无法使用Ansible在ELB上添加SSL证书

时间:2014-06-12 03:44:50

标签: ssl amazon-web-services ansible ansible-playbook

我尝试创建弹性负载均衡器并使用现有的SSL证书来保护它,如下所示 - 

---
  - name: Setting up Elastic Load Balancer
    hosts: local
    connection: local
    gather_facts: False
    vars_files:
      - vars/global_vars.yml
    tasks:
      - local_action:
          name: "TestLoadbalancer" 
          module: ec2_elb_lb
          state: present
          region: 'us-east-1'
          zones:
            - us-east-1c
          listeners:
            - protocol: http
              load_balancer_port: 80
              instance_port: 80
          listeners:
            - protocol: ssl
              load_balancer_port: 443 
              instance_protocol: tcp
              instance_port: 7286
              ssl_certificate_id: "arn:aws:iam::xxxxxx:server-certificate/LB_cert"

      - local_action:
          name: "TestLoadbalancer" 
          module: ec2_elb_lb
          state: present
          region: 'us-east-1'
          zones:
            - us-east-1c
          listeners:
            - protocol: http
              load_balancer_port: 80
              instance_port: 80
          health_check:
              ping_protocol: http
              ping_port: 80
              ping_path: "/"
              response_timeout: 5
              interval: 30
              unhealthy_threshold: 2
              healthy_threshold: 10

但它没有添加监听器:SSL - TCP

添加了另一个侦听器,并在控制台中可见:HTTP / 80

为什么缺少SSL?我错过了所有必需的参数吗?

1 个答案:

答案 0 :(得分:1)

您正在添加名为“listeners”的多个键:

listeners:
  - protocol: http
    ...
listeners:
  - protocol: ssl
    ...

但是看一下文档中的例子应该是:

listeners:
  - protocol: http
    ...
  - protocol: ssl
    ...
相关问题
最新问题