fmgd_system_ha – Configure HA.
Added in version 1.0.0.
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v7.x.
Requirements
The below requirements are needed on the host that executes this module.
ansible-core>=2.16.0
FortiManager Version Compatibility
Supported Version Ranges: v7.2.6 -> v7.2.12, v7.4.3 -> latest
Parameters
- access_token -The token to access FortiManager without using username and password. type: str required: false
- bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
- proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
- device - The parameter in requested url type: str required: true
- system_ha - Configure HA. type: dict
- arps Number of gratuitous arps (1 - 60). type: int more...
- arps_interval (Alias name: arps-interval) Time between gratuitous arps (1 - 20 sec). type: int more...
- authentication Enable/disable heartbeat message authentication. type: str choices: [disable, enable] more...
- board_failover_tolerance (Alias name: board-failover-tolerance) Worker board failure failover threshold. type: int more...
- chassis_id (Alias name: chassis-id) Chassis id type: int more...
- cpu_threshold (Alias name: cpu-threshold) Dynamic weighted load balancing cpu usage weight and high and low thresholds. type: str more...
- encryption Enable/disable heartbeat message encryption. type: str choices: [disable, enable] more...
- evpn_ttl (Alias name: evpn-ttl) Ha evpn fdb ttl on primary box (5 - 3600 sec). type: int more...
- failover_hold_time (Alias name: failover-hold-time) Time to wait before failover (0 - 300 sec, default = 0), to avoid flip. type: int more...
- ftp_proxy_threshold (Alias name: ftp-proxy-threshold) Dynamic weighted load balancing weight and high and low number of ftp proxy sessions. type: str more...
- gratuitous_arps (Alias name: gratuitous-arps) Enable/disable gratuitous arps. type: str choices: [disable, enable] more...
- group_id (Alias name: group-id) Ha group id (0 - 1023; or 0 - 7 when there are more than 2 vclusters). type: int more...
- group_name (Alias name: group-name) Cluster group name. type: str more...
- ha_direct (Alias name: ha-direct) Enable/disable using ha-mgmt interface for syslog, remote authentication (radius), fortianalyzer, fortisandbox, sflow, and netflow. type: str choices: [disable, enable] more...
- ha_eth_type (Alias name: ha-eth-type) Ha heartbeat packet ethertype (4-digit hex). type: str more...
- ha_mgmt_interfaces (Alias name: ha-mgmt-interfaces) Ha mgmt interfaces. type: list
more...
- dst Default route destination for reserved ha management interface. type: list more...
- gateway Default route gateway for reserved ha management interface. type: str more...
- gateway6 Default ipv6 gateway for reserved ha management interface. type: str more...
- id Table id. type: int more...
- interface Interface to reserve for ha management. type: list more...
- dst6 Default ipv6 destination for reserved ha management interface. type: str more...
- ha_mgmt_status (Alias name: ha-mgmt-status) Enable to reserve interfaces to manage individual cluster units. type: str choices: [disable, enable] more...
- ha_port_dtag_mode (Alias name: ha-port-dtag-mode) Ha port double-tagging mode. type: str choices: [proprietary, double-tagging] more...
- ha_port_outer_tpid (Alias name: ha-port-outer-tpid) Set ha port outer tpid. type: str choices: [0x8100, 0x88a8, 0x9100] more...
- ha_uptime_diff_margin (Alias name: ha-uptime-diff-margin) Normally you would only reduce this value for failover testing. type: int more...
- hb_interval (Alias name: hb-interval) Time between sending heartbeat packets (1 - 20). type: int more...
- hb_interval_in_milliseconds (Alias name: hb-interval-in-milliseconds) Units of heartbeat interval time between sending heartbeat packets. type: str choices: [100ms, 10ms] more...
- hb_lost_threshold (Alias name: hb-lost-threshold) Number of lost heartbeats to signal a failure (1 - 60). type: int more...
- hbdev Heartbeat interfaces. type: str more...
- hbdev_second_vlan_id (Alias name: hbdev-second-vlan-id) Second vlan id to use for ha heartbeat (1-4094). type: int more...
- hbdev_vlan_id (Alias name: hbdev-vlan-id) Vlan id to use for ha heartbeat (1-4094). type: int more...
- hc_eth_type (Alias name: hc-eth-type) Transparent mode ha heartbeat packet ethertype (4-digit hex). type: str more...
- hello_holddown (Alias name: hello-holddown) Time to wait before changing from hello to work state (5 - 300 sec). type: int more...
- http_proxy_threshold (Alias name: http-proxy-threshold) Dynamic weighted load balancing weight and high and low number of http proxy sessions. type: str more...
- hw_session_hold_time (Alias name: hw-session-hold-time) Time to hold sessions before purging on secondary node (0 - 180 sec, default = 10). type: int more...
- hw_session_sync_delay (Alias name: hw-session-sync-delay) Time to wait before session sync starts on primary node (0 - 3600 sec, default = 150). type: int more...
- hw_session_sync_dev (Alias name: hw-session-sync-dev) Hardware session sync interface. type: list more...
- imap_proxy_threshold (Alias name: imap-proxy-threshold) Dynamic weighted load balancing weight and high and low number of imap proxy sessions. type: str more...
- ipsec_phase2_proposal (Alias name: ipsec-phase2-proposal) Ipsec phase2 proposal. type: list choices: [aes128-sha1, aes128-sha256, aes128-sha384, aes128-sha512, aes192-sha1, aes192-sha256, aes192-sha384, aes192-sha512, aes256-sha1, aes256-sha256, aes256-sha384, aes256-sha512, aes128gcm, aes256gcm, chacha20poly1305] more...
- key Key. type: list more...
- l2ep_eth_type (Alias name: l2ep-eth-type) Telnet session ha heartbeat packet ethertype (4-digit hex). type: str more...
- link_failed_signal (Alias name: link-failed-signal) Enable to shut down all interfaces for 1 sec after a failover. type: str choices: [disable, enable] more...
- load_balance_all (Alias name: load-balance-all) Enable to load balance tcp sessions. type: str choices: [disable, enable] more...
- logical_sn (Alias name: logical-sn) Enable/disable usage of the logical serial number. type: str choices: [disable, enable] more...
- memory_based_failover (Alias name: memory-based-failover) Enable/disable memory based failover. type: str choices: [disable, enable] more...
- memory_compatible_mode (Alias name: memory-compatible-mode) Enable/disable memory compatible mode. type: str choices: [disable, enable] more...
- memory_failover_flip_timeout (Alias name: memory-failover-flip-timeout) Time to wait between subsequent memory based failovers in minutes (6 - 2147483647, default = 6). type: int more...
- memory_failover_monitor_period (Alias name: memory-failover-monitor-period) Duration of high memory usage before memory based failover is triggered in seconds (1 - 300, default = 60). type: int more...
- memory_failover_sample_rate (Alias name: memory-failover-sample-rate) Rate at which memory usage is sampled in order to measure memory usage in seconds (1 - 60, default = 1). type: int more...
- memory_failover_threshold (Alias name: memory-failover-threshold) Memory usage threshold to trigger memory based failover (0 means using conserve mode threshold in system. type: int more...
- memory_threshold (Alias name: memory-threshold) Dynamic weighted load balancing memory usage weight and high and low thresholds. type: str more...
- mode Ha mode. type: str choices: [standalone, a-a, a-p, config-sync-only, active-passive] more...
- monitor Interfaces to check for port monitoring (or link failure). type: list more...
- multicast_ttl (Alias name: multicast-ttl) Ha multicast ttl on primary (5 - 3600 sec). type: int more...
- nntp_proxy_threshold (Alias name: nntp-proxy-threshold) Dynamic weighted load balancing weight and high and low number of nntp proxy sessions. type: str more...
- override Enable and increase the priority of the unit that should always be primary (master). type: str choices: [disable, enable] more...
- override_wait_time (Alias name: override-wait-time) Delay negotiating if override is enabled (0 - 3600 sec). type: int more...
- password Cluster password. type: list more...
- pingserver_failover_threshold (Alias name: pingserver-failover-threshold) Remote ip monitoring failover threshold (0 - 50). type: int more...
- pingserver_flip_timeout (Alias name: pingserver-flip-timeout) Time to wait in minutes before renegotiating after a remote ip monitoring failover. type: int more...
- pingserver_monitor_interface (Alias name: pingserver-monitor-interface) Interfaces to check for remote ip monitoring. type: list more...
- pingserver_secondary_force_reset (Alias name: pingserver-secondary-force-reset) Enable to force the cluster to negotiate after a remote ip monitoring failover. type: str choices: [disable, enable] more...
- pop3_proxy_threshold (Alias name: pop3-proxy-threshold) Dynamic weighted load balancing weight and high and low number of pop3 proxy sessions. type: str more...
- priority Increase the priority to select the primary unit (0 - 255). type: int more...
- route_hold (Alias name: route-hold) Time to wait between routing table updates to the cluster (0 - 3600 sec). type: int more...
- route_ttl (Alias name: route-ttl) Ttl for primary unit routes (5 - 3600 sec). type: int more...
- route_wait (Alias name: route-wait) Time to wait before sending new routes to the cluster (0 - 3600 sec). type: int more...
- schedule Type of a-a load balancing. type: str choices: [none, hub, leastconnection, round-robin, weight-round-robin, random, ip, ipport] more...
- session_pickup (Alias name: session-pickup) Enable/disable session pickup. type: str choices: [disable, enable] more...
- session_pickup_connectionless (Alias name: session-pickup-connectionless) Enable/disable udp and icmp session sync. type: str choices: [disable, enable] more...
- session_pickup_delay (Alias name: session-pickup-delay) Enable to sync sessions longer than 30 sec. type: str choices: [disable, enable] more...
- session_pickup_expectation (Alias name: session-pickup-expectation) Enable/disable session helper expectation session sync for fgsp. type: str choices: [disable, enable] more...
- session_pickup_nat (Alias name: session-pickup-nat) Enable/disable nat session sync for fgsp. type: str choices: [disable, enable] more...
- session_sync_dev (Alias name: session-sync-dev) Offload session-sync process to kernel and sync sessions using connected interface(s) directly. type: list more...
- smtp_proxy_threshold (Alias name: smtp-proxy-threshold) Dynamic weighted load balancing weight and high and low number of smtp proxy sessions. type: str more...
- ssd_failover (Alias name: ssd-failover) Enable/disable automatic ha failover on ssd disk failure. type: str choices: [disable, enable] more...
- standalone_config_sync (Alias name: standalone-config-sync) Enable/disable fgsp configuration synchronization. type: str choices: [disable, enable] more...
- standalone_mgmt_vdom (Alias name: standalone-mgmt-vdom) Enable/disable standalone management vdom. type: str choices: [disable, enable] more...
- sync_config (Alias name: sync-config) Enable/disable configuration synchronization. type: str choices: [disable, enable] more...
- sync_packet_balance (Alias name: sync-packet-balance) Enable/disable ha packet distribution to multiple cpus. type: str choices: [disable, enable] more...
- unicast_gateway (Alias name: unicast-gateway) Default route gateway for unicast interface. type: str more...
- unicast_hb (Alias name: unicast-hb) Enable/disable unicast heartbeat. type: str choices: [disable, enable] more...
- unicast_hb_netmask (Alias name: unicast-hb-netmask) Unicast heartbeat netmask. type: str more...
- unicast_hb_peerip (Alias name: unicast-hb-peerip) Unicast heartbeat peer ip. type: str more...
- unicast_peers (Alias name: unicast-peers) Unicast peers. type: list more...
- unicast_status (Alias name: unicast-status) Enable/disable unicast connection. type: str choices: [disable, enable] more...
- uninterruptible_primary_wait (Alias name: uninterruptible-primary-wait) Number of minutes the primary ha unit waits before the secondary ha unit is considered upgraded and the system is started before starting its own upgrade (15 - 300, default = 30). type: int more...
- upgrade_mode (Alias name: upgrade-mode) The mode to upgrade a cluster. type: str choices: [simultaneous, uninterruptible, local-only, secondary-only] more...
- vcluster Vcluster. type: list
more...
- monitor Interfaces to check for port monitoring (or link failure). type: list more...
- override Enable and increase the priority of the unit that should always be primary (master). type: str choices: [disable, enable] more...
- override_wait_time (Alias name: override-wait-time) Delay negotiating if override is enabled (0 - 3600 sec). type: int more...
- pingserver_failover_threshold (Alias name: pingserver-failover-threshold) Remote ip monitoring failover threshold (0 - 50). type: int more...
- pingserver_flip_timeout (Alias name: pingserver-flip-timeout) Time to wait in minutes before renegotiating after a remote ip monitoring failover. type: int more...
- pingserver_monitor_interface (Alias name: pingserver-monitor-interface) Interfaces to check for remote ip monitoring. type: list more...
- pingserver_secondary_force_reset (Alias name: pingserver-secondary-force-reset) Enable to force the cluster to negotiate after a remote ip monitoring failover. type: str choices: [disable, enable] more...
- priority Increase the priority to select the primary unit (0 - 255). type: int more...
- vcluster_id (Alias name: vcluster-id) Id. type: int more...
- vdom Virtual domain(s) in the virtual cluster. type: list more...
- pingserver_slave_force_reset (Alias name: pingserver-slave-force-reset) Pingserver slave force reset. type: str choices: [disable, enable] more...
- vcluster_status (Alias name: vcluster-status) Enable/disable virtual cluster for virtual clustering. type: str choices: [disable, enable] more...
- weight Weight-round-robin weight for each cluster unit. type: list more...
- pingserver_slave_force_reset (Alias name: pingserver-slave-force-reset) Enable to force the cluster to negotiate after a remote ip monitoring failover. type: str choices: [disable, enable] more...
- uninterruptible_upgrade (Alias name: uninterruptible-upgrade) Enable to upgrade a cluster without blocking network traffic. type: str choices: [disable, enable] more...
- vdom Vdoms in virtual cluster 1. type: list more...
- minimum_worker_threshold (Alias name: minimum-worker-threshold) The minimum number of operating workers to cause a content clustering chassis failover. type: int more...
- vcluster2 Enable/disable virtual cluster 2 for virtual clustering. type: str choices: [disable, enable] more...
- secondary_vcluster (Alias name: secondary-vcluster) Secondary vcluster. type: dict
more...
- monitor Interfaces to check for port monitoring (or link failure). type: list more...
- override Enable and increase the priority of the unit that should always be primary. type: str choices: [disable, enable] more...
- override_wait_time (Alias name: override-wait-time) Delay negotiating if override is enabled (0 - 3600 sec). type: int more...
- pingserver_failover_threshold (Alias name: pingserver-failover-threshold) Remote ip monitoring failover threshold (0 - 50). type: int more...
- pingserver_monitor_interface (Alias name: pingserver-monitor-interface) Interfaces to check for remote ip monitoring. type: list more...
- pingserver_secondary_force_reset (Alias name: pingserver-secondary-force-reset) Enable to force the cluster to negotiate after a remote ip monitoring failover. type: str choices: [disable, enable] more...
- priority Increase the priority to select the primary unit (0 - 255). type: int more...
- vcluster_id (Alias name: vcluster-id) Vcluster id. type: int more...
- vdom Vdoms in virtual cluster 2. type: list more...
- pingserver_slave_force_reset (Alias name: pingserver-slave-force-reset) Enable to force the cluster to negotiate after a remote ip monitoring failover. type: str choices: [disable, enable] more...
- secondary_switch_standby (Alias name: secondary-switch-standby) Enable to force content clustering subordinate unit standby mode. type: str choices: [disable, enable] more...
- vcluster_id (Alias name: vcluster-id) Vcluster id. type: int more...
- slave_switch_standby (Alias name: slave-switch-standby) Enable to force content clustering subordinate unit standby mode. type: str choices: [disable, enable] more...
- frup Enable/disable fortinet redundant utm protocol type: str choices: [disable, enable] more...
- frup_settings (Alias name: frup-settings) Frup settings. type: dict
more...
- active_interface (Alias name: active-interface) Frup active interface type: list more...
- active_switch_port (Alias name: active-switch-port) Frup active switch port list type: str choices: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84] more...
- backup_interface (Alias name: backup-interface) Frup backup interface type: list more...
- inter_cluster_session_sync (Alias name: inter-cluster-session-sync) Enable/disable synchronization of sessions among ha clusters. type: str choices: [disable, enable] more...
- auto_virtual_mac_interface (Alias name: auto-virtual-mac-interface) The physical interface that will be assigned an auto-generated virtual mac address. type: list more...
- backup_hbdev (Alias name: backup-hbdev) Backup heartbeat interfaces. type: list more...
- check_secondary_dev_health (Alias name: check-secondary-dev-health) Enable/disable secondary dev health check for session load-balance in ha a-a mode. type: str choices: [disable, enable] more...
- primary_hold_before_reboot (Alias name: primary-hold-before-reboot) Primary hold before reboot. type: int more...
- sequential_upgrade (Alias name: sequential-upgrade) Sequential upgrade. type: str choices: [disable, enable] more...
- bounce_intf_upon_failover (Alias name: bounce-intf-upon-failover) Enable/disable notification of kernel to bring down and up all monitored interfaces. type: str choices: [disable, enable] more...
Notes
Note
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
gather_facts: false
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure HA.
fortinet.fmgdevice.fmgd_system_ha:
# bypass_validation: false
# workspace_locking_adom: <global or your adom name>
# workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
device: <your own value>
system_ha:
# arps: <integer>
# arps_interval: <integer>
# authentication: <value in [disable, enable]>
# board_failover_tolerance: <integer>
# chassis_id: <integer>
# cpu_threshold: <string>
# encryption: <value in [disable, enable]>
# evpn_ttl: <integer>
# failover_hold_time: <integer>
# ftp_proxy_threshold: <string>
# gratuitous_arps: <value in [disable, enable]>
# group_id: <integer>
# group_name: <string>
# ha_direct: <value in [disable, enable]>
# ha_eth_type: <string>
# ha_mgmt_interfaces:
# - dst: <list or string>
# gateway: <string>
# gateway6: <string>
# id: <integer>
# interface: <list or string>
# dst6: <string>
# ha_mgmt_status: <value in [disable, enable]>
# ha_port_dtag_mode: <value in [proprietary, double-tagging]>
# ha_port_outer_tpid: <value in [0x8100, 0x88a8, 0x9100]>
# ha_uptime_diff_margin: <integer>
# hb_interval: <integer>
# hb_interval_in_milliseconds: <value in [100ms, 10ms]>
# hb_lost_threshold: <integer>
# hbdev: <string>
# hbdev_second_vlan_id: <integer>
# hbdev_vlan_id: <integer>
# hc_eth_type: <string>
# hello_holddown: <integer>
# http_proxy_threshold: <string>
# hw_session_hold_time: <integer>
# hw_session_sync_delay: <integer>
# hw_session_sync_dev: <list or string>
# imap_proxy_threshold: <string>
# ipsec_phase2_proposal:
# - "aes128-sha1"
# - "aes128-sha256"
# - "aes128-sha384"
# - "aes128-sha512"
# - "aes192-sha1"
# - "aes192-sha256"
# - "aes192-sha384"
# - "aes192-sha512"
# - "aes256-sha1"
# - "aes256-sha256"
# - "aes256-sha384"
# - "aes256-sha512"
# - "aes128gcm"
# - "aes256gcm"
# - "chacha20poly1305"
# key: <list or string>
# l2ep_eth_type: <string>
# link_failed_signal: <value in [disable, enable]>
# load_balance_all: <value in [disable, enable]>
# logical_sn: <value in [disable, enable]>
# memory_based_failover: <value in [disable, enable]>
# memory_compatible_mode: <value in [disable, enable]>
# memory_failover_flip_timeout: <integer>
# memory_failover_monitor_period: <integer>
# memory_failover_sample_rate: <integer>
# memory_failover_threshold: <integer>
# memory_threshold: <string>
# mode: <value in [standalone, a-a, a-p, ...]>
# monitor: <list or string>
# multicast_ttl: <integer>
# nntp_proxy_threshold: <string>
# override: <value in [disable, enable]>
# override_wait_time: <integer>
# password: <list or string>
# pingserver_failover_threshold: <integer>
# pingserver_flip_timeout: <integer>
# pingserver_monitor_interface: <list or string>
# pingserver_secondary_force_reset: <value in [disable, enable]>
# pop3_proxy_threshold: <string>
# priority: <integer>
# route_hold: <integer>
# route_ttl: <integer>
# route_wait: <integer>
# schedule: <value in [none, hub, leastconnection, ...]>
# session_pickup: <value in [disable, enable]>
# session_pickup_connectionless: <value in [disable, enable]>
# session_pickup_delay: <value in [disable, enable]>
# session_pickup_expectation: <value in [disable, enable]>
# session_pickup_nat: <value in [disable, enable]>
# session_sync_dev: <list or string>
# smtp_proxy_threshold: <string>
# ssd_failover: <value in [disable, enable]>
# standalone_config_sync: <value in [disable, enable]>
# standalone_mgmt_vdom: <value in [disable, enable]>
# sync_config: <value in [disable, enable]>
# sync_packet_balance: <value in [disable, enable]>
# unicast_gateway: <string>
# unicast_hb: <value in [disable, enable]>
# unicast_hb_netmask: <string>
# unicast_hb_peerip: <string>
# unicast_peers:
# - id: <integer>
# peer_ip: <string>
# unicast_status: <value in [disable, enable]>
# uninterruptible_primary_wait: <integer>
# upgrade_mode: <value in [simultaneous, uninterruptible, local-only, ...]>
# vcluster:
# - monitor: <list or string>
# override: <value in [disable, enable]>
# override_wait_time: <integer>
# pingserver_failover_threshold: <integer>
# pingserver_flip_timeout: <integer>
# pingserver_monitor_interface: <list or string>
# pingserver_secondary_force_reset: <value in [disable, enable]>
# priority: <integer>
# vcluster_id: <integer>
# vdom: <list or string>
# pingserver_slave_force_reset: <value in [disable, enable]>
# vcluster_status: <value in [disable, enable]>
# weight: <list or string>
# pingserver_slave_force_reset: <value in [disable, enable]>
# uninterruptible_upgrade: <value in [disable, enable]>
# vdom: <list or string>
# minimum_worker_threshold: <integer>
# vcluster2: <value in [disable, enable]>
# secondary_vcluster:
# monitor: <list or string>
# override: <value in [disable, enable]>
# override_wait_time: <integer>
# pingserver_failover_threshold: <integer>
# pingserver_monitor_interface: <list or string>
# pingserver_secondary_force_reset: <value in [disable, enable]>
# priority: <integer>
# vcluster_id: <integer>
# vdom: <list or string>
# pingserver_slave_force_reset: <value in [disable, enable]>
# secondary_switch_standby: <value in [disable, enable]>
# vcluster_id: <integer>
# slave_switch_standby: <value in [disable, enable]>
# frup: <value in [disable, enable]>
# frup_settings:
# active_interface: <list or string>
# active_switch_port: <value in [1, 2, 3, ...]>
# backup_interface: <list or string>
# inter_cluster_session_sync: <value in [disable, enable]>
# auto_virtual_mac_interface: <list or string>
# backup_hbdev: <list or string>
# check_secondary_dev_health: <value in [disable, enable]>
# primary_hold_before_reboot: <integer>
# sequential_upgrade: <value in [disable, enable]>
# bounce_intf_upon_failover: <value in [disable, enable]>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta - The result of the request.returned: always type: dict
- request_url - The full url requested. returned: always type: str sample: /sys/login/user
- response_code - The status of api request. returned: always type: int sample: 0
- response_data - The data body of the api response. returned: optional type: list or dict
- response_message - The descriptive message of the api response. returned: always type: str sample: OK
- system_information - The information of the target system. returned: always type: dict
- rc - The status the request. returned: always type: int sample: 0
- version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status
This module is not guaranteed to have a backwards compatible interface.