve it.